aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2010-07-15 12:23:50 +0200
committerMartin Willi <martin@revosec.ch>2010-08-04 09:26:20 +0200
commit3479c2793116b18407e2e041e5bee454a8f9005d (patch)
tree7fd0578f95f318aabac1f013fad30dddcd45ae6f /src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
parent36c852a08be2b4373bd62d7cfb1862d28e818505 (diff)
downloadstrongswan-3479c2793116b18407e2e041e5bee454a8f9005d.tar.bz2
strongswan-3479c2793116b18407e2e041e5bee454a8f9005d.tar.xz
Support module names in %smartcard specifier, streamlined smartcard building
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c38
1 files changed, 31 insertions, 7 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 5817ade9e..b7b6e797d 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -451,21 +451,28 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
{
#ifndef OPENSSL_NO_ENGINE
private_openssl_rsa_private_key_t *this;
- char *keyid = NULL, *pin = NULL;
+ char *keyid = NULL, *pin = NULL, *engine_id = NULL;
+ char keyname[64];
EVP_PKEY *key;
- char *engine_id;
ENGINE *engine;
+ int slot = -1;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
- case BUILD_SMARTCARD_KEYID:
+ case BUILD_PKCS11_KEYID:
keyid = va_arg(args, char*);
continue;
- case BUILD_SMARTCARD_PIN:
+ case BUILD_PKCS11_PIN:
pin = va_arg(args, char*);
continue;
+ case BUILD_PKCS11_SLOT:
+ slot = va_arg(args, int);
+ continue;
+ case BUILD_PKCS11_MODULE:
+ engine_id = va_arg(args, char*);
+ continue;
case BUILD_END:
break;
default:
@@ -478,8 +485,20 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
return NULL;
}
- engine_id = lib->settings->get_str(lib->settings,
+ if (slot == -1)
+ {
+ snprintf(keyname, sizeof(keyname), "%s", keyid);
+ }
+ else
+ {
+ snprintf(keyname, sizeof(keyname), "%d:%s", slot, keyid);
+ }
+
+ if (!engine_id)
+ {
+ engine_id = lib->settings->get_str(lib->settings,
"libstrongswan.plugins.openssl.engine_id", "pkcs11");
+ }
engine = ENGINE_by_id(engine_id);
if (!engine)
{
@@ -499,11 +518,11 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
return NULL;
}
- key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
+ key = ENGINE_load_private_key(engine, keyname, NULL, NULL);
if (!key)
{
DBG1(DBG_LIB, "failed to load private key with ID '%s' from "
- "engine '%s'", keyid, engine_id);
+ "engine '%s'", keyname, engine_id);
ENGINE_free(engine);
return NULL;
}
@@ -512,6 +531,11 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
this = create_empty();
this->rsa = EVP_PKEY_get1_RSA(key);
this->engine = TRUE;
+ if (!this->rsa)
+ {
+ destroy(this);
+ return NULL;
+ }
return &this->public;
#else /* OPENSSL_NO_ENGINE */