Google Git
Sign in
boringssl/boringssl.git/66b2fe8e0273d1f6cca5db95d4ac3979621dc4ce^!/./include/openssl/ssl.h
commit
66b2fe8e0273d1f6cca5db95d4ac3979621dc4ce
[log]
author
Tom Thorogood <me+google@tomthorogood.co.uk>
Sun Mar 06 20:08:38 2016 +1030
committer
David Benjamin <davidben@google.com>
Mon Mar 07 18:16:58 2016 +0000
tree
8d64a25664b90af253aa6b1ac4e23d8d94a78ad8
parent
62e0219679f5a120445a95def01c7679f5eb1790 [diff] [blame]
Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method|

This change adds a |SSL_CTX_set_private_key_method| method that sets key_method on a SSL_CTX's cert.

It allows the private key method to be set once and inherited.

A copy of key_method (from SSL_CTX's cert to SSL's cert) is added in |ssl_cert_dup|.

Change-Id: Icb62e9055e689cfe2d5caa3a638797120634b63f
Reviewed-on: https://boringssl-review.googlesource.com/7340
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 7cc901b..be5776c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -465,7 +465,8 @@
  * a private key operation was unfinished. The caller may retry the operation
  * when the private key operation is complete.
  *
- * See also |SSL_set_private_key_method|. */
+ * See also |SSL_set_private_key_method| and
+ * |SSL_CTX_set_private_key_method|. */
 #define SSL_ERROR_WANT_PRIVATE_KEY_OPERATION 13
 
 /* SSL_set_mtu sets the |ssl|'s MTU in DTLS to |mtu|. It returns one on success
@@ -1003,6 +1004,11 @@
 OPENSSL_EXPORT void SSL_set_private_key_method(
     SSL *ssl, const SSL_PRIVATE_KEY_METHOD *key_method);
 
+/* SSL_CTX_set_private_key_method configures a custom private key on |ctx|.
+ * |key_method| must remain valid for the lifetime of |ctx|. */
+OPENSSL_EXPORT void SSL_CTX_set_private_key_method(
+    SSL_CTX *ctx, const SSL_PRIVATE_KEY_METHOD *key_method);
+
 
 /* Cipher suites.
  *