diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2008-06-01 21:10:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2008-06-01 21:10:30 +0000 |
commit | 05935c47b254939d4eb819c027164dbc71340600 (patch) | |
tree | 10f152ec3dae963db8da524f7ac77634ba1dd09b /crypto/engine/eng_pkey.c | |
parent | d8bd55a364023e906c8faafe6296e860a60cab9b (diff) | |
download | openssl-05935c47b254939d4eb819c027164dbc71340600.tar.gz |
Add support for ENGINE supplied SSL client auth.
Diffstat (limited to 'crypto/engine/eng_pkey.c')
-rw-r--r-- | crypto/engine/eng_pkey.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/crypto/engine/eng_pkey.c b/crypto/engine/eng_pkey.c index bc8b21abec..9b5169c46e 100644 --- a/crypto/engine/eng_pkey.c +++ b/crypto/engine/eng_pkey.c @@ -69,6 +69,13 @@ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f) return 1; } +int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, + ENGINE_SSL_CLIENT_CERT_PTR loadssl_f) + { + e->load_ssl_client_cert = loadssl_f; + return 1; + } + ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e) { return e->load_privkey; @@ -79,6 +86,11 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e) return e->load_pubkey; } +ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e) + { + return e->load_ssl_client_cert; + } + /* API functions to load public/private keys */ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, @@ -152,3 +164,34 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, } return pkey; } + +int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, + STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, + UI_METHOD *ui_method, void *callback_data) + { + int ret; + + if(e == NULL) + { + ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + if(e->funct_ref == 0) + { + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, + ENGINE_R_NOT_INITIALISED); + return 0; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + if (!e->load_ssl_client_cert) + { + ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, + ENGINE_R_NO_LOAD_FUNCTION); + return 0; + } + return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, + ui_method, callback_data); + } |