nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-05-20 10:24:29 -05:00
Code Issues Projects Releases Wiki Activity

p11engine and p11module need to be orthogonal (independent of each other)

Browse Source
This commit is contained in:
olszomal 2020-10-21 13:22:40 +02:00 committed by Michał Trojnara
parent e8fe3e934d
commit 2f011cfc31
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
osslsigncode.c
View File

@ -5250,7 +5250,6 @@ out:
static int read_xcertfile(GLOBAL_OPTIONS *options, CRYPTO_PARAMS *cparams) static int read_xcertfile(GLOBAL_OPTIONS *options, CRYPTO_PARAMS *cparams)
{ {
BIO *btmp; BIO *btmp;
PKCS7 *p7;
int ret = 0; int ret = 0;
btmp = BIO_new_file(options->xcertfile, "rb"); btmp = BIO_new_file(options->xcertfile, "rb");
@ -5372,7 +5371,7 @@ ENGINE *dynamic_engine(GLOBAL_OPTIONS *options)
} }
/* Load a pkcs11 engine */ /* Load a pkcs11 engine */
ENGINE *pkcs11_engine(GLOBAL_OPTIONS *options) ENGINE *pkcs11_engine()
{ {
ENGINE *engine = ENGINE_by_id("pkcs11"); ENGINE *engine = ENGINE_by_id("pkcs11");
if (!engine) { if (!engine) {
@ -5385,7 +5384,7 @@ ENGINE *pkcs11_engine(GLOBAL_OPTIONS *options)
/* Load the private key and the signer certificate from a security token */ /* Load the private key and the signer certificate from a security token */
static int read_token(GLOBAL_OPTIONS *options, ENGINE *engine, CRYPTO_PARAMS *cparams) static int read_token(GLOBAL_OPTIONS *options, ENGINE *engine, CRYPTO_PARAMS *cparams)
{ {
if (!ENGINE_ctrl_cmd_string(engine, "MODULE_PATH", options->p11module, 0)) { if (options->p11module && !ENGINE_ctrl_cmd_string(engine, "MODULE_PATH", options->p11module, 0)) {
printf("Failed to set pkcs11 engine MODULE_PATH to '%s'\n", options->p11module); printf("Failed to set pkcs11 engine MODULE_PATH to '%s'\n", options->p11module);
ENGINE_free(engine); ENGINE_free(engine);
return 0; /* FAILED */ return 0; /* FAILED */
@ -5451,12 +5450,12 @@ static int read_crypto_params(GLOBAL_OPTIONS *options, CRYPTO_PARAMS *cparams)
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
/* PKCS11 engine and module support */ /* PKCS11 engine and module support */
} else if (options->p11module) { } else if ((options->p11engine) || (options->p11module)) {
ENGINE *engine; ENGINE *engine;
if (options->p11engine) if (options->p11engine)
engine = dynamic_engine(options); engine = dynamic_engine(options);
else else
engine = pkcs11_engine(options); engine = pkcs11_engine();
if (!engine) if (!engine)
goto out; /* FAILED */ goto out; /* FAILED */
printf("Engine \"%s\" set.\n", ENGINE_get_id(engine)); printf("Engine \"%s\" set.\n", ENGINE_get_id(engine));
@ -5991,7 +5990,7 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
(*cmd != CMD_VERIFY && !options->outfile) || (*cmd != CMD_VERIFY && !options->outfile) ||
(*cmd == CMD_SIGN && !((options->certfile && options->keyfile) || (*cmd == CMD_SIGN && !((options->certfile && options->keyfile) ||
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
options->p11module || options->p11engine || options->p11module ||
#endif /* OPENSSL_NO_ENGINE */ #endif /* OPENSSL_NO_ENGINE */
options->pkcs12file))) { options->pkcs12file))) {
if (failarg) if (failarg)