It is undefined behaviour to send NULL as either the src, or dest params
in memcpy.
In pkey_kdf.c we had a check to ensure that the src address is non-NULL.
However in some situations it is possible that the dest address could also
be NULL. Specifically in the case where the datalen is 0 and we are using
a newly allocated BUF_MEM.
We add a check of datalen to avoid the undefined behaviour.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9868)
BUF_MEM_grow() returns the passed length, but also zero on error. If
the passed length was zero, an extra check to see if a returned zero
was an error or not is needed.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
pkey_kdf_ctrl_str() has to do the same kind of special treatment as
pkey_kdf_ctrl() does.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
Undo the caching scheme, pass through most controls as parameters, except
for SEED and INFO, where we keep supporting adding data through additional
ctrl calls by collecting the data, and only passing it to the EVP_KDF
before calling its derive function.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
Changed PKEY/KDF API to call the new API.
Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs.
Documentation updated.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6674)
