PR: 1904

Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 41fdb2b3f87066d54eef99b522d6249cbde11dbf..9f9795e2d9d9707789b174378261662d4eb97926 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -522,6 +522,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 int    EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 
 int    EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
+int    EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
 void   EVP_set_pw_prompt(const char *prompt);
 char * EVP_get_pw_prompt(void);
 

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 361ea69ab6d5fd685ca98dfb0f94de238988a9af..839d6a3a164c6229c4e41a72aed822d4f77f255a 100644 (file)
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void)
  * in the DES library -- if someone ever wants to disable DES,
  * this function will fail */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
+       {
+       return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+       }
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
        {
        int ret;
        char buff[BUFSIZ];
@@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
        if ((prompt == NULL) && (prompt_string[0] != '\0'))
                prompt=prompt_string;
        ui = UI_new();
-       UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+       UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
        if (verify)
                UI_add_verify_string(ui,prompt,0,
-                       buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+                       buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
        ret = UI_process(ui);
        UI_free(ui);
        OPENSSL_cleanse(buff,BUFSIZ);

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index a547fdc9339acb2dd6be6e750b76adfd5f1f8ab7..42e4861bc14356ffd80000a0849d327c9c3164e9 100644 (file)
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -105,7 +105,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
 
        for (;;)
                {
-               i=EVP_read_pw_string(buf,num,prompt,w);
+               i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w);
                if (i != 0)
                        {
                        PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);

diff --git a/util/libeay.num b/util/libeay.num
index 597fbd539c91be8b9b57effb922f66e391bd390a..007e1f8ba67909b4f1120495102ee8279adab7a6 100755 (executable)
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4175,3 +4175,4 @@ X509_subject_name_hash_old              4548      EXIST::FUNCTION:MD5
 EVP_CIPHER_CTX_copy                     4549   EXIST::FUNCTION:
 UI_method_get_prompt_constructor        4550   EXIST::FUNCTION:
 UI_method_set_prompt_constructor        4551   EXIST::FUNCTION:
+EVP_read_pw_string_min                  4552   EXIST::FUNCTION: