Teach PEM_read_bio_PrivateKey about libctx

Now that d2i_PrivateKey_ex() and other similar functions exist we should use it when loading a PEM PrivateKey. Reviewed-by: N Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11494)

Teach PEM_read_bio_PrivateKey about libctx
Now that d2i_PrivateKey_ex() and other similar functions exist we should use it when loading a PEM PrivateKey. Reviewed-by: N Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11494)
1531241c · Matt Caswell · 8755b085 · 1531241c · 1531241c · 1531241c
隐藏空白更改
内联并排

Showing with 34 addition and 9 deletion

crypto/pem/pem_pkey.c crypto/pem/pem_pkey.c +24 -9

include/openssl/pem.h include/openssl/pem.h +8 -0

util/libcrypto.num util/libcrypto.num +2 -0

未找到文件。
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -27,8 +27,9 @@

 int pem_check_suffix(const char *pem_str, const char *suffix);

-EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                  void *u)
+EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                     void *u, OPENSSL_CTX *libctx,
+                                     const char *propq)
 {
    EVP_PKEY *ret = NULL;
    OSSL_STORE_CTX *ctx = NULL;
@@ -38,7 +39,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
    if ((ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) == NULL)
        return NULL;

-    if ((ctx = ossl_store_attach_pem_bio(bp, ui_method, u)) == NULL)
+    if ((ctx = ossl_store_attach_pem_bio(bp, ui_method, u, libctx,
+                                         propq)) == NULL)
        goto err;
 #ifndef OPENSSL_NO_SECURE_HEAP
    {
@@ -66,6 +68,12 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
    return ret;
 }

+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                  void *u)
+{
+    return PEM_read_bio_PrivateKey_ex(bp, x, cb, u, NULL, NULL);
+}
+
 PEM_write_cb_fnsig(PrivateKey, EVP_PKEY, BIO, write_bio)
 {
    IMPLEMENT_PEM_provided_write_body_vars(EVP_PKEY, PrivateKey);
@@ -97,7 +105,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
    OSSL_STORE_CTX *ctx = NULL;
    OSSL_STORE_INFO *info = NULL;

-    if ((ctx = ossl_store_attach_pem_bio(bp, UI_null(), NULL)) == NULL)
+    if ((ctx = ossl_store_attach_pem_bio(bp, UI_null(), NULL, NULL, NULL)) == NULL)
        goto err;

    while (!OSSL_STORE_eof(ctx) && (info = OSSL_STORE_load(ctx)) != NULL) {
@@ -134,22 +142,29 @@ PEM_write_fnsig(Parameters, EVP_PKEY, BIO, write_bio)
 }

 #ifndef OPENSSL_NO_STDIO
-EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-                              void *u)
+EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                                 void *u, OPENSSL_CTX *libctx,
+                                 const char *propq)
 {
    BIO *b;
    EVP_PKEY *ret;

    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_READ_PRIVATEKEY, ERR_R_BUF_LIB);
+        PEMerr(0, ERR_R_BUF_LIB);
        return 0;
    }
    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_read_bio_PrivateKey(b, x, cb, u);
+    ret = PEM_read_bio_PrivateKey_ex(b, x, cb, u, libctx, propq);
    BIO_free(b);
    return ret;
 }

+EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                              void *u)
+{
+    return PEM_read_PrivateKey_ex(fp, x, cb, u, NULL, NULL);
+}
+
 int PEM_write_PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc,
                         const unsigned char *kstr, int klen,
                         pem_password_cb *cb, void *u)
@@ -183,7 +198,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
    if ((ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) == NULL)
        return NULL;

-    if ((ctx = ossl_store_attach_pem_bio(bp, ui_method, u)) == NULL)
+    if ((ctx = ossl_store_attach_pem_bio(bp, ui_method, u, NULL, NULL)) == NULL)
        goto err;

    while (!OSSL_STORE_eof(ctx) && (info = OSSL_STORE_load(ctx)) != NULL) {

--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -347,6 +347,14 @@ DECLARE_PEM_rw(DHparams, DH)
 DECLARE_PEM_write(DHxparams, DH)
 # endif
 DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                     void *u, OPENSSL_CTX *libctx,
+                                     const char *propq);
+# ifndef OPENSSL_NO_STDIO
+EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                                 void *u, OPENSSL_CTX *libctx,
+                                 const char *propq);
+# endif
 DECLARE_PEM_rw(PUBKEY, EVP_PKEY)

 int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,

--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5054,3 +5054,5 @@ d2i_PrivateKey_ex                       ?	3_0_0	EXIST::FUNCTION:
 d2i_AutoPrivateKey_ex                   ?	3_0_0	EXIST::FUNCTION:
 d2i_PrivateKey_ex_fp                    ?	3_0_0	EXIST::FUNCTION:STDIO
 d2i_PrivateKey_ex_bio                   ?	3_0_0	EXIST::FUNCTION:
+PEM_read_bio_PrivateKey_ex              ?	3_0_0	EXIST::FUNCTION:
+PEM_read_PrivateKey_ex                  ?	3_0_0	EXIST::FUNCTION:STDIO