]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 85bbef2) | patch
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression
authorHugo Landau <hlandau@openssl.org>
Tue, 6 Jun 2023 15:25:10 +0000 (16:25 +0100)
committerPauli <pauli@openssl.org>
Sun, 16 Jul 2023 22:17:57 +0000 (08:17 +1000)
commitdfe5e7fa987c0e79c165a677d6572a04105528e3
treed216264228eb2b0a1047fa1e0939f5b5d3b9b3fctree | snapshot
parent85bbef270c1d15ec34e152c13f41ec0c298f5459commit | diff
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression

Make sure PN duplicate suppression is side-channel safe by doing
the duplicate test after AEAD verification.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
include/internal/quic_record_rx.h diff | blob | blame | history
ssl/quic/quic_channel.c diff | blob | blame | history
ssl/quic/quic_record_rx.c diff | blob | blame | history
A mirror of the official openssl repository