commit | 559126c953cf0e1e4986e24c019bbf996d5ab795 | [log] [tgz] |
---|---|---|
author | Kenny Root <kroot@google.com> | Mon May 18 11:38:14 2015 -0700 |
committer | Kenny Root <kroot@google.com> | Mon May 18 11:40:21 2015 -0700 |
tree | 17d34a3c7d86a11b139c6d0c85ebfa9e9b9cdd7a | |
parent | a22d198b1b7f3d6a61d916d408b1d52f8dd22343 [diff] |
Fix test18566 to have the correct expectation Before the test was allowing invalid encoding in PKCS#1 data, but this is an exploitable condition in certain cases. See for instance https://www.imperialviolet.org/2014/09/26/pkcs1.html Since BoringSSL has the change to disallow this problem, we are switching this to assert that the signature did not verify. Bug: 21209498 Bug: 5038554 Bug: http://code.google.com/p/android/issues/detail?id=18566 Change-Id: Ie040f644a4588c6801e5557e2f9a3bcdedfd30ac