crypto/tls: reject zero-length SCTs.
The SignedCertificateTimestampList[1] specifies that both the list and each element must not be empty. Checking that the list is not empty was handled in [2] and this change checks that the SCTs themselves are not zero-length. [1] https://tools.ietf.org/html/rfc6962#section-3.3 [2] https://golang.org/cl/33265 Change-Id: Iabaae7a15f6d111eb079e5086e0bd2005fae9e48 Reviewed-on: https://go-review.googlesource.com/33355 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Showing
Please register or sign in to comment