return ret;
}
-int ossl_pw_pem_password(char *buf, int size, int rwflag, void *userdata)
+static int ossl_pw_get_password(char *buf, int size, int rwflag,
+ void *userdata, const char *info)
{
size_t password_len = 0;
OSSL_PARAM params[] = {
OSSL_PARAM_END
};
- params[0].data = "PEM";
+ params[0].data = (void *)info;
if (ossl_pw_get_passphrase(buf, (size_t)size, &password_len, params,
rwflag, userdata))
return (int)password_len;
return -1;
}
+int ossl_pw_pem_password(char *buf, int size, int rwflag, void *userdata)
+{
+ return ossl_pw_get_password(buf, size, rwflag, userdata, "PEM");
+}
+
+int ossl_pw_pvk_password(char *buf, int size, int rwflag, void *userdata)
+{
+ return ossl_pw_get_password(buf, size, rwflag, userdata, "PVK");
+}
+
int ossl_pw_passphrase_callback_enc(char *pass, size_t pass_size,
size_t *pass_len,
const OSSL_PARAM params[], void *arg)
*/
pem_password_cb ossl_pw_pem_password;
+pem_password_cb ossl_pw_pvk_password;
/* One callback for encoding (verification prompt) and one for decoding */
OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_enc;
OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_dec;
}
static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout,
- EVP_PKEY *pkey,
- OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+ EVP_PKEY *pkey)
{
BIO *out = NULL;
int ret = 0;
out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level,
- ossl_pw_pem_password, &ctx->pwdata, libctx, NULL);
+ ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL);
BIO_free(out);
return ret;
{
struct key2ms_ctx_st *ctx = vctx;
+ ossl_pw_clear_passphrase_data(&ctx->pwdata);
OPENSSL_free(ctx);
}
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0)
return 0; /* Error */
- if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key))
- ok = write_pvk(ctx, cout, pkey, pw_cb, pw_cbarg);
+ if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key)
+ && (pw_cb == NULL
+ || ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, pw_cb, pw_cbarg)))
+ ok = write_pvk(ctx, cout, pkey);
EVP_PKEY_free(pkey);
return ok;
}