mirror of
https://github.com/openssl/openssl.git
synced 2025-01-25 03:13:59 +08:00
Teach the OSSL_STORE code about libctx
We restrict this to just the PrivateKey loading code at the moment. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11494)
This commit is contained in:
parent
f13fdeb321
commit
8755b08524
@ -29,6 +29,7 @@
|
||||
#include "internal/o_dir.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include "crypto/store.h"
|
||||
#include "crypto/evp.h"
|
||||
#include "store_local.h"
|
||||
|
||||
#ifdef _WIN32
|
||||
@ -154,6 +155,8 @@ static int file_get_pem_pass(char *buf, int num, int w, void *data)
|
||||
* or any other interactive data.
|
||||
* ui_data: Application data to be passed to ui_method when
|
||||
* it's called.
|
||||
* libctx: The library context to be used if applicable
|
||||
* propq: The property query string for any algorithm fetches
|
||||
* Output:
|
||||
* a OSSL_STORE_INFO
|
||||
*/
|
||||
@ -163,7 +166,9 @@ typedef OSSL_STORE_INFO *(*file_try_decode_fn)(const char *pem_name,
|
||||
size_t len, void **handler_ctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data);
|
||||
void *ui_data,
|
||||
OPENSSL_CTX *libctx,
|
||||
const char *propq);
|
||||
/*
|
||||
* The eof function should return 1 if there's no more data to be found
|
||||
* with the handler_ctx, otherwise 0. This is only used when the handler is
|
||||
@ -198,7 +203,8 @@ static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;
|
||||
@ -326,7 +332,9 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data,
|
||||
OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
X509_SIG *p8 = NULL;
|
||||
char kbuf[PEM_BUFSIZE];
|
||||
@ -402,7 +410,8 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
EVP_PKEY *pkey = NULL;
|
||||
@ -415,7 +424,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
|
||||
|
||||
*matchcount = 1;
|
||||
if (p8inf != NULL)
|
||||
pkey = EVP_PKCS82PKEY(p8inf);
|
||||
pkey = evp_pkcs82pkey_int(p8inf, libctx, propq);
|
||||
PKCS8_PRIV_KEY_INFO_free(p8inf);
|
||||
} else {
|
||||
int slen;
|
||||
@ -424,7 +433,8 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
|
||||
&& (ameth = EVP_PKEY_asn1_find_str(NULL, pem_name,
|
||||
slen)) != NULL) {
|
||||
*matchcount = 1;
|
||||
pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &blob, len);
|
||||
pkey = d2i_PrivateKey_ex(ameth->pkey_id, NULL, &blob, len,
|
||||
libctx, propq);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
@ -438,7 +448,8 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
|
||||
if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
|
||||
continue;
|
||||
|
||||
tmp_pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &tmp_blob, len);
|
||||
tmp_pkey = d2i_PrivateKey_ex(ameth->pkey_id, NULL, &tmp_blob, len,
|
||||
libctx, propq);
|
||||
if (tmp_pkey != NULL) {
|
||||
if (pkey != NULL)
|
||||
EVP_PKEY_free(tmp_pkey);
|
||||
@ -478,7 +489,8 @@ static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
EVP_PKEY *pkey = NULL;
|
||||
@ -512,7 +524,8 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
int slen = 0;
|
||||
@ -595,7 +608,9 @@ static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data,
|
||||
OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
X509 *cert = NULL;
|
||||
@ -645,7 +660,8 @@ static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,
|
||||
size_t len, void **pctx,
|
||||
int *matchcount,
|
||||
const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_INFO *store_info = NULL;
|
||||
X509_CRL *crl = NULL;
|
||||
@ -736,6 +752,9 @@ struct ossl_store_loader_ctx_st {
|
||||
|
||||
/* Expected object type. May be unspecified */
|
||||
int expected_type;
|
||||
|
||||
OPENSSL_CTX *libctx;
|
||||
char *propq;
|
||||
};
|
||||
|
||||
static void OSSL_STORE_LOADER_CTX_free(OSSL_STORE_LOADER_CTX *ctx)
|
||||
@ -749,6 +768,7 @@ static void OSSL_STORE_LOADER_CTX_free(OSSL_STORE_LOADER_CTX *ctx)
|
||||
ctx->_.file.last_handler = NULL;
|
||||
}
|
||||
}
|
||||
OPENSSL_free(ctx->propq);
|
||||
OPENSSL_free(ctx);
|
||||
}
|
||||
|
||||
@ -963,7 +983,9 @@ static int file_find(OSSL_STORE_LOADER_CTX *ctx,
|
||||
}
|
||||
|
||||
/* Internal function to decode an already opened PEM file */
|
||||
OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp)
|
||||
OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp,
|
||||
OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_LOADER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
|
||||
|
||||
@ -976,6 +998,17 @@ OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp)
|
||||
ctx->_.file.file = bp;
|
||||
ctx->type = is_pem;
|
||||
|
||||
ctx->libctx = libctx;
|
||||
if (propq != NULL) {
|
||||
ctx->propq = OPENSSL_strdup(propq);
|
||||
if (ctx->propq == NULL) {
|
||||
OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT,
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
OPENSSL_free(ctx);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return ctx;
|
||||
}
|
||||
|
||||
@ -1013,7 +1046,7 @@ static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx,
|
||||
OSSL_STORE_INFO *tmp_result =
|
||||
handler->try_decode(pem_name, pem_header, data, len,
|
||||
&tmp_handler_ctx, &try_matchcount,
|
||||
ui_method, ui_data);
|
||||
ui_method, ui_data, ctx->libctx, ctx->propq);
|
||||
|
||||
if (try_matchcount > 0) {
|
||||
|
||||
@ -1080,7 +1113,8 @@ static OSSL_STORE_INFO *file_load_try_repeat(OSSL_STORE_LOADER_CTX *ctx,
|
||||
ctx->_.file.last_handler->try_decode(NULL, NULL, NULL, 0,
|
||||
&ctx->_.file.last_handler_ctx,
|
||||
&try_matchcount,
|
||||
ui_method, ui_data);
|
||||
ui_method, ui_data,
|
||||
ctx->libctx, ctx->propq);
|
||||
|
||||
if (result == NULL) {
|
||||
ctx->_.file.last_handler->destroy_ctx(&ctx->_.file.last_handler_ctx);
|
||||
|
@ -652,14 +652,16 @@ char *ossl_store_info_get0_EMBEDDED_pem_name(OSSL_STORE_INFO *info)
|
||||
}
|
||||
|
||||
OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method,
|
||||
void *ui_data)
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq)
|
||||
{
|
||||
OSSL_STORE_CTX *ctx = NULL;
|
||||
const OSSL_STORE_LOADER *loader = NULL;
|
||||
OSSL_STORE_LOADER_CTX *loader_ctx = NULL;
|
||||
|
||||
if ((loader = ossl_store_get0_loader_int("file")) == NULL
|
||||
|| ((loader_ctx = ossl_store_file_attach_pem_bio_int(bp)) == NULL))
|
||||
|| ((loader_ctx = ossl_store_file_attach_pem_bio_int(bp, libctx,
|
||||
propq)) == NULL))
|
||||
goto done;
|
||||
if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
|
||||
OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO,
|
||||
|
@ -128,5 +128,7 @@ int ossl_store_file_loader_init(void);
|
||||
* -------------------
|
||||
*/
|
||||
|
||||
OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp);
|
||||
OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp,
|
||||
OPENSSL_CTX *libctx,
|
||||
const char *propq);
|
||||
int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx);
|
||||
|
@ -20,7 +20,8 @@
|
||||
* as usual with OSSLSTORE_load() and OSSLSTORE_eof().
|
||||
*/
|
||||
OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method,
|
||||
void *ui_data);
|
||||
void *ui_data, OPENSSL_CTX *libctx,
|
||||
const char *propq);
|
||||
int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx);
|
||||
|
||||
void ossl_store_cleanup_int(void);
|
||||
|
Loading…
Reference in New Issue
Block a user