From f1343ae9eceb3cc3aed1331a27b397f975ae84c3 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Mon, 29 May 2017 05:53:28 -0400
Subject: Avoid infinite loop in PGP-S2K

In simple mode (no salt) with an empty password the input buffer
is empty.

Add a check that salt is not empty if iterations > 1 since PGP
only has simple, salted, and iterated+salted modes.
---
 src/tests/data/pbkdf/pgp_s2k.vec | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/tests')

diff --git a/src/tests/data/pbkdf/pgp_s2k.vec b/src/tests/data/pbkdf/pgp_s2k.vec
index 21bac5343..0335be8a0 100644
--- a/src/tests/data/pbkdf/pgp_s2k.vec
+++ b/src/tests/data/pbkdf/pgp_s2k.vec
@@ -1,6 +1,11 @@
 [OpenPGP-S2K(SHA-160)]
 # Generated using Golang x/crypto/openpgp/s2k
 
+Salt =
+Iterations = 1
+Passphrase = 
+Output = DA39A3EE5E6B
+
 Salt =
 Iterations = 1
 Passphrase = hello
-- 
cgit v1.2.3