crypto: pass empty passphrases to OpenSSL properly (!35914) · Merge requests · Rodrigo Test / Test Group-nodejs / node · GitLab

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

Rodrigo Muino Tomonari requested to merge github/fork/tniessen/crypto-fix-blank-passphrase-35898 into master Nov 01, 2020

This solves two related problems:

PrivateKeyEncodingConfig was unable to distinguish between "no passphrase" and zero-length passphrases, since both may be stored as ByteSource(nullptr, 0).
OpenSSL uses its default key callback when a cipher was specified, but a nullptr for the passphrase. However, this did happen when an empty passphrase was specified, because malloc(0) is allowed to return a nullptr.

I'm not sure why these problems don't affect older versions.

Fixes: https://github.com/nodejs/node/issues/35898

Checklist

make -j4 test (UNIX), or vcbuild test (Windows) passes
tests and/or benchmarks are included
commit message follows commit guidelines