Skip to content
Commit 20ca916d authored by Emilia Kasper's avatar Emilia Kasper
Browse files

Disentangle RSA premaster secret parsing



Simplify encrypted premaster secret reading by using new methods in the
PACKET API.

Don't overwrite the packet buffer. RSA decrypt accepts truncated
ciphertext with leading zeroes omitted, so it's even possible that by
crafting a valid ciphertext with several leading zeroes, this could
cause a few bytes out-of-bounds write. The write is harmless because of
the size of the underlying message buffer, but nevertheless we shouldn't
write into the packet.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent 95ed0e7c
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment