diff options
author | Richard Levitte <levitte@openssl.org> | 2016-05-16 17:29:43 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2016-05-16 18:03:40 +0200 |
commit | b160f2823fb3bafdf8728ea251aab0d07888b934 (patch) | |
tree | 1d922ae5bbccf5367a6348836eabc6c49265ec49 | |
parent | 8f41ff2d53eb43046012c7843f1f1e213b3650ea (diff) | |
download | openssl-b160f2823fb3bafdf8728ea251aab0d07888b934.zip openssl-b160f2823fb3bafdf8728ea251aab0d07888b934.tar.gz openssl-b160f2823fb3bafdf8728ea251aab0d07888b934.tar.bz2 |
Don't require any length of password when decrypting
RT#2534
Reviewed-by: Tim Hudson <tjh@openssl.org>
-rw-r--r-- | crypto/pem/pem_lib.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 6ee3b8e..4ca6187 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -98,17 +98,23 @@ int PEM_def_callback(char *buf, int num, int w, void *key) prompt = "Enter PEM pass phrase:"; for (;;) { - i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); + /* + * We assume that w == 0 means decryption, + * while w == 1 means encryption + */ + int min_len = w ? MIN_LENGTH : 0; + + i = EVP_read_pw_string_min(buf, min_len, num, prompt, w); if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD); memset(buf, 0, (unsigned int)num); return (-1); } j = strlen(buf); - if (j < MIN_LENGTH) { + if (min_len && j < min_len) { fprintf(stderr, "phrase is too short, needs to be at least %d chars\n", - MIN_LENGTH); + min_len); } else break; } |