diff options
| author | Neel Chauhan <neel@neelc.org> | 2020-11-16 09:35:23 -0800 |
|---|---|---|
| committer | Neel Chauhan <neel@neelc.org> | 2020-11-16 09:35:23 -0800 |
| commit | 8785a75e2f0c44f1585b563d8043c64c6489acaa (patch) | |
| tree | 8aaa833e593145c653287e648e9a4c4bd50a60f2 /src/tools/tor-gencert.c | |
| parent | d425dbf04a6bbac7eae832bf51c2bfe061e2c426 (diff) | |
| download | tor-8785a75e2f0c44f1585b563d8043c64c6489acaa.tar.gz tor-8785a75e2f0c44f1585b563d8043c64c6489acaa.zip | |
Give a descriptive error message with "tor-gencert --create-identity-key"
Diffstat (limited to 'src/tools/tor-gencert.c')
| -rw-r--r-- | src/tools/tor-gencert.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index e4f6530b46..e7561654c7 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -248,6 +248,8 @@ generate_key(int bits) return rsa; } +#define MIN_PASSPHRASE_LEN 4 + /** Try to read the identity key from <b>identity_key_file</b>. If no such * file exists and create_identity_key is set, make a new identity key and * store it. Return 0 on success, nonzero on failure. @@ -288,11 +290,16 @@ load_identity_key(void) * the terminal. */ if (!PEM_write_PKCS8PrivateKey_nid(f, identity_key, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, - passphrase, (int)passphrase_len, + passphrase, (int) passphrase_len, NULL, NULL)) { - log_err(LD_GENERAL, "Couldn't write identity key to %s", - identity_key_file); - crypto_openssl_log_errors(LOG_ERR, "Writing identity key"); + if ((int) passphrase_len < MIN_PASSPHRASE_LEN) { + log_err(LD_GENERAL, "Passphrase empty or too short. Passphrase needs " + "to be at least %d characters.", MIN_PASSPHRASE_LEN); + } else { + log_err(LD_GENERAL, "Couldn't write identity key to %s", + identity_key_file); + crypto_openssl_log_errors(LOG_ERR, "Writing identity key"); + } abort_writing_to_file(open_file); return 1; } |