diff options
author | Victor Costan <costan@gmail.com> | 2013-02-08 20:47:00 -0500 |
---|---|---|
committer | Fedor Indutny <fedor.indutny@gmail.com> | 2013-02-12 14:11:22 +0400 |
commit | e235bce2ba399ac93f0ef86a33f25cc19b08af14 (patch) | |
tree | 6b30abc5ad452a4e7dcf14a6c3c4f932f9cb5402 /src | |
parent | 02374d0c178b7c8cccab2d1daaa1bf601838bea5 (diff) | |
download | node-e235bce2ba399ac93f0ef86a33f25cc19b08af14.tar.gz |
Fix crypto.hmac behavior with empty keys.
node 0.9.6 introduced Buffer changes that cause the key argument of
Hmac::HmacInit (used in crypto.createHmac) to be NULL when the key is
empty. This argument is passed to OpenSSL's HMAC_Init, which does not
like NULL keys.
This change works around the issue by passing an empty string to
HMAC_Init when the key is empty, and adds crypto.createHmac tests for
the edge cases of empty keys and values.
Diffstat (limited to 'src')
-rw-r--r-- | src/node_crypto.cc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index e861bb34f..7fe81876f 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2641,7 +2641,11 @@ class Hmac : public ObjectWrap { return false; } HMAC_CTX_init(&ctx); - HMAC_Init(&ctx, key, key_len, md); + if (key_len == 0) { + HMAC_Init(&ctx, "", 0, md); + } else { + HMAC_Init(&ctx, key, key_len, md); + } initialised_ = true; return true; |