From 253d7622222166959d1a5e724434aae3fbd2537d Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Thu, 14 Mar 2019 15:23:04 +0100 Subject: [PATCH] EVP_PBE_scrypt() handles salt=NULL as salt="" Modify EVP_PBE_scrypt() to maintain OpenSSL 1.1.1 behavior: salt=NULL is now handled as salt="" (and saltlen=0). Commit 5a285addbf39f91d567f95f04b2b41764127950d changed the behavior of EVP_PBE_scrypt(salt=NULL). Previously, salt=NULL was accepted, but the function now fails with KDF_R_MISSING_SALT. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8483) --- crypto/evp/pbe_scrypt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index cad0440e5d..c0ab238eb8 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -52,6 +52,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, pass = empty; passlen = 0; } + if (salt == NULL) { + salt = (const unsigned char *)empty; + saltlen = 0; + } if (maxmem == 0) maxmem = SCRYPT_MAX_MEM; -- 2.25.1