From 938e9ad7be9ca87c8a89e740bcbe2cadeea1304e Mon Sep 17 00:00:00 2001
From: Victor Kolesnikov <victork1996@gmail.com>
Date: Thu, 29 Nov 2018 23:19:23 +0200
Subject: [PATCH] Fixed some OpenSSL compatibility issues in
 wolfSSL_EVP_BytesToKey

Fixed wrong error checks, changed return value to the size of the derived key, added support for the case where data == NULL and removed the assignment of constant value to info->ivSz (the correct value is assigned to it inside 'wc_EncryptedInfoGet')
---
 src/ssl.c | 30 ++++++++++++++++++++----------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 99bd48497..0bf7c99ac 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -12247,21 +12247,31 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
     #endif
 
         XMEMSET(info, 0, sizeof(EncryptedInfo));
-        info->ivSz = EVP_SALT_SIZE;
 
-        ret = wolfSSL_EVP_get_hashinfo(md, &hashType, NULL);
-        if (ret == 0)
-            ret = wc_EncryptedInfoGet(info, type);
-        if (ret == 0)
-            ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
-                               EVP_SALT_SIZE, count, hashType, NULL);
+        ret = wc_EncryptedInfoGet(info, type);
+		if (ret < 0)
+			goto end;
 
+		if (data == NULL) {
+			ret = info->keySz;
+			goto end;
+		}
+
+		ret = wolfSSL_EVP_get_hashinfo(md, &hashType, NULL);
+		if (ret == WOLFSSL_FAILURE)
+			goto end;
+        
+		ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
+                            EVP_SALT_SIZE, count, hashType, NULL);
+		if (ret == 0)
+			ret = info->keySz;
+
+	end:
     #ifdef WOLFSSL_SMALL_STACK
         XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);
     #endif
-
-        if (ret <= 0)
-            return 0; /* failure - for compatibility */
+		if (ret < 0)
+			return 0; /* failure - for compatibility */
 
         return ret;
     }