diff options
author | Matt Caswell <matt@openssl.org> | 2023-07-31 12:28:37 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-08-01 20:09:55 +0200 |
commit | 1383dc6044883edb18d60b5faa3630dd2c46540b (patch) | |
tree | 86c4add0cd8ccaae191e249501c450bbc1570c69 /providers | |
parent | 6a26a09c423c582f70e8e6d05284e7341a3d322c (diff) |
Don't add the msblob/pvk decoders if they're not suitable
msblob only decodes public/private keys (not just params).
pvk only decodes private keys.
If the requested selection doesn't intersect with the above then don't
consider those decoders.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)
(cherry picked from commit 6207f2b657b5ba1823681b49c7c34c619da0dd00)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/encode_decode/decode_msblob2key.c | 14 | ||||
-rw-r--r-- | providers/implementations/encode_decode/decode_pvk2key.c | 13 |
2 files changed, 27 insertions, 0 deletions
diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index 501957faba..91f9977b6b 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -79,6 +79,18 @@ static void msblob2key_freectx(void *vctx) OPENSSL_free(ctx); } +static int msblob2key_does_selection(void *provctx, int selection) +{ + if (selection == 0) + return 1; + + if ((selection & (OSSL_KEYMGMT_SELECT_PRIVATE_KEY + | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) != 0) + return 1; + + return 0; +} + static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OSSL_CALLBACK *data_cb, void *data_cbarg, OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) @@ -260,6 +272,8 @@ static void rsa_adjust(void *key, struct msblob2key_ctx_st *ctx) (void (*)(void))msblob2##keytype##_newctx }, \ { OSSL_FUNC_DECODER_FREECTX, \ (void (*)(void))msblob2key_freectx }, \ + { OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))msblob2key_does_selection }, \ { OSSL_FUNC_DECODER_DECODE, \ (void (*)(void))msblob2key_decode }, \ { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c index c6424165b0..2975186c30 100644 --- a/providers/implementations/encode_decode/decode_pvk2key.c +++ b/providers/implementations/encode_decode/decode_pvk2key.c @@ -79,6 +79,17 @@ static void pvk2key_freectx(void *vctx) OPENSSL_free(ctx); } +static int pvk2key_does_selection(void *provctx, int selection) +{ + if (selection == 0) + return 1; + + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) + return 1; + + return 0; +} + static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OSSL_CALLBACK *data_cb, void *data_cbarg, OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) @@ -226,6 +237,8 @@ static void rsa_adjust(void *key, struct pvk2key_ctx_st *ctx) (void (*)(void))pvk2##keytype##_newctx }, \ { OSSL_FUNC_DECODER_FREECTX, \ (void (*)(void))pvk2key_freectx }, \ + { OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))pvk2key_does_selection }, \ { OSSL_FUNC_DECODER_DECODE, \ (void (*)(void))pvk2key_decode }, \ { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ |