It is not intended, but AFAIK also has no security implications. Nevertheless, we should probably plan to fix the swap when we next break compatibility.
On 9/16/19 7:35 PM, Bernd Fix wrote: > The function "derive_block_aes_key" in "gnsrecord_crypto.c" swaps the > arguments for "key" and "salt" in the calls of "hkdf" - is that intented? > > If so, what is the rationale behind it? It is done correctly in the > derivation functions for keys, so I wonder... the entropy of the key > (~255) is much higher than that of the salt (~50 for a 12-letter label). > Does that have security implications? >Y< > > _______________________________________________ > GNUnet-developers mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/gnunet-developers >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ GNUnet-developers mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gnunet-developers
