Google Git
Sign in
pigweed / third_party / boringssl / boringssl / 23721e3705bd92789238cc1753642730111ae9ce
commit23721e3705bd92789238cc1753642730111ae9ce[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Sat Feb 28 21:56:12 2015 -0500
committerAdam Langley <agl@google.com>Mon Mar 02 23:16:12 2015 +0000
treeb1e6760df1c2623a0b858fc39d92338e3d036416
parentcc239d3903f908fff2933f379577cf8f57482a09 [diff]
Forbid reusing HMAC key without reusing the hash function.

There's no good reason to do this, and it doesn't work; HMAC checks the length
of the key and runs it through the hash function if too long. The reuse occurs
after this check.

This allows us to shave 132 bytes off HMAC_CTX as this was the only reason it
ever stored the original key. It also slightly simplifies HMAC_Init_ex's
logic.

Change-Id: Ib56aabc3630b7178f1ee7c38ef6370c9638efbab
Reviewed-on: https://boringssl-review.googlesource.com/3733
Reviewed-by: Adam Langley <agl@google.com>
2 files changed
tree: b1e6760df1c2623a0b858fc39d92338e3d036416
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt
  11. codereview.settings
  12. STYLE