From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 27 Mar 2010 19:27:51 +0000 (+0000)
Subject: PR: 1904
X-Git-Tag: OpenSSL_1_0_0~5
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=9caf25d1449e78d0ab145c5bde936d4760bc528f

PR: 1904
Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.
---

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 41fdb2b3f8..9f9795e2d9 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -522,6 +522,7 @@ int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 int	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 
 int	EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
+int	EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
 void	EVP_set_pw_prompt(const char *prompt);
 char *	EVP_get_pw_prompt(void);
 
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 361ea69ab6..839d6a3a16 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void)
  * in the DES library -- if someone ever wants to disable DES,
  * this function will fail */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
+	{
+	return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+	}
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
 	{
 	int ret;
 	char buff[BUFSIZ];
@@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 	if ((prompt == NULL) && (prompt_string[0] != '\0'))
 		prompt=prompt_string;
 	ui = UI_new();
-	UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+	UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
 	if (verify)
 		UI_add_verify_string(ui,prompt,0,
-			buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+			buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
 	ret = UI_process(ui);
 	UI_free(ui);
 	OPENSSL_cleanse(buff,BUFSIZ);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index a547fdc933..42e4861bc1 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -105,7 +105,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
 
 	for (;;)
 		{
-		i=EVP_read_pw_string(buf,num,prompt,w);
+		i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w);
 		if (i != 0)
 			{
 			PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
diff --git a/util/libeay.num b/util/libeay.num
index 597fbd539c..007e1f8ba6 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4175,3 +4175,4 @@ X509_subject_name_hash_old              4548	EXIST::FUNCTION:MD5
 EVP_CIPHER_CTX_copy                     4549	EXIST::FUNCTION:
 UI_method_get_prompt_constructor        4550	EXIST::FUNCTION:
 UI_method_set_prompt_constructor        4551	EXIST::FUNCTION:
+EVP_read_pw_string_min                  4552	EXIST::FUNCTION: