commit d8cd383938102c4533cc2bad78b02bd3a4de6a82
author David Benjamin <davidben@google.com> Thu Aug 29 15:42:43 2024 -0400
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu Aug 29 23:21:50 2024 +0000
tree de33fea9612016603ba175aa69d8999386358549
parent 6c3a63970fbaea7b4f1db23f3213b0c52586cc6c

Allow empty passwords in PEM password callback

This aligns with https://github.com/openssl/openssl/pull/6173 from
upstream OpenSSL. As part of this, I had to fix PEM_def_callback (which
is different in us vs BoringSSL) to use -1 as the error value, not 0.
Otherwise errors get misinterpreted as empty strings.

As part of this, make sure all the functions being fixed are covered by
tests.

Fixed: 362788352
Change-Id: I2b5071534c77944d473580fda98d23ae3b54e2d5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/70787
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>

crypto/pem/pem_pk8.c

diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index 9c6419b..2fc0673 100644
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -113,12 +113,11 @@
   }
   if (enc || (nid != -1)) {
     if (!pass) {
-      pass_len = 0;
       if (!cb) {
         cb = PEM_def_callback;
       }
       pass_len = cb(buf, PEM_BUFSIZE, 1, u);
-      if (pass_len <= 0) {
+      if (pass_len < 0) {
         OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY);
         PKCS8_PRIV_KEY_INFO_free(p8inf);
         return 0;
@@ -166,7 +165,7 @@
     cb = PEM_def_callback;
   }
   pass_len = cb(psbuf, PEM_BUFSIZE, 0, u);
-  if (pass_len <= 0) {
+  if (pass_len < 0) {
     OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ);
     X509_SIG_free(p8);
     return NULL;