Don't require any length of password when decrypting

RT#2534 Reviewed-by: Matt Caswell <matt@openssl.org>
author: Richard Levitte <levitte@openssl.org> 2016-05-16 17:29:43 +0200
committer: Richard Levitte <levitte@openssl.org> 2016-05-17 17:18:25 +0200
commit: cbacc6f7e96b2d6d6d2ae3c1984ca7df439fe4c5 (patch)
tree: ef2e9a7fb9130a86314a7c6cf5e42eea7d47529c /crypto/pem
parent: 477b9afc68863bb287f3b629ff0879e2fababbb7 (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index fe881d6641..ac4faae047 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -105,17 +105,23 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
         prompt = "Enter PEM pass phrase:";
 
     for (;;) {
-        i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
+        /*
+         * We assume that w == 0 means decryption,
+         * while w == 1 means encryption
+         */
+        int min_len = w ? MIN_LENGTH : 0;
+
+        i = EVP_read_pw_string_min(buf, min_len, num, prompt, w);
         if (i != 0) {
             PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
             memset(buf, 0, (unsigned int)num);
             return (-1);
         }
         j = strlen(buf);
-        if (j < MIN_LENGTH) {
+        if (min_len && j < min_len) {
             fprintf(stderr,
                     "phrase is too short, needs to be at least %d chars\n",
-                    MIN_LENGTH);
+                    min_len);
         } else
             break;
     }
author	Richard Levitte <levitte@openssl.org>	2016-05-16 17:29:43 +0200
committer	Richard Levitte <levitte@openssl.org>	2016-05-17 17:18:25 +0200
commit	cbacc6f7e96b2d6d6d2ae3c1984ca7df439fe4c5 (patch)
tree	ef2e9a7fb9130a86314a7c6cf5e42eea7d47529c /crypto/pem
parent	477b9afc68863bb287f3b629ff0879e2fababbb7 (diff)