summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLucas Stach <l.stach@pengutronix.de>2018-06-08 13:07:47 +0200
committerSascha Hauer <s.hauer@pengutronix.de>2018-07-13 08:20:03 +0200
commit542a50d4ebc72f50ff443780ecd8fca8e02d5340 (patch)
treea001b3202b5f295df8d724f20db2857dc42d1a36
parent7257e80f5c052467333d800f2951c9338400111a (diff)
downloadbarebox-542a50d4ebc72f50ff443780ecd8fca8e02d5340.tar.gz
barebox-542a50d4ebc72f50ff443780ecd8fca8e02d5340.tar.xz
scripts: imx-image: fix build with OpenSSL 1.1.x
OpenSSL 1.1.x made some of the types opaque, so peeking inside directly doesn't work anymore. Use the correct accessors instead. I've dropped the algorithm check, as EVP_PKEY_get0_RSA() already verifies that the pubkey is RSA and returns NULL if it isn't. Signed-off-by: Lucas Stach <l.stach@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
-rw-r--r--scripts/imx/imx-image.c40
1 files changed, 20 insertions, 20 deletions
diff --git a/scripts/imx/imx-image.c b/scripts/imx/imx-image.c
index 6ebae22562..452a544bc3 100644
--- a/scripts/imx/imx-image.c
+++ b/scripts/imx/imx-image.c
@@ -122,12 +122,23 @@ struct hab_rsa_public_key {
#include <openssl/pem.h>
#include <openssl/bio.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+void RSA_get0_key(const RSA *r, const BIGNUM **n,
+ const BIGNUM **e, const BIGNUM **d)
+{
+ if (n != NULL)
+ *n = r->n;
+ if (e != NULL)
+ *e = r->e;
+ if (d != NULL)
+ *d = r->d;
+}
+#endif
+
static int extract_key(const char *certfile, uint8_t **modulus, int *modulus_len,
uint8_t **exponent, int *exponent_len)
{
- char buf[PUBKEY_ALGO_LEN];
- int pubkey_algonid;
- const char *sslbuf;
+ const BIGNUM *n, *e;
EVP_PKEY *pkey;
FILE *fp;
X509 *cert;
@@ -148,37 +159,26 @@ static int extract_key(const char *certfile, uint8_t **modulus, int *modulus_len
fclose(fp);
- pubkey_algonid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
- if (pubkey_algonid == NID_undef) {
- fprintf(stderr, "unable to find specified public key algorithm name.\n");
- return -EINVAL;
- }
-
- if (pubkey_algonid != NID_rsaEncryption)
- return -EINVAL;
-
- sslbuf = OBJ_nid2ln(pubkey_algonid);
- strncpy(buf, sslbuf, PUBKEY_ALGO_LEN);
-
pkey = X509_get_pubkey(cert);
if (!pkey) {
fprintf(stderr, "unable to extract public key from certificate");
return -EINVAL;
}
- rsa_key = pkey->pkey.rsa;
+ rsa_key = EVP_PKEY_get0_RSA(pkey);
if (!rsa_key) {
fprintf(stderr, "unable to extract RSA public key");
return -EINVAL;
}
- *modulus_len = BN_num_bytes(rsa_key->n);
+ RSA_get0_key(rsa_key, &n, &e, NULL);
+ *modulus_len = BN_num_bytes(n);
*modulus = malloc(*modulus_len);
- BN_bn2bin(rsa_key->n, *modulus);
+ BN_bn2bin(n, *modulus);
- *exponent_len = BN_num_bytes(rsa_key->e);
+ *exponent_len = BN_num_bytes(e);
*exponent = malloc(*exponent_len);
- BN_bn2bin(rsa_key->e, *exponent);
+ BN_bn2bin(e, *exponent);
EVP_PKEY_free(pkey);
X509_free(cert);