Disentangle RSA premaster secret parsing
Simplify encrypted premaster secret reading by using new methods in the
PACKET API.
Don't overwrite the packet buffer. RSA decrypt accepts truncated
ciphertext with leading zeroes omitted, so it's even possible that by
crafting a valid ciphertext with several leading zeroes, this could
cause a few bytes out-of-bounds write. The write is harmless because of
the size of the underlying message buffer, but nevertheless we shouldn't
write into the packet.
Reviewed-by: Matt Caswell <matt@openssl.org>
parent
95ed0e7c
Please register or sign in to comment