You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am not quite sure why the division by 8 in the snippet below was added. The cumulative size of the output array is always self._algorithm.digest_size * len(output) and thus we can stop after self._algorithm.digest_size * len(output) >= self._length. At first I thought this might be a clever trick taken from the paper, but I didn't find it there. I guess there was a mixup between bits and bytes at some point.
This is a security fix, see
pyca/cryptography#3211 for more details.
We don't have any code directly in olympia that uses cryptography but a
few external libraries that depend on it.
For too small key sizes,
HKDF.derive()
outputs an empty array instead of a small key:Program:
Output:
Suggested fix:
I am not quite sure why the division by 8 in the snippet below was added. The cumulative size of the output array is always
self._algorithm.digest_size * len(output)
and thus we can stop afterself._algorithm.digest_size * len(output) >= self._length
. At first I thought this might be a clever trick taken from the paper, but I didn't find it there. I guess there was a mixup between bits and bytes at some point.The text was updated successfully, but these errors were encountered: