HMAC verification with EVP Interface

Ken Goldman kgoldman at us.ibm.com
Thu Aug 26 12:46:23 UTC 2021

Previous message: HMAC verification with EVP Interface
Next message: HMAC verification with EVP Interface
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/26/2021 5:35 AM, d0 wrote:
> Don't forget to use CRYPTO_memcmp for comparing the HMACs, not regular
> ol' memcmp.

What's the rationale?  The HMAC result isn't secret.

Previous message: HMAC verification with EVP Interface
Next message: HMAC verification with EVP Interface
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-users mailing list