From: Dr. Stephen Henson Date: Sat, 27 Mar 2010 19:31:55 +0000 (+0000) Subject: PR: 1904 X-Git-Tag: OpenSSL-fips-2_0-rc1~1168 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=08df41277a2e0048af93ae33094923040a4e7f13;p=openssl PR: 1904 Submitted by: David Woodhouse Pass passphrase minimum length down to UI. --- diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index d8ae457e6b..037f14be23 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -523,6 +523,7 @@ __owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); __owur int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); +int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify); void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index a22fa5036e..7961fbebf2 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void) * in the DES library -- if someone ever wants to disable DES, * this function will fail */ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) + { + return EVP_read_pw_string_min(buf, 0, len, prompt, verify); + } + +int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { int ret; char buff[BUFSIZ]; @@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) if ((prompt == NULL) && (prompt_string[0] != '\0')) prompt=prompt_string; ui = UI_new(); - UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len); + UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len); if (verify) UI_add_verify_string(ui,prompt,0, - buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); + buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf); ret = UI_process(ui); UI_free(ui); OPENSSL_cleanse(buff,BUFSIZ); diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 27f0544c06..18cde7c2d9 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -105,7 +105,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) for (;;) { - i=EVP_read_pw_string(buf,num,prompt,w); + i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w); if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);