diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-15 14:27:25 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-15 14:27:25 +0000 |
commit | 5863163732ed5ba89d1aa6536e733d01f4187fce (patch) | |
tree | 35b3c4180c0eb65b5795f576e126e7818ab9c7bc /CHANGES | |
parent | 83cb7c46353b849b9511f1328a06a1ef33baf5c8 (diff) |
Additional compatibility fix for MDC2 signature format.
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -274,6 +274,10 @@ the correct format in RSA_verify so both forms transparently work. [Steve Henson] + *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET + STRING form instead of a DigestInfo. + [Steve Henson] + *) Some servers which support TLS 1.0 can choke if we initially indicate support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA encrypted premaster secret. As a workaround use the maximum pemitted |