Check ECDH output buffer length and avoid truncation. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2015-09-13 11:49:44 +0000
committer	jsing <>	2015-09-13 11:49:44 +0000
commit	21654feacf896dbd0001798f2c549c31b9974412 (patch)
tree	26ad5794d56d0f5b57b98ae4229d0178ef464bb9 /src/lib/libcrypto/ecdh/ech_key.c
parent	647e0b210017623cf0a87fdbeee7d38a16907ec3 (diff)
download	openbsd-21654feacf896dbd0001798f2c549c31b9974412.tar.gz openbsd-21654feacf896dbd0001798f2c549c31b9974412.tar.bz2 openbsd-21654feacf896dbd0001798f2c549c31b9974412.zip

Check ECDH output buffer length and avoid truncation.

Currently, if you call ECDH_compute_key() it will silently truncate the resulting key if the output buffer is less than the key size. Instead, detect this condition and return an error. If the buffer provided is larger than the key length, zero the remainder. ok beck@ miod@ "+ shivers"

Diffstat (limited to 'src/lib/libcrypto/ecdh/ech_key.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: