git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Thu, 17 May 2018 11:53:07 +0000 (12:53 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 24 May 2018 16:26:03 +0000 (17:26 +0100)
commit	a0abb6a10f4c5fc6dd20c487aa0db085fbfb3562
tree	711cca97bea1c2b1a25d66496c246e1592332282	tree \| snapshot
parent	07824f304a220ea09ec369bad60f4fcfd01d5d14	commit \| diff

Add a sanity check on the length of pkeyutl inputs

When signing or verifying a file using pkeyutl the input is supposed to
be a hash. Some algorithms sanity check the length of the input, while
others don't and silently truncate. To avoid accidents we check that the
length of the input looks sane.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6284)

CHANGES		diff \| blob \| history
apps/pkeyutl.c		diff \| blob \| history
doc/man1/pkeyutl.pod		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom