Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-07 15:09:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'restricted/IOTSSL-1366/development-restricted' into development-restricted

Browse source 
* restricted/IOTSSL-1366/development-restricted:
  More length checks in RSA PKCS1v15 verify
  More length checks in RSA PKCS1v15 verify
This commit is contained in:
Manuel Pégourié-Gonnard 2017-06-08 20:24:29 +02:00
commit a0bf6ecfc3
2 changed files with 19 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -8,6 +8,8 @@ Security
option if needed.
* Fixed offset in FALLBACK_SCSV parsing that caused TLS server to fail to
detect it sometimes. Reported by Hugo Leisink. #810
* Tighten ASN.1 parsing of RSA PKCS#1 v1.5 signatures, to avoid a
potential Bleichenbacher-style attack.
Bugfix
* Remove invalid use of size zero arrays in ECJPAKE test suite.