1. 14 Nov, 2017 1 commit
  2. 09 Oct, 2017 1 commit
  3. 22 Aug, 2017 1 commit
  4. 01 Aug, 2017 6 commits
  5. 24 Jul, 2017 3 commits
  6. 13 Jul, 2017 3 commits
  7. 29 Nov, 2016 2 commits
  8. 28 Nov, 2016 3 commits
  9. 08 Sep, 2016 1 commit
  10. 31 Aug, 2016 2 commits
    • Simo Sorce's avatar
      Add Timing tests for MMA · 19490b84
      Simo Sorce authored
      This test is not very reliable and takes a long time so it is provided but
      diasabled by default.
      It is only useful to verify if any regression regarding MMA occurs, so it can
      be just run occasionally.
      Signed-off-by: 's avatarSimo Sorce <simo@redhat.com>
      19490b84
    • Simo Sorce's avatar
      CVE-2016-6298: Million Messages Attack mitigation · eb5be5bd
      Simo Sorce authored
      RFC 3218 describes an oracle attack called Million Messages Attack
      against RSA with PKCS1 v1.5 padding.
      
      Depending on how JWEs are used a server may become an Oracle, and the
      mitigation presecribed in RFC 3218 2.3.2 need to be implemented.
      
      Many thanks to Dennis Detering for his responsible disclosure and help
      verifying the mitigation approach.
      
      Resolves #65
      Signed-off-by: 's avatarSimo Sorce <simo@redhat.com>
      Closes #66
      eb5be5bd
  11. 26 Aug, 2016 5 commits
  12. 25 Aug, 2016 2 commits
  13. 23 Aug, 2016 3 commits
  14. 19 Aug, 2016 3 commits
  15. 16 Aug, 2016 1 commit
  16. 03 Aug, 2016 1 commit
  17. 02 Aug, 2016 1 commit
  18. 15 Jul, 2016 1 commit