diff options
author | Simo Sorce <simo@redhat.com> | 2023-01-23 17:28:21 -0500 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2023-09-19 12:24:07 +0200 |
commit | 96e678087de25c4bb19ef01492bd04002c3fe315 (patch) | |
tree | f29b7aaf5dd24a3173b355a06919421548678cc2 /include | |
parent | 19937db0f2769bc9e4882b476901e446eaadb384 (diff) |
Allow to pass a passprase callback at store open
Some PKCS11 modules require authentication early on to be able to
preload objects, which we want to do to avoid costly roundtrips when the
HSM is actually reached over a network (Cloud HSM).
Unfortunately at open time we can't interact with the user becaue the
callbacks are only passed at object load time. later on.
This patch corrects this issue by providing a more feature rich open
call for providers.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/core_dispatch.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 9631626ae3..73f040285c 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -937,6 +937,7 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object, #define OSSL_FUNC_STORE_CLOSE 7 #define OSSL_FUNC_STORE_EXPORT_OBJECT 8 #define OSSL_FUNC_STORE_DELETE 9 +#define OSSL_FUNC_STORE_OPEN_EX 10 OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri)) OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in)) OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params, @@ -955,6 +956,9 @@ OSSL_CORE_MAKE_FUNC(int, store_export_object, OSSL_CORE_MAKE_FUNC(int, store_delete, (void *provctx, const char *uri, const OSSL_PARAM params[], OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)) +OSSL_CORE_MAKE_FUNC(void *, store_open_ex, + (void *provctx, const char *uri, const OSSL_PARAM params[], + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)) # ifdef __cplusplus } |