[openssl-dev] [RFC 2/2] pem: load engine keys
James Bottomley
James.Bottomley at HansenPartnership.com
Wed Nov 16 15:48:13 UTC 2016
Before trying to process the PEM file, hand it to each of the
loaded engines to see if they can load it. This uses the new
bio based callback, so the engine must be loaded and implement this
callback to be considered.
Signed-off-by: James Bottomley <jejb at linux.vnet.ibm.com>
---
crypto/pem/pem_pkey.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 04d6319..8d44d45 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -85,6 +85,11 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
int slen;
EVP_PKEY *ret = NULL;
+ if (ENGINE_find_engine_load_key(NULL, &ret, (const char *)bp, cb, u,
+ ENGINE_LOAD_KEY_FLAG_BIO) == 1) {
+ return ret;
+ }
+
if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
return NULL;
p = data;
More information about the openssl-dev
mailing list