Add UI functions to set result with explicit length and to retrieve the length

This allows completely arbitrary passphrases to be entered, including NUL bytes. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3821)
author: Richard Levitte <levitte@openssl.org> 2017-07-01 12:39:51 +0200
committer: Richard Levitte <levitte@openssl.org> 2017-09-08 20:06:06 +0200
commit: 4e049e2c3658ee2bc6e63e696a3779d2f9eed377 (patch)
tree: 3991cd2f4d5fb0d64b515dcc5bcc8a12443454e7 /crypto
parent: a8c5ed812d1537728807059b4182d358bb2ca7c1 (diff)
download: openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.zip
openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.tar.gz
openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.tar.bz2
5 files changed, 56 insertions, 10 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 4b3c55b..253e0ab 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1355,9 +1355,11 @@ UI_F_UI_DUP_INPUT_STRING:103:UI_dup_input_string
 UI_F_UI_DUP_USER_DATA:118:UI_dup_user_data
 UI_F_UI_DUP_VERIFY_STRING:106:UI_dup_verify_string
 UI_F_UI_GET0_RESULT:107:UI_get0_result
+UI_F_UI_GET_RESULT_LENGTH:119:UI_get_result_length
 UI_F_UI_NEW_METHOD:104:UI_new_method
 UI_F_UI_PROCESS:113:UI_process
 UI_F_UI_SET_RESULT:105:UI_set_result
+UI_F_UI_SET_RESULT_EX:120:UI_set_result_ex
 X509V3_F_A2I_GENERAL_NAME:164:a2i_GENERAL_NAME
 X509V3_F_ADDR_VALIDATE_PATH_INTERNAL:166:addr_validate_path_internal
 X509V3_F_ASIDENTIFIERCHOICE_CANONIZE:161:ASIdentifierChoice_canonize
diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
index 6a44f7a..e69163c 100644
--- a/crypto/ui/ui_err.c
+++ b/crypto/ui/ui_err.c
@@ -33,9 +33,12 @@ static const ERR_STRING_DATA UI_str_functs[] = {
     {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_VERIFY_STRING, 0),
      "UI_dup_verify_string"},
     {ERR_PACK(ERR_LIB_UI, UI_F_UI_GET0_RESULT, 0), "UI_get0_result"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_GET_RESULT_LENGTH, 0),
+     "UI_get_result_length"},
     {ERR_PACK(ERR_LIB_UI, UI_F_UI_NEW_METHOD, 0), "UI_new_method"},
     {ERR_PACK(ERR_LIB_UI, UI_F_UI_PROCESS, 0), "UI_process"},
     {ERR_PACK(ERR_LIB_UI, UI_F_UI_SET_RESULT, 0), "UI_set_result"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_SET_RESULT_EX, 0), "UI_set_result_ex"},
     {0, NULL}
 };
 
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 5b3eaff..4727d56 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -441,6 +441,19 @@ const char *UI_get0_result(UI *ui, int i)
     return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
 }
 
+int UI_get_result_length(UI *ui, int i)
+{
+    if (i < 0) {
+        UIerr(UI_F_UI_GET_RESULT_LENGTH, UI_R_INDEX_TOO_SMALL);
+        return -1;
+    }
+    if (i >= sk_UI_STRING_num(ui->strings)) {
+        UIerr(UI_F_UI_GET_RESULT_LENGTH, UI_R_INDEX_TOO_LARGE);
+        return -1;
+    }
+    return UI_get_result_string_length(sk_UI_STRING_value(ui->strings, i));
+}
+
 static int print_error(const char *str, size_t len, UI *ui)
 {
     UI_STRING uis;
@@ -796,6 +809,21 @@ const char *UI_get0_result_string(UI_STRING *uis)
     return NULL;
 }
 
