diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-12-02 00:41:25 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-12-01 11:41:25 -0500 |
commit | 9fa6fb273559d29d471df80942ce066e6e40dfde (patch) | |
tree | 7108f14bfee1aebafdade8c8282b4f0cee32013d | |
parent | 4662d44fd3db5078a1882100653a3dbab3e3c7a1 (diff) | |
download | cryptography-9fa6fb273559d29d471df80942ce066e6e40dfde.tar.gz cryptography-9fa6fb273559d29d471df80942ce066e6e40dfde.tar.bz2 cryptography-9fa6fb273559d29d471df80942ce066e6e40dfde.zip |
Pass the right length of null bytes when no salt is provided to HKDF (#4036)
This bug looks bad but ends up being benign because HMAC is specified to
pad null bytes if a key is too short. So we passed too few bytes and
then OpenSSL obligingly padded it out to the correct length. However, we
should still do the right thing obviously.
-rw-r--r-- | src/cryptography/hazmat/primitives/kdf/hkdf.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/primitives/kdf/hkdf.py b/src/cryptography/hazmat/primitives/kdf/hkdf.py index 82ed9b1c..964ac2cc 100644 --- a/src/cryptography/hazmat/primitives/kdf/hkdf.py +++ b/src/cryptography/hazmat/primitives/kdf/hkdf.py @@ -30,7 +30,7 @@ class HKDF(object): raise TypeError("salt must be bytes.") if salt is None: - salt = b"\x00" * (self._algorithm.digest_size // 8) + salt = b"\x00" * self._algorithm.digest_size self._salt = salt |