CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2022/05/05 12:29:34
Modified files:
lib/libcrypto/hmac: hmac.c
Log message:
Fix HMAC() with NULL key
If a NULL key is passed to HMAC_Init_ex(), it tries to reuse the
previous key. This makes no sense inside HMAC() since the HMAC_CTX
has no key set yet. This is hit by HKDF() with NULL salt() via the
EVP API and results in a few Wycheproof test failures. If key is
NULL, use a zero length dummy key.
This was not hit from wycheproof.go since we pass a []byte with a
single NUL from Go.
Matches OpenSSL if key is NULL and key_len is 0. If key_len != 0,
OpenSSL will still fail by passing a NULL key which makes no sense,
so set key_len to 0 instead.
ok beck jsing
