From 01b8b3c7d2d8f835257ac1cb2512273aa27bfba8 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 5 Jun 2006 11:52:46 +0000
Subject: Complete EVP_PKEY_ASN1_METHOD ENGINE support.

---
 crypto/pem/pem_lib.c  | 27 +++++++++++++++++++++++----
 crypto/pem/pem_pkey.c | 13 +++++++------
 2 files changed, 30 insertions(+), 10 deletions(-)

(limited to 'crypto/pem')

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 9631ee2d5d..89e41b7f94 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -70,6 +70,9 @@
 #ifndef OPENSSL_NO_DES
 #include <openssl/des.h>
 #endif
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 
 const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
 
@@ -197,7 +200,11 @@ static int check_pem(const char *nm, const char *name)
 		slen = pem_check_suffix(nm, "PRIVATE KEY"); 
 		if (slen > 0)
 			{
-			ameth = EVP_PKEY_asn1_find_str(nm, slen);
+			/* NB: ENGINE implementations wont contain
+			 * a deprecated old private key decode function
+			 * so don't look for them.
+			 */
+			ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
 			if (ameth && ameth->old_priv_decode)
 				return 1;
 			}
@@ -211,9 +218,21 @@ static int check_pem(const char *nm, const char *name)
 		slen = pem_check_suffix(nm, "PARAMETERS"); 
 		if (slen > 0)
 			{
-			ameth = EVP_PKEY_asn1_find_str(nm, slen);
-			if (ameth && ameth->param_decode)
-				return 1;
+			ENGINE *e;
+			ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+			if (ameth)
+				{
+				int r;
+				if (ameth->param_decode)
+					r = 1;
+				else
+					r = 0;
+#ifndef OPENSSL_NO_ENGINE
+				if (e)
+					ENGINE_finish(e);
+#endif
+				return r;
+				}
 			}
 		return 0;
 		}
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index acd2dc2504..6cca60cb8d 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -65,6 +65,9 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs12.h>
 #include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 #include "asn1_locl.h"
 
 int pem_check_suffix(const char *pem_str, const char *suffix);
@@ -119,7 +122,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
 	} else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0)
 		{
 		const EVP_PKEY_ASN1_METHOD *ameth;
-		ameth = EVP_PKEY_asn1_find_str(nm, slen);
+		ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
 		if (!ameth || !ameth->old_priv_decode)
 			goto p8err;
 		ret=d2i_PrivateKey(ameth->pkey_id,x,&p,len);
@@ -164,14 +167,12 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
 
 	if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0)
 		{
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		ameth = EVP_PKEY_asn1_find_str(nm, slen);
-		if (!ameth || !ameth->param_decode)
-			goto err;
 		ret = EVP_PKEY_new();
 		if (!ret)
 			goto err;
-		if (!ameth->param_decode(ret, &p, len))
+		if (!EVP_PKEY_set_type_str(ret, nm, slen)
+			|| !ret->ameth->param_decode
+			|| !ret->ameth->param_decode(ret, &p, len))
 			{
 			EVP_PKEY_free(ret);
 			ret = NULL;
-- 
cgit v1.2.3