boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
David Benjamin	01e8e625ad	Don't allow RC4 in PEM. This fixes uninitialized memory read reported by Nick Mathewson in https://github.com/openssl/openssl/issues/6347. It imports the memset from upstream's 2c739f72e5236a8e0c351c00047c77083dcdb77f, but I believe that fix is incorrect and instead RC4 shouldn't be allowed in this context. See https://github.com/openssl/openssl/pull/6603#issuecomment-413066462 for details. Update-Note: Decoding a password-protected PEM block with RC4 will, rather than derive garbage from uninitialized memory, simply fail. Trying to encode a password-protect PEM block with an unsupported cipher will also fail, rather than output garbage (e.g. tag-less AES-GCM). Change-Id: Ib7e23dbf5514f0a523730926daad3c0bdb989417 Reviewed-on: https://boringssl-review.googlesource.com/31084 Reviewed-by: Adam Langley <agl@google.com>	2018-08-16 15:33:43 +00:00

Author

SHA1

Message

Date

David Benjamin

01e8e625ad

Don't allow RC4 in PEM.

This fixes uninitialized memory read reported by Nick Mathewson in
https://github.com/openssl/openssl/issues/6347.

It imports the memset from upstream's 2c739f72e5236a8e0c351c00047c77083dcdb77f,
but I believe that fix is incorrect and instead RC4 shouldn't be allowed in
this context. See
https://github.com/openssl/openssl/pull/6603#issuecomment-413066462 for
details.

Update-Note: Decoding a password-protected PEM block with RC4 will, rather than
derive garbage from uninitialized memory, simply fail. Trying to encode a
password-protect PEM block with an unsupported cipher will also fail, rather
than output garbage (e.g. tag-less AES-GCM).

Change-Id: Ib7e23dbf5514f0a523730926daad3c0bdb989417
Reviewed-on: https://boringssl-review.googlesource.com/31084
Reviewed-by: Adam Langley <agl@google.com>

2018-08-16 15:33:43 +00:00

1 Commits