Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) [Andrey Kulikov <amdeich@gmail.com>] *) Prevent malformed RFC3779 data triggering an assertion failure. Thanks to Andrew Chi, BBN Technologies, for discovering the flaw and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) Loading engines/ccgost/gost2001_keyx.c +4 −0 Original line number Diff line number Diff line Loading @@ -280,6 +280,10 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t * key_l } param = get_encryption_params(gkt->key_agreement_info->cipher); if(!param){ goto err; } gost_init(&ctx,param->sblock); OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8); memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8); Loading engines/ccgost/gost94_keyx.c +4 −0 Original line number Diff line number Diff line Loading @@ -261,6 +261,10 @@ int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *key_len } param = get_encryption_params(gkt->key_agreement_info->cipher); if(!param){ goto err; } gost_init(&cctx,param->sblock); OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8); memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8); Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) [Andrey Kulikov <amdeich@gmail.com>] *) Prevent malformed RFC3779 data triggering an assertion failure. Thanks to Andrew Chi, BBN Technologies, for discovering the flaw and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) Loading
engines/ccgost/gost2001_keyx.c +4 −0 Original line number Diff line number Diff line Loading @@ -280,6 +280,10 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t * key_l } param = get_encryption_params(gkt->key_agreement_info->cipher); if(!param){ goto err; } gost_init(&ctx,param->sblock); OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8); memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8); Loading
engines/ccgost/gost94_keyx.c +4 −0 Original line number Diff line number Diff line Loading @@ -261,6 +261,10 @@ int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *key_len } param = get_encryption_params(gkt->key_agreement_info->cipher); if(!param){ goto err; } gost_init(&cctx,param->sblock); OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8); memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8); Loading
