From: Richard Levitte <levitte@openssl.org>
Date: Wed, 25 Apr 2018 20:53:40 +0000 (+0200)
Subject: PEM_def_callback(): use same parameter names as for pem_password_cb
X-Git-Tag: OpenSSL_1_1_0i~149
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=096adcf28ab75ec0bd83ce2cb7f0ba197ba4268f;p=openssl

PEM_def_callback(): use same parameter names as for pem_password_cb

Add a bit more commentary to explain what's going on.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6080)

(cherry picked from commit d6d94d339756332bbabe2a1032ac511ae31b3fdc)
---

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index eb9929adb1..04d374ba52 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -28,15 +28,16 @@ static int load_iv(char **fromp, unsigned char *to, int num);
 static int check_pem(const char *nm, const char *name);
 int pem_check_suffix(const char *pem_str, const char *suffix);
 
-int PEM_def_callback(char *buf, int num, int w, void *key)
+int PEM_def_callback(char *buf, int num, int rwflag, void *userdata)
 {
     int i, min_len;
     const char *prompt;
 
-    if (key) {
-        i = strlen(key);
+    /* We assume that the user passes a default password as userdata */
+    if (userdata) {
+        i = strlen(userdata);
         i = (i > num) ? num : i;
-        memcpy(buf, key, i);
+        memcpy(buf, userdata, i);
         return i;
     }
 
@@ -49,12 +50,15 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
         prompt = "Enter PEM pass phrase:";
 
     /*
-     * We assume that w == 0 means decryption,
-     * while w == 1 means encryption
+     * rwflag == 0 means decryption
+     * rwflag == 1 means encryption
+     *
+     * We assume that for encryption, we want a minimum length, while for
+     * decryption, we cannot know any minimum length, so we assume zero.
      */
-    min_len = w ? MIN_LENGTH : 0;
+    min_len = rwflag ? MIN_LENGTH : 0;
 
-    i = EVP_read_pw_string_min(buf, min_len, num, prompt, w);
+    i = EVP_read_pw_string_min(buf, min_len, num, prompt, rwflag);
     if (i != 0) {
         PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
         memset(buf, 0, (unsigned int)num);
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 2375d63553..655106b6aa 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -322,7 +322,8 @@ int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
 int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                   unsigned int *siglen, EVP_PKEY *pkey);
 
-int PEM_def_callback(char *buf, int num, int w, void *key);
+/* The default pem_password_cb that's used internally */
+int PEM_def_callback(char *buf, int num, int rwflag, void *userdata);
 void PEM_proc_type(char *buf, int type);
 void PEM_dek_info(char *buf, const char *type, int len, char *str);