diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2021-01-14 15:53:08 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-01-21 18:08:02 +0100 |
commit | 6253cdcc8ea7b0116a43ee596ac03e0b04b8b762 (patch) | |
tree | cbfb7adcec4ac7f8163c629b3656366f404d474a | |
parent | f23e4a17a2309793a0ac787725736f1c4474c804 (diff) | |
download | openssl-new-6253cdcc8ea7b0116a43ee596ac03e0b04b8b762.tar.gz |
kdf_exch.c (kdf_derive): Proper handling of NULL secret
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
-rw-r--r-- | providers/implementations/exchange/kdf_exch.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c index c022a35107..43652faf50 100644 --- a/providers/implementations/exchange/kdf_exch.c +++ b/providers/implementations/exchange/kdf_exch.c @@ -95,7 +95,13 @@ static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen, if (!ossl_prov_is_running()) return 0; - return EVP_KDF_derive(pkdfctx->kdfctx, secret, *secretlen); + + if (secret == NULL) { + *secretlen = EVP_KDF_CTX_get_kdf_size(pkdfctx->kdfctx); + return 1; + } + + return EVP_KDF_derive(pkdfctx->kdfctx, secret, outlen); } static void kdf_freectx(void *vpkdfctx) |