From 2dbeecfc029ba26647c756b0882bc6e85e2e6b64 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 10 Jul 2025 18:11:19 +0200 Subject: [PATCH] openssl: Fix testing KDF_PRF in the constructor with OpenSSL 3.5.1 Setting the salt to NULL now fails, so we set it to hash length's zeroes, which is the default value for HKDF-Extract if no salt is passed. Fixes strongswan/strongswan#2828 --- src/libstrongswan/plugins/openssl/openssl_kdf.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/libstrongswan/plugins/openssl/openssl_kdf.c b/src/libstrongswan/plugins/openssl/openssl_kdf.c index cca81783ab..e1b67c920d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_kdf.c +++ b/src/libstrongswan/plugins/openssl/openssl_kdf.c @@ -201,6 +201,14 @@ kdf_t *openssl_kdf_create(key_derivation_function_t algo, va_list args) .key = chunk_clone(chunk_from_str("00000000000000000000000000000000")), ); + /* also generate a salt (as if none was provided, i.e. zeroes of hash length) + * as OpenSSL 3.5.1+ won't accept NULL anymore */ + if (algo == KDF_PRF) + { + this->salt = chunk_copy_pad(chunk_alloc(get_length(this)), + chunk_empty, 0); + } + if (!this->hasher || !get_bytes(this, algo == KDF_PRF ? get_length(this) : sizeof(buf), buf)) { -- 2.47.2