From: Mouse <mouse008@gmail.com>
Date: Tue, 5 Jan 2016 04:49:00 +0000 (-0500)
Subject: Pass engine=NULL to EVP_PKEY_CTX_new(), unless "-engine_impl" was given
X-Git-Tag: OpenSSL_1_0_2f~19
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a2a29f702ac35746cb3c3c6c36b46fbbde5f83a1;p=oweals%2Fopenssl.git

Pass engine=NULL to EVP_PKEY_CTX_new(), unless "-engine_impl" was given

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
---

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index cc69ca9a8e..bb24b65e8d 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -74,7 +74,8 @@ static void usage(void);
 
 static EVP_PKEY_CTX *init_ctx(int *pkeysize,
                               char *keyfile, int keyform, int key_type,
-                              char *passargin, int pkey_op, ENGINE *e);
+                              char *passargin, int pkey_op, ENGINE *e,
+                              int   impl);
 
 static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
                       const char *file);
@@ -97,6 +98,7 @@ int MAIN(int argc, char **argv)
     EVP_PKEY_CTX *ctx = NULL;
     char *passargin = NULL;
     int keysize = -1;
+    int engine_impl = 0;
 
     unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
     size_t buf_outlen;
@@ -137,7 +139,7 @@ int MAIN(int argc, char **argv)
             else {
                 ctx = init_ctx(&keysize,
                                *(++argv), keyform, key_type,
-                               passargin, pkey_op, e);
+                               passargin, pkey_op, e, engine_impl);
                 if (!ctx) {
                     BIO_puts(bio_err, "Error initializing context\n");
                     ERR_print_errors(bio_err);
@@ -171,6 +173,8 @@ int MAIN(int argc, char **argv)
                 badarg = 1;
             else
                 e = setup_engine(bio_err, *(++argv), 0);
+        } else if (!strcmp(*argv, "-engine_impl")) {
+                engine_impl = 1;
         }
 #endif
         else if (!strcmp(*argv, "-pubin"))
@@ -369,6 +373,7 @@ static void usage()
 #ifndef OPENSSL_NO_ENGINE
     BIO_printf(bio_err,
                "-engine e       use engine e, possibly a hardware device.\n");
+    BIO_printf(bio_err, "-engine_impl    access key through the engine\n");
 #endif
     BIO_printf(bio_err, "-passin arg     pass phrase source\n");
 
@@ -376,10 +381,12 @@ static void usage()
 
 static EVP_PKEY_CTX *init_ctx(int *pkeysize,
                               char *keyfile, int keyform, int key_type,
-                              char *passargin, int pkey_op, ENGINE *e)
+                              char *passargin, int pkey_op, ENGINE *e,
+                              int   engine_impl)
 {
     EVP_PKEY *pkey = NULL;
     EVP_PKEY_CTX *ctx = NULL;
+    ENGINE *impl = NULL;
     char *passin = NULL;
     int rv = -1;
     X509 *x;
@@ -418,12 +425,13 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
 
     if (!pkey)
         goto end;
-
-    if ((keyform == FORMAT_ENGINE) && (strncmp(ENGINE_get_name(e),"pkcs11 engine", strlen("pkcs11 engine"))==0)) {
-      ctx = EVP_PKEY_CTX_new(pkey, NULL);
-    } else {
-      ctx = EVP_PKEY_CTX_new(pkey, e);
-    }
+        
+#ifndef OPENSSL_NO_ENGINE
+    if (engine_impl)
+	impl = e;
+#endif
+            
+    ctx = EVP_PKEY_CTX_new(pkey, impl);
     
     EVP_PKEY_free(pkey);