Fixed in master now, commit b1413d9bd9d823ca1ba2d6cdf4849e635231
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
After reviewing the documentation I see this behavior mentioned - easy to miss.
However I'd argue that this behavior is wrong, given that there is no context to
potentially re-use with the single shot function.
Wouldn't it make more sense to simply treat a NULL pointer to key the same as
passing a
After reviewing the documentation I see this behavior mentioned - easy to miss.
However I'd argue that this behavior is wrong, given that there is no context to
potentially re-use with the single shot function.
Wouldn't it make more sense to simply treat a NULL pointer to key the same as
passing a
On Fri Jul 26 09:26:23 2013, jake.petrou...@petroules.com wrote:
> Hello,
>
> I've discovered a bug in OpenSSL HMAC handling -- when calling the
> HMAC() (http://www.openssl.org/docs/crypto/hmac.html) function, an
> incorrect result will be given if the `key` parameter is a NULL
> pointer, even whe
Hello,
I've discovered a bug in OpenSSL HMAC handling -- when calling the HMAC()
(http://www.openssl.org/docs/crypto/hmac.html) function, an incorrect result
will be given if the `key` parameter is a NULL pointer, even when `key_len` is
zero. Much easier to notice when you're not using null ter