Merge remote-tracking branch 'tor-gitlab/mr/213'

2 files changed, 15 insertions, 4 deletions

diff --git a/changes/bug40189 b/changes/bug40189
new file mode 100644
index 0000000000..0c3c8ae2f3
--- /dev/null
+++ b/changes/bug40189
@@ -0,0 +1,4 @@
+  o Major bugfixes (signing key):
+    - In the tor-gencert utility, give an informative error message if the
+      passphrase given in `--create-identity-key` is too short. Fixes bug
+      40189; bugfix on 0.2.0.1-alpha. Patch by Neel Chauhan.
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index e4f6530b46..e7561654c7 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -248,6 +248,8 @@ generate_key(int bits)
   return rsa;
 }
 
+#define MIN_PASSPHRASE_LEN 4
+
 /** Try to read the identity key from <b>identity_key_file</b>.  If no such
  * file exists and create_identity_key is set, make a new identity key and
  * store it.  Return 0 on success, nonzero on failure.
@@ -288,11 +290,16 @@ load_identity_key(void)
      * the terminal. */
     if (!PEM_write_PKCS8PrivateKey_nid(f, identity_key,
                                        NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
-                                       passphrase, (int)passphrase_len,
+                                       passphrase, (int) passphrase_len,
                                        NULL, NULL)) {
-      log_err(LD_GENERAL, "Couldn't write identity key to %s",
-              identity_key_file);
-      crypto_openssl_log_errors(LOG_ERR, "Writing identity key");
+      if ((int) passphrase_len < MIN_PASSPHRASE_LEN) {
+        log_err(LD_GENERAL, "Passphrase empty or too short. Passphrase needs "
+                "to be at least %d characters.", MIN_PASSPHRASE_LEN);
+      } else {
+        log_err(LD_GENERAL, "Couldn't write identity key to %s",
+                identity_key_file);
+        crypto_openssl_log_errors(LOG_ERR, "Writing identity key");
+      }
       abort_writing_to_file(open_file);
       return 1;
     }