| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Introduced in b13c0cc8590199d, it could only trigger if the block size
was more than 256 bytes. In that case an invalid padding could be accepted.
OSS-Fuzz 11608 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11608)
|
| |
|
|
|
|
| |
The reference version of 1and0 padding would crash on an all-zero input.
OSS-Fuzz 10628
|
| |
|
|
|
|
|
| |
Both PKCS7 and X9.23 padding modes did not examine the first byte
of the purported padding if the padding took an entire block. So
for example for a 64-bit cipher, PKCS7 would accept XX08080808080808
as a valid padding for any byte value.
|
| | |
|
| |
|
|
|
| |
ESP padding is one of the recommended padding
methods from BSI-TR-02102-1.
|
|
|
Exports get_bc_pad() to be used from tests. Adds separate handcrafted
tests for block cipher padding modes. They were previously only tested
implicitly during the block cipher modes of operation tests, though not
all padding modes were covered. And in case a mode of operation is
not part of the enabled modules, the previously tested padding modes
are not covered at all. Fixes an off-by-one bug in the previously
untested ANSI X9.23 padding mode, where the number of zero bytes
in the pad was one more than allowed by the standard.
|
