]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: c099459) | patch
crypto/tls: reject zero-length SCTs.
authorAdam Langley <agl@golang.org>
Thu, 17 Nov 2016 20:15:19 +0000 (12:15 -0800)
committerBrad Fitzpatrick <bradfitz@golang.org>
Thu, 17 Nov 2016 20:53:01 +0000 (20:53 +0000)
commitb21743c6d0484a6912d1a4ee20905c7b9b578ed8
tree3edc3a11b58acaabbf608f9183717db02c60d303tree
parentc09945980a80a3b92362bd2e99a883051d2dd4d7commit | diff
crypto/tls: reject zero-length SCTs.

The SignedCertificateTimestampList[1] specifies that both the list and
each element must not be empty. Checking that the list is not empty was
handled in [2] and this change checks that the SCTs themselves are not
zero-length.

[1] https://tools.ietf.org/html/rfc6962#section-3.3
[2] https://golang.org/cl/33265

Change-Id: Iabaae7a15f6d111eb079e5086e0bd2005fae9e48
Reviewed-on: https://go-review.googlesource.com/33355
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
src/crypto/tls/handshake_messages.go diff | blob | history
src/crypto/tls/handshake_messages_test.go diff | blob | history
Go GOST TLS 1.3