+int UI_get_result_string_length(UI_STRING *uis)
+{
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_VERIFY:
+        return uis->result_len;
+    case UIT_NONE:
+    case UIT_BOOLEAN:
+    case UIT_INFO:
+    case UIT_ERROR:
+        break;
+    }
+    return -1;
+}
+
 const char *UI_get0_test_string(UI_STRING *uis)
 {
     switch (uis->type) {
@@ -843,8 +871,18 @@ int UI_get_result_maxsize(UI_STRING *uis)
 
 int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
 {
-    int l = strlen(result);
+#if 0
+    /*
+     * This is placed here solely to preserve UI_F_UI_SET_RESULT
+     * To be removed for OpenSSL 1.2.0
+     */
+    UIerr(UI_F_UI_SET_RESULT, ERR_R_DISABLED);
+#endif
+    return UI_set_result_ex(ui, uis, result, strlen(result));
+}
 
+int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len)
+{
     ui->flags &= ~UI_FLAG_REDOABLE;
 
     switch (uis->type) {
@@ -859,16 +897,16 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
             BIO_snprintf(number2, sizeof(number2), "%d",
                          uis->_.string_data.result_maxsize);
 
-            if (l < uis->_.string_data.result_minsize) {
+            if (len < uis->_.string_data.result_minsize) {
                 ui->flags |= UI_FLAG_REDOABLE;
-                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL);
+                UIerr(UI_F_UI_SET_RESULT_EX, UI_R_RESULT_TOO_SMALL);
                 ERR_add_error_data(5, "You must type in ",
                                    number1, " to ", number2, " characters");
                 return -1;
             }
-            if (l > uis->_.string_data.result_maxsize) {
+            if (len > uis->_.string_data.result_maxsize) {
                 ui->flags |= UI_FLAG_REDOABLE;
-                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE);
+                UIerr(UI_F_UI_SET_RESULT_EX, UI_R_RESULT_TOO_LARGE);
                 ERR_add_error_data(5, "You must type in ",
                                    number1, " to ", number2, " characters");
                 return -1;
@@ -876,19 +914,21 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
         }
 
         if (uis->result_buf == NULL) {
-            UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+            UIerr(UI_F_UI_SET_RESULT_EX, UI_R_NO_RESULT_BUFFER);
             return -1;
         }
 
-        OPENSSL_strlcpy(uis->result_buf, result,
-                    uis->_.string_data.result_maxsize + 1);
+        memcpy(uis->result_buf, result, len);
+        if (len <= uis->_.string_data.result_maxsize)
+            uis->result_buf[len] = '\0';
+        uis->result_len = len;
         break;
     case UIT_BOOLEAN:
         {
             const char *p;
 
             if (uis->result_buf == NULL) {
-                UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+                UIerr(UI_F_UI_SET_RESULT_EX, UI_R_NO_RESULT_BUFFER);
                 return -1;
             }
 
diff --git a/crypto/ui/ui_locl.h b/crypto/ui/ui_locl.h
index 1b0d596..19b33b8 100644
--- a/crypto/ui/ui_locl.h
+++ b/crypto/ui/ui_locl.h
@@ -71,6 +71,7 @@ struct ui_string_st {
                                  * Otherwise, it may be allocated by the UI
                                  * routine, meaning result_minsize is going
                                  * to be overwritten. */
+    size_t result_len;
     union {
         struct {
             int result_minsize; /* Input: minimum required size of the
diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c
index dbfeecc..7249a07 100644
--- a/crypto/ui/ui_util.c
+++ b/crypto/ui/ui_util.c
@@ -116,7 +116,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
                 result[len] = '\0';
             if (len <= 0)
                 return len;
-            if (UI_set_result(ui, uis, result) >= 0)
+            if (UI_set_result_ex(ui, uis, result, len) >= 0)
                 return 1;
             return 0;
         }
author	Richard Levitte <levitte@openssl.org>	2017-07-01 12:39:51 +0200
committer	Richard Levitte <levitte@openssl.org>	2017-09-08 20:06:06 +0200
commit	4e049e2c3658ee2bc6e63e696a3779d2f9eed377 (patch)
tree	3991cd2f4d5fb0d64b515dcc5bcc8a12443454e7 /crypto
parent	a8c5ed812d1537728807059b4182d358bb2ca7c1 (diff)
download	openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.zip openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.tar.gz openssl-4e049e2c3658ee2bc6e63e696a3779d2f9eed377.tar.bz2