git.ipfire.org Git - thirdparty/openvpn.git/commit

author	James Bottomley <James.Bottomley@HansenPartnership.com>
	Thu, 28 May 2020 22:59:18 +0000 (15:59 -0700)
committer	Gert Doering <gert@greenie.muc.de>
	Sat, 6 Jun 2020 18:06:24 +0000 (20:06 +0200)
commit	8155f8aa0a8d801dd0d84e0ec844b9ca4c225df7
tree	a7b3b3666b9f6566de3dfbc4498597025d91ecbb	tree
parent	7d65aad8973fa85a007a3de8907b9cbced20b2b4	commit \| diff

openssl: add engine method for loading the key

As well as doing crypto acceleration, engines can also be used to load
key files. If the engine is set, and the private key loading fails
for bio methods, this patch makes openvpn try to get the engine to
load the key. If that succeeds, we end up using an engine based key.
This can be used with the openssl tpm engines to make openvpn use a
TPM wrapped key file.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20200528225920.6983-2-James.Bottomley@HansenPartnership.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19937.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/crypto_openssl.c		diff \| blob \| blame \| history
src/openvpn/crypto_openssl.h		diff \| blob \| blame \| history
src/openvpn/ssl_openssl.c		diff \| blob \| blame \| history