Skip to content

Commit

Permalink
Detach returned public keys from PKCS11_OBJECT
Browse files Browse the repository at this point in the history
  • Loading branch information
@mtrojnar
mtrojnar committed Nov 28, 2024
1 parent 06351f1 commit 5c4b4b5
Show file tree
Hide file tree
Showing 4 changed files with 12 additions and 2 deletions.
6 changes: 6 additions & 0 deletions src/libp11-int.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -355,9 +355,15 @@ extern int pkcs11_private_decrypt(
/* Retrieve PKCS11_KEY from an RSA key */
extern PKCS11_OBJECT_private *pkcs11_get_ex_data_rsa(const RSA *rsa);

/* Set PKCS11_KEY for an RSA key */
void pkcs11_set_ex_data_rsa(RSA *rsa, PKCS11_OBJECT_private *key);

/* Retrieve PKCS11_KEY from an EC_KEY */
extern PKCS11_OBJECT_private *pkcs11_get_ex_data_ec(const EC_KEY *ec);

/* Set PKCS11_KEY for an EC_KEY */
extern void pkcs11_set_ex_data_ec(EC_KEY *ec, PKCS11_OBJECT_private *key);

/* Free the global RSA_METHOD */
extern void pkcs11_rsa_method_free(void);

Expand Down
2 changes: 1 addition & 1 deletion src/p11_ec.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,7 @@ PKCS11_OBJECT_private *pkcs11_get_ex_data_ec(const EC_KEY *ec)
#endif
}

static void pkcs11_set_ex_data_ec(EC_KEY *ec, PKCS11_OBJECT_private *key)
void pkcs11_set_ex_data_ec(EC_KEY *ec, PKCS11_OBJECT_private *key)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
EC_KEY_set_ex_data(ec, ec_ex_index, key);
Expand Down
4 changes: 4 additions & 0 deletions src/p11_key.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,6 +483,8 @@ EVP_PKEY *pkcs11_get_key(PKCS11_OBJECT_private *key0, CK_OBJECT_CLASS object_cla
}
if (key->object_class == CKO_PRIVATE_KEY)
pkcs11_object_ref(key);
else /* Detach the public key from PKCS11_OBJECT */
pkcs11_set_ex_data_rsa(rsa, NULL);
break;
case EVP_PKEY_EC:
#if OPENSSL_VERSION_NUMBER < 0x30000000L || defined(LIBRESSL_VERSION_NUMBER)
Expand All @@ -501,6 +503,8 @@ EVP_PKEY *pkcs11_get_key(PKCS11_OBJECT_private *key0, CK_OBJECT_CLASS object_cla
}
if (key->object_class == CKO_PRIVATE_KEY)
pkcs11_object_ref(key);
else /* Detach the public key from PKCS11_OBJECT */
pkcs11_set_ex_data_ec(ec_key, NULL);
#else
ret = EVP_PKEY_dup(key->evp_key);
#endif
Expand Down
2 changes: 1 addition & 1 deletion src/p11_rsa.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,7 +280,7 @@ PKCS11_OBJECT_private *pkcs11_get_ex_data_rsa(const RSA *rsa)
return RSA_get_ex_data(rsa, rsa_ex_index);
}

static void pkcs11_set_ex_data_rsa(RSA *rsa, PKCS11_OBJECT_private *key)
void pkcs11_set_ex_data_rsa(RSA *rsa, PKCS11_OBJECT_private *key)
{
RSA_set_ex_data(rsa, rsa_ex_index, key);
}
Expand Down

0 comments on commit 5c4b4b5

Please sign in to comment.