Before trying to process the PEM file, hand it to each of the loaded
engines to see if they recognise the PEM guards. This uses the new
bio based load key callback, so the engine must be loaded and
implement this callback to be considered.
Signed-off-by: James Bottomley <j...@linux.vnet.ibm.com>
---
crypto/pem/pem_pkey.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 04d6319..e3737f0 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -85,6 +85,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
pem_password_cb *cb,
int slen;
EVP_PKEY *ret = NULL;
+ /* first check to see if an engine can load the PEM */
+ if (ENGINE_find_engine_load_key(NULL, &ret, (const char *)bp, cb, u) == 1)
+ return ret;
+
if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
return NULL;
p = data;
--
2.6.6
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
