From 299996fb1fcd76eeadfd547958de2a1b822f37f5 Mon Sep 17 00:00:00 2001 From: trinity-1686a Date: Mon, 15 Apr 2024 11:13:14 +0200 Subject: [PATCH] Handle empty param in EVP_PKEY_CTX_add1_hkdf_info Fixes #24130 The regression was introduced in PR #23456. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24141) --- crypto/evp/pmeth_lib.c | 2 ++ test/evp_extra_test.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 65f5fcb804..0a561323f1 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -1027,6 +1027,8 @@ static int evp_pkey_ctx_add1_octet_string(EVP_PKEY_CTX *ctx, int fallback, if (datalen < 0) { ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH); return 0; + } else if (datalen == 0) { + return 1; } /* Get the original value length */ diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index c46e288a1f..a42e42d929 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -2721,6 +2721,47 @@ static int test_emptyikm_HKDF(void) return ret; } +static int test_empty_salt_info_HKDF(void) +{ + EVP_PKEY_CTX *pctx; + unsigned char out[20]; + size_t outlen; + int ret = 0; + unsigned char salt[] = ""; + unsigned char key[] = "012345678901234567890123456789"; + unsigned char info[] = ""; + const unsigned char expected[] = { + 0x67, 0x12, 0xf9, 0x27, 0x8a, 0x8a, 0x3a, 0x8f, 0x7d, 0x2c, 0xa3, 0x6a, + 0xaa, 0xe9, 0xb3, 0xb9, 0x52, 0x5f, 0xe0, 0x06, + }; + size_t expectedlen = sizeof(expected); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "HKDF", testpropq))) + goto done; + + outlen = sizeof(out); + memset(out, 0, outlen); + + if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, + sizeof(salt) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key, + sizeof(key) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info, + sizeof(info) - 1), 0) + || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0) + || !TEST_mem_eq(out, outlen, expected, expectedlen)) + goto done; + + ret = 1; + + done: + EVP_PKEY_CTX_free(pctx); + + return ret; +} + #ifndef OPENSSL_NO_EC static int test_X509_PUBKEY_inplace(void) { @@ -5660,6 +5701,7 @@ int setup_tests(void) #endif ADD_TEST(test_HKDF); ADD_TEST(test_emptyikm_HKDF); + ADD_TEST(test_empty_salt_info_HKDF); #ifndef OPENSSL_NO_EC ADD_TEST(test_X509_PUBKEY_inplace); ADD_TEST(test_X509_PUBKEY_dup);