diff options
author | Neil Horman <nhorman@openssl.org> | 2024-01-01 11:53:50 -0500 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-01-03 10:05:49 -0500 |
commit | 8d89050f0f676b429043fd5445e5a570d54ad225 (patch) | |
tree | 9c8a1924ae16a8730aa143ddfc267c8ae89094a8 /demos/bio | |
parent | cf8fea86f73c4606f132133cb34c07f8dad42482 (diff) |
validate requested key length in kdf_pbkdf1_do_derive
When using pbkdf1 key deriviation, it is possible to request a key
length larger than the maximum digest size a given digest can produce,
leading to a read of random stack memory.
fix it by returning an error if the requested key size n is larger than
the EVP_MD_size of the digest
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23174)
Diffstat (limited to 'demos/bio')
0 files changed, 0 insertions, 0 deletions