This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author miguendes
Recipients miguendes
Date 2021-05-03.10:21:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I had a look at the HMAC RFC and apparently empty bytes sequence can be used as secret key.

"The definition of HMAC requires a cryptographic hash function, which
we denote by H, and a secret key K. 


The authentication key K can be of any length up to B, the
block length of the hash function."

Assuming that is the case, the fix would be to change the Listener to:

        if self._authkey is not None:
            deliver_challenge(c, self._authkey)
            answer_challenge(c, self._authkey)
        return c

I created a PR for that, if anyone can review it, I appreciate it.
Date User Action Args
2021-05-03 10:21:39miguendessetrecipients: + miguendes
2021-05-03 10:21:39miguendessetmessageid: <>
2021-05-03 10:21:39miguendeslinkissue43952 messages
2021-05-03 10:21:39miguendescreate