sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-03 00:00:24 -04:00
Code Issues Projects Releases Wiki Activity

openssl: Don't allocate salt if PRF/hash is unknown

Browse Source 
This can happen if e.g. AES-XCBC is selected.

Fixes: 2dbeecfc029b ("openssl: Fix testing KDF_PRF in the constructor with OpenSSL 3.5.1")
This commit is contained in:
Tobias Brunner 2025-07-11 11:42:47 +02:00
parent 2c32412594
commit 43b805b2da
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libstrongswan/plugins/openssl/openssl_kdf.c
View File

@ -203,7 +203,7 @@ kdf_t *openssl_kdf_create(key_derivation_function_t algo, va_list args)
/* also generate a salt (as if none was provided, i.e. zeroes of hash length)
* as OpenSSL 3.5.1+ won't accept NULL anymore */
if (algo == KDF_PRF)
if (algo == KDF_PRF && this->hasher)
{
this->salt = chunk_copy_pad(chunk_alloc(get_length(this)),
chunk_empty, 0);