]> git.ipfire.org Git - thirdparty/openssl.git/commit
Harden RSA public encrypt
authorViktor Dukhovni <openssl-users@dukhovni.org>
Thu, 11 Sep 2025 08:50:44 +0000 (18:50 +1000)
committerNeil Horman <nhorman@openssl.org>
Sun, 14 Sep 2025 00:04:16 +0000 (20:04 -0400)
commitf34b1ad17ba37a76a96e53be3813d88bf2b329f2
tree83ba5c5da02ac318b594a4a09506fa45dfb68812
parent5aae731a7d60b2ab9cbc25b8d0956c15f5ee2206
Harden RSA public encrypt

Check the that the indicated output buffer length is large enough.

Fix EVP_SealInit() to initialise the output buffer length to the RSA
modulus length, not the input KEK length.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28517)
CHANGES.md
crypto/evp/p_seal.c
providers/implementations/asymciphers/rsa_enc.c.in