diff options
| author | Richard Levitte <levitte@openssl.org> | 2018-04-25 22:53:40 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-04-26 10:39:44 +0200 |
| commit | d6d94d339756332bbabe2a1032ac511ae31b3fdc (patch) | |
| tree | eec065cc29c5b53bdfd005d7d9c5c70b36a9c8e0 | |
| parent | 4977b4e9281c981efcf6a8b31378b8bbd6a8a96f (diff) | |
PEM_def_callback(): use same parameter names as for pem_password_cb
Add a bit more commentary to explain what's going on.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6080)
| -rw-r--r-- | crypto/pem/pem_lib.c | 20 | ||||
| -rw-r--r-- | include/openssl/pem.h | 3 |
2 files changed, 14 insertions, 9 deletions
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 3be12d661a..5000f268b9 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -28,15 +28,16 @@ static int load_iv(char **fromp, unsigned char *to, int num); static int check_pem(const char *nm, const char *name); int pem_check_suffix(const char *pem_str, const char *suffix); -int PEM_def_callback(char *buf, int num, int w, void *key) +int PEM_def_callback(char *buf, int num, int rwflag, void *userdata) { int i, min_len; const char *prompt; - if (key) { - i = strlen(key); + /* We assume that the user passes a default password as userdata */ + if (userdata) { + i = strlen(userdata); i = (i > num) ? num : i; - memcpy(buf, key, i); + memcpy(buf, userdata, i); return i; } @@ -45,12 +46,15 @@ int PEM_def_callback(char *buf, int num, int w, void *key) prompt = "Enter PEM pass phrase:"; /* - * We assume that w == 0 means decryption, - * while w == 1 means encryption + * rwflag == 0 means decryption + * rwflag == 1 means encryption + * + * We assume that for encryption, we want a minimum length, while for + * decryption, we cannot know any minimum length, so we assume zero. */ - min_len = w ? MIN_LENGTH : 0; + min_len = rwflag ? MIN_LENGTH : 0; - i = EVP_read_pw_string_min(buf, min_len, num, prompt, w); + i = EVP_read_pw_string_min(buf, min_len, num, prompt, rwflag); if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD); memset(buf, 0, (unsigned int)num); diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 165544cba4..2ef5b5d04c 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -280,7 +280,8 @@ int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey); -int PEM_def_callback(char *buf, int num, int w, void *key); +/* The default pem_password_cb that's used internally */ +int PEM_def_callback(char *buf, int num, int rwflag, void *userdata); void PEM_proc_type(char *buf, int type); void PEM_dek_info(char *buf, const char *type, int len, char *str); |