wolfSSL / wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

https://www.wolfssl.com

GNU General Public License v2.0

2.22k stars 798 forks source link

SSL default ticket encryption callback: check in len on decrypt #7683

Closed SparkiDev closed 1 week ago

SparkiDev commented 1 week ago

Description

Make sure that the length of the data to decrypt is correct for the default ticket encryption implementation.

Fixes zd#18205

Testing

./configure --disable-shared --enable-session-ticket Still passes tests with length check in.

Checklist

[ ] added tests
[ ] updated/added doxygen
[ ] updated appropriate READMEs
[ ] Updated manual and documentation