kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
01797e309f
boringssl/crypto
History
Adam Langley 01797e309f psk_client_callback, 128-byte id bug. 
Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.

OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.

This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.
2014-06-20 13:17:37 -07:00
..
aes Adjust stack pointer in AES-NI CBC decryption. 2014-06-20 13:17:35 -07:00
asn1 Const correctness. 2014-06-20 13:17:36 -07:00
base64 Base64 padding fix. 2014-06-20 13:17:36 -07:00
bio ChannelID support. 2014-06-20 13:17:33 -07:00
bn Add function to recover RSA CRT params. 2014-06-20 13:17:35 -07:00
buf Inital import. 2014-06-20 13:17:32 -07:00
bytestring Inital import. 2014-06-20 13:17:32 -07:00
chacha ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
cipher ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
comp Inital import. 2014-06-20 13:17:32 -07:00
conf Inital import. 2014-06-20 13:17:32 -07:00
des Inital import. 2014-06-20 13:17:32 -07:00
dh Inital import. 2014-06-20 13:17:32 -07:00
digest Inital import. 2014-06-20 13:17:32 -07:00
dsa Safe (EC)DSA nonces. 2014-06-20 13:17:33 -07:00
ec EC infinity fix. 2014-06-20 13:17:36 -07:00
ecdh Inital import. 2014-06-20 13:17:32 -07:00
ecdsa Safe (EC)DSA nonces. 2014-06-20 13:17:33 -07:00
engine Inital import. 2014-06-20 13:17:32 -07:00
err Inital import. 2014-06-20 13:17:32 -07:00
evp AEAD interface. 2014-06-20 13:17:34 -07:00
hmac Inital import. 2014-06-20 13:17:32 -07:00
lhash Inital import. 2014-06-20 13:17:32 -07:00
md5 Inital import. 2014-06-20 13:17:32 -07:00
modes Inital import. 2014-06-20 13:17:32 -07:00
obj Inital import. 2014-06-20 13:17:32 -07:00
pem Inital import. 2014-06-20 13:17:32 -07:00
perlasm Inital import. 2014-06-20 13:17:32 -07:00
pkcs8 Inital import. 2014-06-20 13:17:32 -07:00
poly1305 ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
rand Inital import. 2014-06-20 13:17:32 -07:00
rc4 GOT-relative lookups in RC4 code. 2014-06-20 13:17:32 -07:00
rsa Add function to recover RSA CRT params. 2014-06-20 13:17:35 -07:00
sha Inital import. 2014-06-20 13:17:32 -07:00
stack Inital import. 2014-06-20 13:17:32 -07:00
x509 Const correctness. 2014-06-20 13:17:36 -07:00
x509v3 Const correctness. 2014-06-20 13:17:36 -07:00
arm_arch.h Inital import. 2014-06-20 13:17:32 -07:00
base.h AEAD interface. 2014-06-20 13:17:34 -07:00
CMakeLists.txt ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
cpu-arm.c Inital import. 2014-06-20 13:17:32 -07:00
cpu-intel.c Inital import. 2014-06-20 13:17:32 -07:00
cpu-x86_64-asm.pl Inital import. 2014-06-20 13:17:32 -07:00
cpu-x86-asm.pl Inital import. 2014-06-20 13:17:32 -07:00
cpu.h Inital import. 2014-06-20 13:17:32 -07:00
crypto_error.c Inital import. 2014-06-20 13:17:32 -07:00
crypto_error.h Inital import. 2014-06-20 13:17:32 -07:00
directory_posix.c Inital import. 2014-06-20 13:17:32 -07:00
directory_win.c Inital import. 2014-06-20 13:17:32 -07:00
directory.h Inital import. 2014-06-20 13:17:32 -07:00
ex_data_impl.c Inital import. 2014-06-20 13:17:32 -07:00
ex_data.c Inital import. 2014-06-20 13:17:32 -07:00
ex_data.h Inital import. 2014-06-20 13:17:32 -07:00
header_removed.h Inital import. 2014-06-20 13:17:32 -07:00
internal.h Inital import. 2014-06-20 13:17:32 -07:00
mem_clear.c Inital import. 2014-06-20 13:17:32 -07:00
mem.c psk_client_callback, 128-byte id bug. 2014-06-20 13:17:37 -07:00
mem.h psk_client_callback, 128-byte id bug. 2014-06-20 13:17:37 -07:00
thread.c Inital import. 2014-06-20 13:17:32 -07:00
thread.h Inital import. 2014-06-20 13:17:32 -07:00
time_support.c Inital import. 2014-06-20 13:17:32 -07:00
time_support.h Inital import. 2014-06-20 13:17:32 -07:00
type_check.h Inital import. 2014-06-20 13:17:32 -07:00