From 253d7622222166959d1a5e724434aae3fbd2537d Mon Sep 17 00:00:00 2001
From: Victor Stinner <vstinner@redhat.com>
Date: Thu, 14 Mar 2019 15:23:04 +0100
Subject: [PATCH] EVP_PBE_scrypt() handles salt=NULL as salt=""

Modify EVP_PBE_scrypt() to maintain OpenSSL 1.1.1 behavior: salt=NULL
is now handled as salt="" (and saltlen=0).

Commit 5a285addbf39f91d567f95f04b2b41764127950d changed the behavior
of EVP_PBE_scrypt(salt=NULL). Previously, salt=NULL was accepted, but
the function now fails with KDF_R_MISSING_SALT.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8483)
---
 crypto/evp/pbe_scrypt.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index cad0440e5d..c0ab238eb8 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -52,6 +52,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
         pass = empty;
         passlen = 0;
     }
+    if (salt == NULL) {
+        salt = (const unsigned char *)empty;
+        saltlen = 0;
+    }
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
 
-- 
2.25.1