openssl/crypto/srp
Dr. Stephen Henson 4a23b12a03 Fix SRP buffer overrun vulnerability.
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
2014-08-06 20:36:41 +01:00
..
.cvsignore
Makefile Missing files target. 2013-02-26 21:51:13 +00:00
srp.h Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
srp_grps.h Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
srp_lcl.h
srp_lib.c Fix SRP buffer overrun vulnerability. 2014-08-06 20:36:41 +01:00
srp_vfy.c Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
srptest.c Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00