You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current implementation of Hmac.Engine is that the provided key ByteArray is sized to the digest.blockSize() by either hashing it once (if larger than), padding it with 0's (if smaller), or using the provided key. It then uses the prepared key to derive iKey and oKey.
After those are derived, the preparedKey should be blanked. As such, the provided key should always be copied so we are not modifying the provided ByteArray, so that the copy can be blanked before dereferencing.
val preparedKey =if (key.size > digest.blockSize()) {
digest.digest(key).copyOf(digest.blockSize())
} else {
key.copyOf(digest.blockSize())
}
// ... derive iKey and oKey
preparedKey.fill(0)
The text was updated successfully, but these errors were encountered:
Current implementation of
Hmac.Engine
is that the provided keyByteArray
is sized to thedigest.blockSize()
by either hashing it once (if larger than), padding it with 0's (if smaller), or using the provided key. It then uses the prepared key to deriveiKey
andoKey
.After those are derived, the
preparedKey
should be blanked. As such, the providedkey
should always be copied so we are not modifying the providedByteArray
, so that the copy can be blanked before dereferencing.The text was updated successfully, but these errors were encountered: