fscrypt-crypt-util: fix HKDF self-test with latest OpenSSL

In OpenSSL 3.0, EVP_PKEY_derive() fails if the output is zero-length.
Therefore, update test_hkdf_sha512() to not test this case.

This only affects the algorithm self-tests within fscrypt-crypt-util,
which are not compiled by default.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Zorro Lang <zlang@kernel.org>

diff --git a/src/fscrypt-crypt-util.c b/src/fscrypt-crypt-util.c
index 087ae09a43d2ad70f40e72f5f8d7b5f0fb493dab..81d7d92882700dd29ea7b6434e04198a93d2d91c 100644 (file)
--- a/src/fscrypt-crypt-util.c
+++ b/src/fscrypt-crypt-util.c
@@ -975,7 +975,11 @@ static void test_hkdf_sha512(void)
                size_t ikmlen = 1 + (rand() % sizeof(ikm));
                size_t saltlen = rand() % (1 + sizeof(salt));
                size_t infolen = rand() % (1 + sizeof(info));
-               size_t outlen = rand() % (1 + sizeof(actual_output));
+               /*
+                * Don't test zero-length outputs, since OpenSSL 3.0 and later
+                * returns an error for those.
+                */
+               size_t outlen = 1 + (rand() % sizeof(actual_output));
 
                rand_bytes(ikm, ikmlen);
                rand_bytes(salt, saltlen);