This patch doesn't fit the rest... Generally speaking, I am unsure about your solution. It seems like hack to fit a specific case where something more general could be of greater service to others as well.
Cheers Richard On November 30, 2016 4:27:49 PM GMT+01:00, James Bottomley <james.bottom...@hansenpartnership.com> wrote: >Before trying to process the PEM file, hand it to each of the loaded >engines to see if they recognise the PEM guards. This uses the new >bio based load key callback, so the engine must be loaded and >implement this callback to be considered. > >Signed-off-by: James Bottomley <j...@linux.vnet.ibm.com> >--- > crypto/pem/pem_pkey.c | 4 ++++ > 1 file changed, 4 insertions(+) > >diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c >index 04d6319..e3737f0 100644 >--- a/crypto/pem/pem_pkey.c >+++ b/crypto/pem/pem_pkey.c >@@ -85,6 +85,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY >**x, pem_password_cb *cb, > int slen; > EVP_PKEY *ret = NULL; > >+ /* first check to see if an engine can load the PEM */ >+ if (ENGINE_find_engine_load_key(NULL, &ret, (const char *)bp, cb, >u) == 1) >+ return ret; >+ >if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, >u)) > return NULL; > p = data; -- levi...@openssl.org -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev