summaryrefslogtreecommitdiffstats
path: root/crypto/cms
AgeCommit message (Collapse)Author
2013-01-23Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP setDr. Stephen Henson
2012-05-10Reported by: Solar Designer of OpenwallDr. Stephen Henson
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-03-12Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key andDr. Stephen Henson
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
2012-03-06return failure code if I/O errorDr. Stephen Henson
2010-06-01Fix CVE-2010-0742Dr. Stephen Henson
2010-02-02tolerate broken CMS/PKCS7 implementations using signature OID instead of digestDr. Stephen Henson
2009-09-13Submitted by: Julia Lawall <julia@diku.dk>Dr. Stephen Henson
The functions ENGINE_ctrl(), OPENSSL_isservice(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly.
2009-03-25Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>Dr. Stephen Henson
Approved by: steve@openssl.org Check return code properly in CMS_SignerInfo_verify_content().
2009-03-15Oops.Dr. Stephen Henson
2009-03-15Don't force S/MIME signing purpose: allow it to be overridden by storeDr. Stephen Henson
settings. Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters being inherited properly.
2009-01-07Properly check EVP_VerifyFinal() and similar return valuesDr. Stephen Henson
(CVE-2008-5077). Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
2008-11-21Update from HEAD.Dr. Stephen Henson
2008-09-16Merge changes to build system from fips branch.Dr. Stephen Henson
2008-08-05Fix from HEAD.Dr. Stephen Henson
2008-04-18Update from HEAD.Dr. Stephen Henson
2008-04-12Update from HEAD.Dr. Stephen Henson
2008-04-11Revert change from HEAD.Dr. Stephen Henson
2008-04-11Fix from HEAD.Dr. Stephen Henson
2008-04-07Fix from HEAD.Dr. Stephen Henson
2008-04-06Update from HEAD.Dr. Stephen Henson
2008-04-06Fix from HEAD.Dr. Stephen Henson
2008-04-06Update error codes.Dr. Stephen Henson
2008-04-06Fix from HEAD.Dr. Stephen Henson
2008-04-03Delete functions not implemented in 0.9.8 from cms.hDr. Stephen Henson
2008-04-03Backport of CMS code to 0.9.8-stable branch. Disabled by default.Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-27 19:41:52 +0000