DDS-SECURITY 1.2 RTF Avatar
  1. OMG Issue

DDSSEC12 — Specify number of constant bytes in HMAC input when computing SessionKey

  • Key: DDSSEC12-53
  • Status: open  
  • Source: OCI ( Adam Mitz)
  • Summary:

    The string literal "SessionKey" (and "SessionReceiverKey") is used without additional context as part of the binary input to HMAC. Add to this section that the ASCII encoding of "SessionKey" without a nul terminator is required.

  • Reported: DDS-SECURITY 1.1b1 — Wed, 11 Apr 2018 18:07 GMT
  • Updated: Wed, 11 Apr 2018 18:07 GMT