If openssl is compiled with no-ui or no-stdio, then PEM_read_bio_PrivateKey fails if a password but no callback is provided.
The reason is that the premature return in the PEM_def_callback implementation when OPENSSL_NO_STDIO or OPENSSL_NO_UI is defined, comes too early.
This patch moves the ifdef block to the correct place.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
int PEM_def_callback(char *buf, int num, int w, void *key)
{
-#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
- /*
- * We should not ever call the default callback routine from windows.
- */
- PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (-1);
-#else
int i, j;
const char *prompt;
if (key) {
return (i);
}
+#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
+ /*
+ * We should not ever call the default callback routine from windows.
+ */
+ PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (-1);
+#else
prompt = EVP_get_pw_prompt();
if (prompt == NULL)
prompt = "Enter PEM pass phrase:";