mirror of
https://github.com/openssl/openssl.git
synced 2025-01-06 13:26:43 +08:00
5c91f70ba8
In this function the salt can be either a zero buffer of exactly mdlen length, or an arbitrary salt of prevsecretlen length. Although in practice OpenSSL will always pass in a salt of mdlen size bytes in the current TLS 1.3 code, the openssl kdf command can pass in arbitrary values (I did it for testing), and a future change in the higher layer code could also result in unmatched lengths. If prevsecretlen is > mdlen this will cause incorrect salt expansion, if prevsecretlen < mdlen this could cause a crash or reading random information. Inboth case the generated output would be incorrect. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25579) |
||
|---|---|---|
| .. | ||
| evpciph_aes_ccm_cavs.txt | ||
| evpciph_aes_common.txt | ||
| evpciph_aes_cts.txt | ||
| evpciph_aes_gcm_siv.txt | ||
| evpciph_aes_ocb.txt | ||
| evpciph_aes_siv.txt | ||
| evpciph_aes_stitched.txt | ||
| evpciph_aes_wrap.txt | ||
| evpciph_aria.txt | ||
| evpciph_bf.txt | ||
| evpciph_camellia_cts.txt | ||
| evpciph_camellia.txt | ||
| evpciph_cast5.txt | ||
| evpciph_chacha.txt | ||
| evpciph_des3_common.txt | ||
| evpciph_des.txt | ||
| evpciph_idea.txt | ||
| evpciph_rc2.txt | ||
| evpciph_rc4_stitched.txt | ||
| evpciph_rc4.txt | ||
| evpciph_rc5.txt | ||
| evpciph_seed.txt | ||
| evpciph_sm4.txt | ||
| evpencod.txt | ||
| evpkdf_argon2.txt | ||
| evpkdf_hkdf.txt | ||
| evpkdf_hmac_drbg.txt | ||
| evpkdf_kbkdf_counter.txt | ||
| evpkdf_kbkdf_kmac.txt | ||
| evpkdf_krb5.txt | ||
| evpkdf_pbkdf1.txt | ||
| evpkdf_pbkdf2.txt | ||
| evpkdf_pvkkdf.txt | ||
| evpkdf_scrypt.txt | ||
| evpkdf_ss.txt | ||
| evpkdf_ssh.txt | ||
| evpkdf_tls11_prf.txt | ||
| evpkdf_tls12_prf.txt | ||
| evpkdf_tls13_kdf.txt | ||
| evpkdf_x942_des.txt | ||
| evpkdf_x942.txt | ||
| evpkdf_x963.txt | ||
| evpmac_blake.txt | ||
| evpmac_cmac_des.txt | ||
| evpmac_common.txt | ||
| evpmac_poly1305.txt | ||
| evpmac_siphash.txt | ||
| evpmac_sm3.txt | ||
| evpmd_blake.txt | ||
| evpmd_md.txt | ||
| evpmd_mdc2.txt | ||
| evpmd_ripemd.txt | ||
| evpmd_sha.txt | ||
| evpmd_sm3.txt | ||
| evpmd_whirlpool.txt | ||
| evppbe_pbkdf2.txt | ||
| evppbe_pkcs12.txt | ||
| evppbe_scrypt.txt | ||
| evppkey_brainpool.txt | ||
| evppkey_dh.txt | ||
| evppkey_dsa_rfc6979.txt | ||
| evppkey_dsa_sigalg.txt | ||
| evppkey_dsa.txt | ||
| evppkey_ecc.txt | ||
| evppkey_ecdh.txt | ||
| evppkey_ecdsa_rfc6979.txt | ||
| evppkey_ecdsa_sigalg.txt | ||
| evppkey_ecdsa.txt | ||
| evppkey_ecx_sigalg.txt | ||
| evppkey_ecx.txt | ||
| evppkey_ffdhe.txt | ||
| evppkey_kas.txt | ||
| evppkey_kdf_hkdf.txt | ||
| evppkey_kdf_scrypt.txt | ||
| evppkey_kdf_tls1_prf.txt | ||
| evppkey_mismatch_ecx.txt | ||
| evppkey_mismatch.txt | ||
| evppkey_rsa_common.txt | ||
| evppkey_rsa_sigalg.txt | ||
| evppkey_rsa.txt | ||
| evppkey_sm2.txt | ||
| evprand.txt | ||