Skip to content
  1. Sep 17, 2015
    • Emilia Kasper's avatar
      Disentangle RSA premaster secret parsing · 20ca916d
      Emilia Kasper authored
      
      
      Simplify encrypted premaster secret reading by using new methods in the
      PACKET API.
      
      Don't overwrite the packet buffer. RSA decrypt accepts truncated
      ciphertext with leading zeroes omitted, so it's even possible that by
      crafting a valid ciphertext with several leading zeroes, this could
      cause a few bytes out-of-bounds write. The write is harmless because of
      the size of the underlying message buffer, but nevertheless we shouldn't
      write into the packet.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      20ca916d
  2. Sep 16, 2015
  3. Sep 15, 2015
  4. Sep 14, 2015
  5. Sep 12, 2015
  6. Sep 11, 2015
  7. Sep 10, 2015
  8. Sep 09, 2015
  9. Sep 08, 2015
  10. Sep 07, 2015