diff options
author | Jon Spillett <jon.spillett@oracle.com> | 2020-09-08 16:46:13 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-09-17 18:27:28 +1000 |
commit | 00108705369078097c652149c26dcbfd36ecaf76 (patch) | |
tree | 8bf7ca0cd6fb568ef908b682f6f807c54e88181b /providers | |
parent | ec4c86d9ec132aaa31c7e6892dde4dbb11397168 (diff) |
Allow zero-length secret for EVP_KDF API
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12826)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/macs/hmac_prov.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index 2f99e75a88..13d159e7e7 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -127,7 +127,7 @@ static void *hmac_dup(void *vsrc) } if (src->key != NULL) { /* There is no "secure" OPENSSL_memdup */ - dst->key = OPENSSL_secure_malloc(src->keylen); + dst->key = OPENSSL_secure_malloc(src->keylen > 0 ? src->keylen : 1); if (dst->key == NULL) { hmac_free(dst); return 0; @@ -278,7 +278,7 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) if (macctx->keylen > 0) OPENSSL_secure_clear_free(macctx->key, macctx->keylen); /* Keep a copy of the key if we need it for TLS HMAC */ - macctx->key = OPENSSL_secure_malloc(p->data_size); + macctx->key = OPENSSL_secure_malloc(p->data_size > 0 ? p->data_size : 1); if (macctx->key == NULL) return 0; memcpy(macctx->key, p->data, p->data_size); |