Forgot to report something I fixed locally.
On 4/29/26 8:02 PM, Eddie Kovsky wrote:
[...]
@@ -207,13 +251,44 @@ static int rsa_pem_get_priv_key(const char *keydir, const
char *name,
return -ENOENT;
}
+#ifdef USE_PKCS11_PROVIDER
+ EVP_PKEY *private_key = NULL;
+ OSSL_STORE_CTX *store;
+
+ if (!OSSL_PROVIDER_try_load(NULL, "pkcs11", true))
+ ERR(1, "OSSL_PROVIDER_try_load(pkcs11)");
+ if (!OSSL_PROVIDER_try_load(NULL, "default", true))
+ ERR(1, "OSSL_PROVIDER_try_load(default)");
+
+ store = OSSL_STORE_open(path, NULL, NULL, NULL, NULL);
+ ERR(!store, "OSSL_STORE_open");
+
+ while (!OSSL_STORE_eof(store)) {
+ OSSL_STORE_INFO *info = OSSL_STORE_load(store);
+
+ if (!info) {
+ drain_openssl_errors(__LINE__, 0);
+ continue;
+ }
+ if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
+ private_key = OSSL_STORE_INFO_get1_PKEY(info);
+ ERR(!private_key, "OSSL_STORE_INFO_get1_PKEY");
+ }
+ OSSL_STORE_INFO_free(info);
+ if (private_key)
+ break;
+ }
+ OSSL_STORE_close(store);
+
+ *evpp = private_key;
If we reach here without actually finding a private_key, we'll return 0
a few lines down which is definitely not what we want to do. I'm suggesting:
if (!private_key)
return -EINVAL;
Maybe it should be -ENOENT like for when we don't find the key on disk
(see first line in git context in this hunk), because for some reason
our logic in tools/image-host.c specifies that missing keys is allowed
(???????).
+#else
if (!PEM_read_PrivateKey(f, evpp, NULL, path)) {
rsa_err("Failure reading private key");
fclose(f);
return -EPROTO;
}
fclose(f);
-
+#endif
return 0;
}
Cheers,
Quentin
