crypto_auth and crypto_auth_verify use empty byte string as a key by default
Closed this issue · 1 comments
vlevit commented
I wonder is there a reason why crypto_auth and crypto_auth_verify accept key which is empty byte string by default? Doesn't usage of empty string as a key defeat the purpose of authentication since everyone can make a valid authentication tag for a tampered message?
The crypto_auth() function computes a tag for the message in, whose length is inlen bytes, and the key k. k should be crypto_auth_KEYBYTES bytes. The function puts the tag into out. The tag is crypto_auth_BYTES bytes long.
(emphasis is mine)
stef commented
valid observation. this should be fixed.