Tag:
Branch:
Tree:
d1b20a9580
2214
2272
2311
2357
2490
2564
2623
2661
2704
2785
2883
2924
2987
3029
3071
3112
3202
3239
3282
3359
3538
3945
chromium-2214
chromium-2272
chromium-2311
chromium-2357
chromium-2490
chromium-2564
chromium-2623
chromium-2661
chromium-2704
chromium-2883
chromium-2924
chromium-2987
chromium-3029
chromium-3071
chromium-3112
chromium-3202
chromium-3239
chromium-3282
chromium-3359
chromium-3538
chromium-3945
chromium-5359
chromium-5414
chromium-stable
chromium-stable-with-bazel
esni
fips-20180730
fips-20220613
fips-20230428
fips-20240407
fips-20240805
fips-20250107
fips-android-20191008
grpc-202302
infra/config
main
main-with-bazel
master
master-with-bazel
0.20240913.0
0.20240930.0
0.20241024.0
0.20241203.0
0.20241209.0
0.20250114.0
0.20250212.0
fips-20170615
fips-20180730
fips-20190808
fips-20210429
fips-20220613
fips-android-20191020
version_for_cocoapods_1.0
version_for_cocoapods_10.0
version_for_cocoapods_2.0
version_for_cocoapods_3.0
version_for_cocoapods_4.0
version_for_cocoapods_5.0
version_for_cocoapods_6.0
version_for_cocoapods_7.0
version_for_cocoapods_8.0
version_for_cocoapods_9.0
${ noResults }
1 Commits (d1b20a9580aebb6fbb0b1b2408cf1221d83afb71)
| Author | SHA1 | Message | Date |
|---|---|---|---|
David Benjamin
|
a6d321b11f |
Tighten up supported PSS combinations in X.509.
Matching Chromium, Go, and TLS 1.3, only allow SHA-256, SHA-384, and SHA-512 RSA-PSS signatures, where MGF-1 and message hash match and salt length is hash length. Sadly, we are stuck tolerating an explicit trailerField for now. See the certificates in cl/362617931. This also fixes an overflow bug in handling the salt length. On platforms with 64-bit long and 32-bit int, we would misinterpret, e.g, 2^62 + 32 as 32. Also clean up the error-handling of maskHash. It was previously handled in a very confusing way; syntax errors in maskHash would succeed and only be noticed later, in rsa_mgf1_decode. I haven't done it in this change, but as a followup, we can, like Chromium, reduce X.509 signature algorithms down to a single enum. Update-Note: Unusual RSA-PSS combinations in X.509 are no longer accepted. This same change (actually a slightly stricter version) has already landed in Chrome. Bug: 489 Change-Id: I85ca3a4e14f76358cac13e66163887f6dade1ace Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53865 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> |
3 years ago |