Before trying to process the PEM file, hand it to each of the loaded engines to see if they can load it. This uses the new bio based callback, so the engine must be loaded and implement this callback to be considered.
Signed-off-by: James Bottomley <j...@linux.vnet.ibm.com> --- crypto/pem/pem_pkey.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 04d6319..8d44d45 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -85,6 +85,11 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, int slen; EVP_PKEY *ret = NULL; + if (ENGINE_find_engine_load_key(NULL, &ret, (const char *)bp, cb, u, + ENGINE_LOAD_KEY_FLAG_BIO) == 1) { + return ret; + } + if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u)) return NULL; p = data; -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev