diff options
author | Lucas Stach <l.stach@pengutronix.de> | 2018-06-08 13:07:47 +0200 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2018-07-13 08:20:03 +0200 |
commit | 542a50d4ebc72f50ff443780ecd8fca8e02d5340 (patch) | |
tree | a001b3202b5f295df8d724f20db2857dc42d1a36 | |
parent | 7257e80f5c052467333d800f2951c9338400111a (diff) | |
download | barebox-542a50d4ebc72f50ff443780ecd8fca8e02d5340.tar.gz barebox-542a50d4ebc72f50ff443780ecd8fca8e02d5340.tar.xz |
scripts: imx-image: fix build with OpenSSL 1.1.x
OpenSSL 1.1.x made some of the types opaque, so peeking inside directly
doesn't work anymore. Use the correct accessors instead.
I've dropped the algorithm check, as EVP_PKEY_get0_RSA() already verifies
that the pubkey is RSA and returns NULL if it isn't.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
-rw-r--r-- | scripts/imx/imx-image.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/scripts/imx/imx-image.c b/scripts/imx/imx-image.c index 6ebae22562..452a544bc3 100644 --- a/scripts/imx/imx-image.c +++ b/scripts/imx/imx-image.c @@ -122,12 +122,23 @@ struct hab_rsa_public_key { #include <openssl/pem.h> #include <openssl/bio.h> +#if OPENSSL_VERSION_NUMBER < 0x10100000L +void RSA_get0_key(const RSA *r, const BIGNUM **n, + const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} +#endif + static int extract_key(const char *certfile, uint8_t **modulus, int *modulus_len, uint8_t **exponent, int *exponent_len) { - char buf[PUBKEY_ALGO_LEN]; - int pubkey_algonid; - const char *sslbuf; + const BIGNUM *n, *e; EVP_PKEY *pkey; FILE *fp; X509 *cert; @@ -148,37 +159,26 @@ static int extract_key(const char *certfile, uint8_t **modulus, int *modulus_len fclose(fp); - pubkey_algonid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); - if (pubkey_algonid == NID_undef) { - fprintf(stderr, "unable to find specified public key algorithm name.\n"); - return -EINVAL; - } - - if (pubkey_algonid != NID_rsaEncryption) - return -EINVAL; - - sslbuf = OBJ_nid2ln(pubkey_algonid); - strncpy(buf, sslbuf, PUBKEY_ALGO_LEN); - pkey = X509_get_pubkey(cert); if (!pkey) { fprintf(stderr, "unable to extract public key from certificate"); return -EINVAL; } - rsa_key = pkey->pkey.rsa; + rsa_key = EVP_PKEY_get0_RSA(pkey); if (!rsa_key) { fprintf(stderr, "unable to extract RSA public key"); return -EINVAL; } - *modulus_len = BN_num_bytes(rsa_key->n); + RSA_get0_key(rsa_key, &n, &e, NULL); + *modulus_len = BN_num_bytes(n); *modulus = malloc(*modulus_len); - BN_bn2bin(rsa_key->n, *modulus); + BN_bn2bin(n, *modulus); - *exponent_len = BN_num_bytes(rsa_key->e); + *exponent_len = BN_num_bytes(e); *exponent = malloc(*exponent_len); - BN_bn2bin(rsa_key->e, *exponent); + BN_bn2bin(e, *exponent); EVP_PKEY_free(pkey); X509_free(cert); |