Meta+LibCrypto: Update openssl to version 3.5.1

This contains an API change that disallows setting the salt to a null value. See: 4f5ffddfcb This seems to be the opposite of the intended effect of that change, but this patch includes a workaround nonetheless. Co-Authored-By: devgianlu <altomanigianluca@gmail.com>
Author: https://github.com/trflynn89 Commit: c6ebb7bf55 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/5472 Reviewed-by: https://github.com/gmta ✅
2025-07-28 19:59:17 +00:00 · 2025-07-16 07:04:15 -04:00 · 2025-07-16 07:04:15 -04:00 · c6ebb7bf55 · 2025-07-16 15:04:37 +00:00
commit c6ebb7bf55
parent 2d121097c9
2 changed files with 10 additions and 2 deletions
--- a/Libraries/LibCrypto/Hash/HKDF.cpp
+++ b/Libraries/LibCrypto/Hash/HKDF.cpp
@ -32,8 +32,16 @@ ErrorOr<ByteBuffer> HKDF::derive_key(Optional<ReadonlyBytes> maybe_salt, Readonl
        OSSL_PARAM_END,
        OSSL_PARAM_END,
    };
+
    if (maybe_salt.has_value()) {
-        params[3] = OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, const_cast<u8*>(maybe_salt->data()), maybe_salt->size());
+        static constexpr u8 empty_salt[0] {};
+
+        // FIXME: As of openssl 3.5.1, we can no longer pass a null salt pointer. This seems like a mistake; we should
+        //        check if this is still the case in the next openssl release. See:
+        //        https://github.com/openssl/openssl/pull/27305#discussion_r2198316685
+        auto salt = maybe_salt->is_null() ? ReadonlySpan<u8> { empty_salt, 0 } : *maybe_salt;
+
+        params[3] = OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, const_cast<u8*>(salt.data()), salt.size());
    }

    auto buf = TRY(ByteBuffer::create_uninitialized(key_length_bytes));