boringssl/ssl
David Benjamin 3d622e554e Add missing bounds check in tls13_derive_resumption_secret.
This is fine because TLS PRFs only go up to SHA-384, but since
SSL_SESSION::master_key is sized to 48, not EVP_MAX_MD_SIZE, this should
explicitly check the bounds.

Change-Id: I2b1bcaab5cdfc3ce4d7a8b8ed5cc4c6d15d10270
Reviewed-on: https://boringssl-review.googlesource.com/12460
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2016-11-28 20:36:32 +00:00
..
test Don't allow invalid SCT lists to be set. 2016-11-19 00:24:18 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Don't put a colon in the extra error message. 2016-11-17 21:46:34 +00:00
d1_both.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
d1_lib.c Remove RC4 from TLS for real. 2016-09-16 03:06:36 +00:00
d1_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
dtls_record.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
handshake_client.c Add tests for failing cert_cb. 2016-11-15 07:15:54 +00:00
handshake_server.c Add |SSL_set_retain_only_sha256_of_client_certs|. 2016-11-17 02:49:19 +00:00
internal.h Enforce basic sanity of SCT lists. 2016-11-18 19:19:48 +00:00
s3_both.c Parse ClientHello extensions before deciding on resumption. 2016-11-16 23:58:02 +00:00
s3_enc.c Move key_block into SSL_HANDSHAKE. 2016-11-09 17:02:33 +00:00
s3_lib.c Negotiate ciphers before resumption. 2016-11-17 01:02:42 +00:00
s3_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
ssl_aead_ctx.c Validate input iv/mac sizes in SSL_AEAD_CTX_new. 2016-10-28 21:25:35 +00:00
ssl_asn1.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_cipher.c Trim ssl_create_cipher_list slightly. 2016-11-03 22:19:53 +00:00
ssl_ecdh.c Implement SSL_CTX_set1_curves_list() 2016-09-30 00:45:19 +00:00
ssl_file.c Check for sk_X509_NAME_push failures. 2016-09-27 13:18:37 +00:00
ssl_lib.c Don't allow invalid SCT lists to be set. 2016-11-19 00:24:18 +00:00
ssl_rsa.c Rename X.509 members in |SSL_SESSION| and |CERT|. 2016-11-09 20:07:57 +00:00
ssl_session.c Add |SSL_set_retain_only_sha256_of_client_certs|. 2016-11-17 02:49:19 +00:00
ssl_stat.c Add the certificate_required alert. 2016-10-10 15:48:06 +00:00
ssl_test.cc Run TestOneSidedShutdown at all versions. 2016-11-21 18:56:48 +00:00
t1_enc.c Make tls1_setup_key_block static. 2016-11-18 03:58:26 +00:00
t1_lib.c Enforce basic sanity of SCT lists. 2016-11-18 19:19:48 +00:00
tls13_both.c Flush TLS 1.3 certificate extensions. 2016-11-18 22:01:38 +00:00
tls13_client.c Tolerate cipher changes on TLS 1.3 resumption as a client. 2016-11-16 13:27:07 +00:00
tls13_enc.c Add missing bounds check in tls13_derive_resumption_secret. 2016-11-28 20:36:32 +00:00
tls13_server.c Negotiate ciphers before resumption. 2016-11-17 01:02:42 +00:00
tls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
tls_record.c Enforce record-layer version numbers. 2016-11-13 05:28:35 +00:00