Matt Caswell
1a3701f4fe
Sanity check EVP_CTRL_AEAD_TLS_AAD ...
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit c8269881093324b881b81472be037055571f73f3)
Conflicts:
ssl/record/ssl3_record.c
2015-04-30 23:21:50 +01:00
1998-12-21 10:52:47 +00:00
2011-03-16 11:26:40 +00:00
1998-12-21 10:52:47 +00:00
2008-04-17 10:19:16 +00:00
2015-01-22 09:31:38 +00:00
2015-04-20 13:42:17 +01:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2000-10-16 22:56:10 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
2015-04-16 13:50:01 -04:00
2011-03-25 16:21:08 +00:00
2006-04-28 00:30:49 +00:00
2009-10-15 17:27:47 +00:00
1998-12-21 10:56:39 +00:00
2015-01-22 09:31:38 +00:00
2011-12-08 14:45:15 +00:00
2015-04-20 13:42:17 +01:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-03-17 13:48:04 +00:00
2000-08-02 09:04:44 +00:00
2000-08-02 09:04:44 +00:00
2000-08-02 09:04:44 +00:00
2000-08-02 09:04:44 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
1999-01-09 17:29:34 +00:00
1999-01-09 17:29:34 +00:00
2015-01-22 09:31:38 +00:00
1998-12-21 10:56:39 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:48 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2011-03-19 09:47:47 +00:00
2014-06-14 16:58:11 +02:00
2013-12-01 23:09:44 +00:00
2015-01-22 09:31:38 +00:00
2015-04-20 13:42:17 +01:00
1998-12-21 11:00:56 +00:00
2014-09-23 18:20:26 +02:00
2015-02-09 13:01:15 +00:00
2014-09-08 17:23:37 -04:00
2015-01-22 09:31:38 +00:00
2000-10-16 22:56:10 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
2015-03-17 14:49:47 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2006-05-17 12:29:16 +00:00
2015-01-22 09:31:38 +00:00
2014-06-29 03:05:21 +01:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:48 +00:00
1998-12-21 10:56:39 +00:00
1998-12-21 10:52:47 +00:00
2015-01-22 09:31:38 +00:00
2015-03-05 09:15:08 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
1998-12-21 10:52:47 +00:00
2015-01-22 09:31:38 +00:00
2015-04-16 13:50:01 -04:00
2015-04-20 13:42:17 +01:00
2015-04-20 13:42:17 +01:00
2015-01-22 09:31:48 +00:00
2015-04-16 13:50:01 -04:00
2011-12-08 14:45:15 +00:00
2011-12-08 14:45:15 +00:00
1998-12-21 10:56:39 +00:00
2015-01-22 09:31:38 +00:00
2015-04-20 13:42:17 +01:00
2015-04-30 23:21:50 +01:00
2015-01-22 09:31:38 +00:00
2015-04-16 13:50:01 -04:00
1998-12-21 10:52:47 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:48 +00:00
2009-09-07 17:57:02 +00:00
2015-04-20 13:42:17 +01:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-01-22 09:31:38 +00:00
2015-03-05 09:15:08 +00:00
1a3701f4fe