Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
uint64_t p, r, N;
size_t saltlen;
size_t keylen = 0;
- int rv = 0;
+ int t, rv = 0;
SCRYPT_PARAMS *sparam = NULL;
if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
goto err;
}
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ t = EVP_CIPHER_CTX_key_length(ctx);
+ if (t < 0) {
+ EVPerr(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+ goto err;
+ }
+ keylen = t;
/* Now check the parameters of sparam */