[openssl-dev] [RFC v2 2/2] pem: load engine keys
James Bottomley
James.Bottomley at HansenPartnership.com
Wed Nov 30 15:27:49 UTC 2016
Before trying to process the PEM file, hand it to each of the loaded
engines to see if they recognise the PEM guards. This uses the new
bio based load key callback, so the engine must be loaded and
implement this callback to be considered.
Signed-off-by: James Bottomley <jejb at linux.vnet.ibm.com>
---
crypto/pem/pem_pkey.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 04d6319..e3737f0 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -85,6 +85,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
int slen;
EVP_PKEY *ret = NULL;
+ /* first check to see if an engine can load the PEM */
+ if (ENGINE_find_engine_load_key(NULL, &ret, (const char *)bp, cb, u) == 1)
+ return ret;
+
if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
return NULL;
p = data;
--
2.6.6
More information about the openssl-dev
mailing list