From 9caf25d1449e78d0ab145c5bde936d4760bc528f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 27 Mar 2010 19:27:51 +0000 Subject: [PATCH] PR: 1904 Submitted by: David Woodhouse Pass passphrase minimum length down to UI. --- crypto/evp/evp.h | 1 + crypto/evp/evp_key.c | 9 +++++++-- crypto/pem/pem_lib.c | 2 +- util/libeay.num | 1 + 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 41fdb2b3f8..9f9795e2d9 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -522,6 +522,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); +int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify); void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 361ea69ab6..839d6a3a16 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void) * in the DES library -- if someone ever wants to disable DES, * this function will fail */ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) + { + return EVP_read_pw_string_min(buf, 0, len, prompt, verify); + } + +int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { int ret; char buff[BUFSIZ]; @@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) if ((prompt == NULL) && (prompt_string[0] != '\0')) prompt=prompt_string; ui = UI_new(); - UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len); + UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len); if (verify) UI_add_verify_string(ui,prompt,0, - buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); + buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf); ret = UI_process(ui); UI_free(ui); OPENSSL_cleanse(buff,BUFSIZ); diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index a547fdc933..42e4861bc1 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -105,7 +105,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) for (;;) { - i=EVP_read_pw_string(buf,num,prompt,w); + i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w); if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); diff --git a/util/libeay.num b/util/libeay.num index 597fbd539c..007e1f8ba6 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -4175,3 +4175,4 @@ X509_subject_name_hash_old 4548 EXIST::FUNCTION:MD5 EVP_CIPHER_CTX_copy 4549 EXIST::FUNCTION: UI_method_get_prompt_constructor 4550 EXIST::FUNCTION: UI_method_set_prompt_constructor 4551 EXIST::FUNCTION: +EVP_read_pw_string_min 4552 EXIST::FUNCTION: -- 2.25.1