summaryrefslogtreecommitdiffstats
path: root/freebsd/crypto/openssl/crypto/pem/pem_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'freebsd/crypto/openssl/crypto/pem/pem_lib.c')
-rw-r--r--freebsd/crypto/openssl/crypto/pem/pem_lib.c59
1 files changed, 24 insertions, 35 deletions
diff --git a/freebsd/crypto/openssl/crypto/pem/pem_lib.c b/freebsd/crypto/openssl/crypto/pem/pem_lib.c
index 53e44553..9af24f46 100644
--- a/freebsd/crypto/openssl/crypto/pem/pem_lib.c
+++ b/freebsd/crypto/openssl/crypto/pem/pem_lib.c
@@ -84,51 +84,39 @@ static int load_iv(char **fromp, unsigned char *to, int num);
static int check_pem(const char *nm, const char *name);
int pem_check_suffix(const char *pem_str, const char *suffix);
-int PEM_def_callback(char *buf, int num, int w, void *key)
+int PEM_def_callback(char *buf, int num, int rwflag, void *userdata)
{
-#ifdef OPENSSL_NO_FP_API
- /*
- * We should not ever call the default callback routine from windows.
- */
- PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (-1);
-#else
- int i, j;
+ int i, min_len;
const char *prompt;
- if (key) {
- i = strlen(key);
+
+ /* We assume that the user passes a default password as userdata */
+ if (userdata) {
+ i = strlen(userdata);
i = (i > num) ? num : i;
- memcpy(buf, key, i);
- return (i);
+ memcpy(buf, userdata, i);
+ return i;
}
prompt = EVP_get_pw_prompt();
if (prompt == NULL)
prompt = "Enter PEM pass phrase:";
- for (;;) {
- /*
- * We assume that w == 0 means decryption,
- * while w == 1 means encryption
- */
- int min_len = w ? MIN_LENGTH : 0;
+ /*
+ * rwflag == 0 means decryption
+ * rwflag == 1 means encryption
+ *
+ * We assume that for encryption, we want a minimum length, while for
+ * decryption, we cannot know any minimum length, so we assume zero.
+ */
+ min_len = rwflag ? MIN_LENGTH : 0;
- i = EVP_read_pw_string_min(buf, min_len, num, prompt, w);
- if (i != 0) {
- PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
- memset(buf, 0, (unsigned int)num);
- return (-1);
- }
- j = strlen(buf);
- if (min_len && j < min_len) {
- fprintf(stderr,
- "phrase is too short, needs to be at least %d chars\n",
- min_len);
- } else
- break;
+ i = EVP_read_pw_string_min(buf, min_len, num, prompt, rwflag);
+ if (i != 0) {
+ PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
+ memset(buf, 0, (unsigned int)num);
+ return -1;
}
- return (j);
-#endif
+ return strlen(buf);
}
void PEM_proc_type(char *buf, int type)
@@ -461,7 +449,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
else
klen = callback(buf, PEM_BUFSIZE, 0, u);
- if (klen <= 0) {
+ if (klen < 0) {
PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
return (0);
}
@@ -501,6 +489,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
char **header_pp = &header;
cipher->cipher = NULL;
+ memset(cipher->iv, 0, sizeof(cipher->iv));
if ((header == NULL) || (*header == '\0') || (*header == '\n'))
return (1);
if (strncmp(header, "Proc-Type: ", 11) != 0) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 17:45:47 +0000