From: Victor Stinner Date: Thu, 14 Mar 2019 14:23:04 +0000 (+0100) Subject: EVP_PBE_scrypt() handles salt=NULL as salt="" X-Git-Tag: openssl-3.0.0-alpha1~2355 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=253d7622222166959d1a5e724434aae3fbd2537d;p=oweals%2Fopenssl.git EVP_PBE_scrypt() handles salt=NULL as salt="" Modify EVP_PBE_scrypt() to maintain OpenSSL 1.1.1 behavior: salt=NULL is now handled as salt="" (and saltlen=0). Commit 5a285addbf39f91d567f95f04b2b41764127950d changed the behavior of EVP_PBE_scrypt(salt=NULL). Previously, salt=NULL was accepted, but the function now fails with KDF_R_MISSING_SALT. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8483) --- diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index cad0440e5d..c0ab238eb8 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -52,6 +52,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, pass = empty; passlen = 0; } + if (salt == NULL) { + salt = (const unsigned char *)empty; + saltlen = 0; + } if (maxmem == 0) maxmem = SCRYPT_MAX_MEM;