From b1413d9bd9d2222823ca1ba2d6cdf4849e635231 Mon Sep 17 00:00:00 2001
From: Emilia Kasper <emilia@openssl.org>
Date: Thu, 10 Sep 2015 15:17:58 +0200
Subject: RT3095: allow NULL key for single-shot HMAC

In HMAC_Init_ex, NULL key signals reuse, but in single-shot HMAC,
we can allow it to signal an empty key for convenience.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
---
 crypto/hmac/hmac.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'crypto/hmac')

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 0a3b09fadb..f372955c60 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -248,11 +248,18 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 {
     HMAC_CTX *c = NULL;
     static unsigned char m[EVP_MAX_MD_SIZE];
+    static const unsigned char dummy_key[1] = {'\0'};
 
     if (md == NULL)
         md = m;
     if ((c = HMAC_CTX_new()) == NULL)
         goto err;
+
+    /* For HMAC_Init_ex, NULL key signals reuse. */
+    if (key == NULL && key_len == 0) {
+        key = dummy_key;
+    }
+
     if (!HMAC_Init_ex(c, key, key_len, evp_md, NULL))
         goto err;
     if (!HMAC_Update(c, d, n))
-- 
cgit v1.2.3