Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-10 | Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). | Ben Laurie | |
(cherry picked from commit c1d1b0114e9d370c30649e46182393dbfc00e20c) | |||
2014-05-29 | Set version number correctly. | Dr. Stephen Henson | |
PR#3249 (cherry picked from commit 8909bf20269035d295743fca559207ef2eb84eb3) | |||
2014-05-09 | Return an error if no recipient type matches. | Dr. Stephen Henson | |
If the key type does not match any CMS recipient type return an error instead of using a random key (MMA mitigation). This does not leak any useful information to an attacker. PR#3348 (cherry picked from commit bd43b4cf778a53ffa5d77510ecd408a009dc00d2) | |||
2014-05-06 | Set Enveloped data version to 2 if ktri version not zero. | Dr. Stephen Henson | |
(cherry picked from commit 546b1b438468e629eea4e836190b1bb056e39286) | |||
2014-02-15 | Remove duplicate statement. | Dr. Stephen Henson | |
(cherry picked from commit 5a7652c3e585e970e5b778074c92e617e48fde38) | |||
2013-12-01 | make update | Dr. Stephen Henson | |
2013-11-09 | Add CMS_SignerInfo_get0_signature function. | Dr. Stephen Henson | |
Add function to retrieve the signature from a CMS_SignerInfo structure: applications can then read or modify it. (cherry picked from commit e8df6cec4c09b9a94c4c07abcf0402d31ec82cc1) | |||
2013-10-01 | Add KDF for DH. | Dr. Stephen Henson | |
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the same structure is used by DH and ECDH. Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers without the need to use ASN1. (cherry picked from commit dc1ce3bc64845d16314af1f11acf5384e4ae9b34) | |||
2013-10-01 | CMS support for key agreeement recipient info. | Dr. Stephen Henson | |
Add hooks to support key agreement recipient info type (KARI) using algorithm specific code in the relevant public key ASN1 method. (cherry picked from commit 17c2764d2e6fc5a010ad3c12662068689ed2ad17) | |||
2013-10-01 | Set CMS EnvelopedData version correctly. | Dr. Stephen Henson | |
(cherry picked from commit ff7b6ce9db329eb48775bb81e0ecbbd2a9b23c1c) | |||
2013-10-01 | Initialise CMS signature buffer length properly. | Dr. Stephen Henson | |
(cherry picked from commit e0f7cfda68881da6829ea39430e1a5c28ed05ece) | |||
2013-10-01 | CMS public key parameter support. | Dr. Stephen Henson | |
Add support for customisation of CMS handling of signed and enveloped data from custom public key parameters. This will provide support for RSA-PSS and RSA-OAEP but could also be applied to other algorithms. (cherry picked from commit e365352d6a6368039392fed14a328f8c0bf955c3) | |||
2013-02-26 | Add function CMS_RecipientInfo_encrypt | Dr. Stephen Henson | |
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content encryption key to match the key in the RecipientInfo structure: this is useful if a new recpient is added to and existing enveloped data structure. Add documentation. (cherry picked from commit e1f1d28f34cc5cfc87772e0d8331e00137a4a213) | |||
2013-01-23 | Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set | Dr. Stephen Henson | |
2012-06-03 | Reduce version skew: trivia (I hope). | Ben Laurie | |
2012-05-10 | Reported by: Solar Designer of Openwall | Dr. Stephen Henson | |
Make sure tkeylen is initialised properly when encrypting CMS messages. | |||
2012-03-12 | Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and | Dr. Stephen Henson | |
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884) | |||
2011-10-19 | "make update" | Bodo Möller | |
2011-10-10 | Backport ossl_ssize_t type from HEAD. | Dr. Stephen Henson | |
2011-10-09 | Backport of password based CMS support from HEAD. | Dr. Stephen Henson | |
2011-09-16 | make depend | Dr. Stephen Henson | |
2011-09-16 | Improved error checking for DRBG calls. | Dr. Stephen Henson | |
New functionality to allow default DRBG type to be set during compilation or during runtime. | |||
2011-06-03 | Backport libcrypto audit: check return values of EVP functions instead | Dr. Stephen Henson | |
of assuming they will always suceed. | |||
2010-06-01 | Fix CVE-2010-1633 and CVE-2010-0742. | Dr. Stephen Henson | |
2010-02-02 | tolerate broken CMS/PKCS7 implementations using signature OID instead of digest | Dr. Stephen Henson | |
2009-09-30 | PR: 2058 | Dr. Stephen Henson | |
Submitted by: Julia Lawall <julia@diku.dk> Approved by: steve@openssl.org Correct EVP_DigestVerifyFinal error handling. | |||
2009-09-13 | Submitted by: Julia Lawall <julia@diku.dk> | Dr. Stephen Henson | |
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly. | |||
2009-03-25 | Update from stable branch. | Dr. Stephen Henson | |
2009-03-15 | Use correct ctx name. | Dr. Stephen Henson | |
2009-03-15 | Fix from stable branch. | Dr. Stephen Henson | |
2008-11-21 | Set memory BIOs up properly when stripping text headers from S/MIME messages. | Dr. Stephen Henson | |
2008-08-05 | Correctly handle errors in CMS I/O code. | Dr. Stephen Henson | |
2008-05-02 | New function CMS_add1_crl(). | Dr. Stephen Henson | |
2008-04-18 | Make certs argument work in CMS_sign() add test case. | Dr. Stephen Henson | |
PR:1664 | |||
2008-04-11 | Fix prototype for CMS_decrypt(), don't free up detached content. | Dr. Stephen Henson | |
2008-04-11 | Revert argument swap change... oops CMS_uncompress() was consistent... | Dr. Stephen Henson | |
2008-04-11 | Make CMS_uncompress() argument order consistent with other functions. | Dr. Stephen Henson | |
2008-04-11 | Fix for compression and updated CMS_final(). | Dr. Stephen Henson | |
2008-04-10 | Add additional parameter to CMS_final() to handle detached content. | Dr. Stephen Henson | |
2008-04-10 | Ignore nonsensical flags for signed receipts. | Dr. Stephen Henson | |
2008-04-07 | Implement CMS_NOCRL. | Dr. Stephen Henson | |
2008-04-06 | Set contentType attribute just before signing to allow encapsulated content | Dr. Stephen Henson | |
type to be set at any time in applications. | |||
2008-04-06 | Fix typo and add header files to err library. | Dr. Stephen Henson | |
2008-04-06 | Give consistent return value and add error code for duplicate certificates. | Dr. Stephen Henson | |
2008-04-01 | Avoid warnings. | Dr. Stephen Henson | |
2008-03-31 | Use correct headers for signed receipts. Use consistent naming. | Dr. Stephen Henson | |
Update cms-test.pl to support OpenSSL 0.9.8. | |||
2008-03-29 | Update dependencies. | Dr. Stephen Henson | |
2008-03-29 | Remove unnecessary header. | Dr. Stephen Henson | |
2008-03-28 | Signed receipt generation code. | Dr. Stephen Henson | |
2008-03-28 | Support for verification of signed receipts. | Dr. Stephen Henson | |