diff options
author | Mouse <mouse008@gmail.com> | 2016-01-15 22:13:00 -0500 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2016-01-22 20:13:31 +0100 |
commit | 3665fa25436f55f9ed401ae92c2f3862fb10d952 (patch) | |
tree | 7b2bacbd30bc15c773bfad8014fc93f66684d871 /apps | |
parent | 2b80d00e3ac652377ace84c51b53f51a1b7e1ba2 (diff) |
pkeyutl: allow peerkey for EC_DERIVE to reside on a hardware token (public key for now)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'apps')
-rw-r--r-- | apps/pkeyutl.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 070cf333dc..c8d513b44a 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -78,7 +78,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize, int impl); static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform, - const char *file); + const char *file, ENGINE* e); static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op, unsigned char *out, size_t *poutlen, @@ -149,7 +149,7 @@ int MAIN(int argc, char **argv) } else if (!strcmp(*argv, "-peerkey")) { if (--argc < 1) badarg = 1; - else if (!setup_peer(bio_err, ctx, peerform, *(++argv))) + else if (!setup_peer(bio_err, ctx, peerform, *(++argv), e)) badarg = 1; } else if (!strcmp(*argv, "-passin")) { if (--argc < 1) @@ -479,16 +479,20 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize, } static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform, - const char *file) + const char *file, ENGINE* e) { EVP_PKEY *peer = NULL; + ENGINE* engine = NULL; int ret; if (!ctx) { BIO_puts(err, "-peerkey command before -inkey\n"); return 0; } - peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key"); + if (peerform == FORMAT_ENGINE) + engine = e; + + peer = load_pubkey(bio_err, file, peerform, 0, NULL, engine, "Peer Key"); if (!peer) { BIO_printf(bio_err, "Error reading peer key %s\n", file); |