-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
```
What steps will reproduce the problem?
1. Generate CryptoJS.HmacSHA256 signature 10000 times with the same data and key
2. Compare results
3. Notice a varying number of wrong results per execution…
-
Probably user-error, as I didn't hash the message before signing. But sjcl happily generates a signature, and happily validates an incorrect message as 'true' -- which I think is very dangerous behavi…