From d54b97503b42198e3b7d9fe5d7cba82ebb03469e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 19 Dec 2018 17:12:01 +0100
Subject: [PATCH] pk parse: the password is optional

For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
---
 include/mbedtls/pk.h                | 15 ++++++++++++---
 tests/suites/test_suite_pk.function |  4 ----
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 310aeef5f..716070454 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -537,8 +537,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
  * \param keylen    Size of \b key in bytes.
  *                  For PEM data, this includes the terminating null byte,
  *                  so \p keylen must be equal to `strlen(key) + 1`.
- * \param pwd       password for decryption (optional)
- * \param pwdlen    size of the password
+ * \param pwd       Optional password for decryption.
+ *                  Pass \c NULL if expecting a non-encrypted key.
+ *                  Pass a string of \p pwdlen bytes if expecting an encrypted
+ *                  key; a non-encrypted key will also be accepted.
+ *                  The empty password is not supported.
+ * \param pwdlen    Size of the password in bytes.
+ *                  Ignored if \p pwd is \c NULL.
  *
  * \note            On entry, ctx must be empty, either freshly initialised
  *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
@@ -583,7 +588,11 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
  *
  * \param ctx       key to be initialized
  * \param path      filename to read the private key from
- * \param password  password to decrypt the file (can be NULL)
+ * \param password  Optional password to decrypt the file.
+ *                  Pass \c NULL if expecting a non-encrypted key.
+ *                  Pass a null-terminated string if expecting an encrypted
+ *                  key; a non-encrypted key will also be accepted.
+ *                  The empty password is not supported.
  *
  * \note            On entry, ctx must be empty, either freshly initialised
  *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 1f5d7d61a..bf3cf5dac 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -432,10 +432,6 @@ void invalid_parameters( )
                             mbedtls_pk_parse_key( &pk,
                                                   NULL, sizeof( buf ),
                                                   buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_key( &pk,
-                                                  buf, sizeof( buf ),
-                                                  NULL, sizeof( buf ) ) );
 
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
                             mbedtls_pk_parse_public_key( NULL,