Displaying 4 results from an estimated 4 matches for "hmac_init_ex".
2011 Sep 06
2
mac_int() does not call HMAC_CTX_init()
...org/docs/crypto/hmac.html
HMAC_CTX_init() initialises a HMAC_CTX before first use. It must be called.
HMAC_CTX_init() must have been called before the first use of an HMAC_CTX in this function. N.B. HMAC_Init() had this undocumented behaviour in previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in programs that expect it will cause them to stop working
While this appears to cause no issues with OpenSSH 5.6p1 using OpenSSL 1.0.0a and the default crypto engine,
it may cause problems (such as segfaults in my case) when attempting to use an alternative engine.
--
Robert Dugal?????????????...
2011 Sep 07
5
[Bug 1934] New: mac_init() calls HMAC_Init() without previously having called HMAC_CTX_init().
...rg/docs/crypto/hmac.html
HMAC_CTX_init() initialises a HMAC_CTX before first use. It must be
called. HMAC_CTX_init() must have been called before the first use of
an HMAC_CTX in this function. N.B. HMAC_Init() had this undocumented
behaviour in previous versions of OpenSSL - failure to switch to
HMAC_Init_ex() in programs that expect it will cause them to stop
working.
While this appears to currently cause no issues with OpenSSH 5.8p1
using OpenSSL 1.0.0d and the default crypto engine, it may cause
problems (such as segfaults in my case) when attempting to use an
alternative engine.
--
Configure bug...
2016 Nov 02
0
v2.2.26.0 released
...dcrypt_contex
{
int ec;
i_assert(ctx->md != NULL);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
ctx->ctx = HMAC_CTX_new();
if (ctx->ctx == NULL) return dcrypt_openssl_error(error_r);
ec = HMAC_Init_ex(ctx->ctx, ctx->key, ctx->klen, ctx->md, NULL);
@@ -484,7 +484,7 @@ static
bool dcrypt_openssl_ctx_hmac_update(struct dcrypt_context_hmac *ctx, const unsigned char *data, size_t data_len, const char **error_r)
{
int ec;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSI...
2016 Nov 02
2
v2.2.26.0 released
If the standard way works, I am happy to include the original patch I
sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER.
If they keep this promise, then we should have no worries about things
breaking up.
Aki
On 02.11.2016 14:24, Michael A. Peters wrote:
> Indeed, which is why I use it.
>
> But it also is in the minority which is why I find it acceptable for