diff options
author | Jon Spillett <jon.spillett@oracle.com> | 2021-05-18 05:37:35 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-06-01 12:16:27 +0200 |
commit | 5e2d22d53ed322a7124e26a4fbd116a8210eb77a (patch) | |
tree | 8e78bfa8dfd5d923244f4e995d2de7ebbdccc089 | |
parent | Fix up encoder/decoder issues caused by not passing a library context to the ... (diff) | |
download | openssl-5e2d22d53ed322a7124e26a4fbd116a8210eb77a.tar.xz openssl-5e2d22d53ed322a7124e26a4fbd116a8210eb77a.zip |
Pass library context and property query into private key decoders
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14587)
-rw-r--r-- | crypto/pem/pvkfmt.c | 20 | ||||
-rw-r--r-- | include/crypto/pem.h | 4 | ||||
-rw-r--r-- | providers/implementations/encode_decode/decode_pvk2key.c | 10 |
3 files changed, 26 insertions, 8 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index d08fab4ba8..1ff68e2158 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -946,21 +946,33 @@ static void *do_PVK_key_bio(BIO *in, pem_password_cb *cb, void *u, } #ifndef OPENSSL_NO_DSA -DSA *b2i_DSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u) +DSA *b2i_DSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u, + OSSL_LIB_CTX *libctx, const char *propq) { int isdss = 1; int ispub = 0; /* PVK keys are always private */ - return do_PVK_key_bio(in, cb, u, &isdss, &ispub, NULL, NULL); + return do_PVK_key_bio(in, cb, u, &isdss, &ispub, libctx, propq); +} + +DSA *b2i_DSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u) +{ + return b2i_DSA_PVK_bio_ex(in, cb, u, NULL, NULL); } #endif -RSA *b2i_RSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u) +RSA *b2i_RSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u, + OSSL_LIB_CTX *libctx, const char *propq) { int isdss = 0; int ispub = 0; /* PVK keys are always private */ - return do_PVK_key_bio(in, cb, u, &isdss, &ispub, NULL, NULL); + return do_PVK_key_bio(in, cb, u, &isdss, &ispub, libctx, propq); +} + +RSA *b2i_RSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u) +{ + return b2i_RSA_PVK_bio_ex(in, cb, u, NULL, NULL); } EVP_PKEY *b2i_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u, diff --git a/include/crypto/pem.h b/include/crypto/pem.h index 2a0e6424a5..840dc18f06 100644 --- a/include/crypto/pem.h +++ b/include/crypto/pem.h @@ -40,8 +40,12 @@ EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub); # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DSA DSA *b2i_DSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u); +DSA *b2i_DSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u, + OSSL_LIB_CTX *libctx, const char *propq); # endif RSA *b2i_RSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u); +RSA *b2i_RSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u, + OSSL_LIB_CTX *libctx, const char *propq); # endif #endif diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c index 702c89a928..b69b2416a5 100644 --- a/providers/implementations/encode_decode/decode_pvk2key.c +++ b/providers/implementations/encode_decode/decode_pvk2key.c @@ -33,7 +33,8 @@ struct pvk2key_ctx_st; /* Forward declaration */ typedef int check_key_fn(void *, struct pvk2key_ctx_st *ctx); typedef void adjust_key_fn(void *, struct pvk2key_ctx_st *ctx); -typedef void *b2i_PVK_of_bio_pw_fn(BIO *in, pem_password_cb *cb, void *u); +typedef void *b2i_PVK_of_bio_pw_fn(BIO *in, pem_password_cb *cb, void *u, + OSSL_LIB_CTX *libctx, const char *propq); typedef void free_key_fn(void *); struct keytype_desc_st { int type; /* EVP key type */ @@ -118,7 +119,8 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (!ossl_pw_set_ossl_passphrase_cb(&pwdata, pw_cb, pw_cbarg)) goto end; - key = ctx->desc->read_private_key(in, ossl_pw_pem_password, &pwdata); + key = ctx->desc->read_private_key(in, ossl_pw_pem_password, &pwdata, + PROV_LIBCTX_OF(ctx->provctx), NULL); /* * Because the PVK API doesn't have a separate decrypt call, we need @@ -204,13 +206,13 @@ static int pvk2key_export_object(void *vctx, /* ---------------------------------------------------------------------- */ -#define dsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_DSA_PVK_bio +#define dsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_DSA_PVK_bio_ex #define dsa_adjust NULL #define dsa_free (void (*)(void *))DSA_free /* ---------------------------------------------------------------------- */ -#define rsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_RSA_PVK_bio +#define rsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_RSA_PVK_bio_ex static void rsa_adjust(void *key, struct pvk2key_ctx_st *ctx) { |