diff options
author | Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> | 2019-06-16 20:53:38 +0300 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2019-07-18 11:31:23 -0400 |
commit | 5b123e010954d8f6ef24dd0cb1a8cbe1d7d53851 (patch) | |
tree | cca21fad52e79da0f23dcad1e0866a3b7ad03a39 /lib | |
parent | 0e80dda32c8d724c2a98dbbfb2f1e59762788f15 (diff) |
lib: rsa: add support to other openssl engine types than pkcs11
There are multiple other openssl engines used by HSMs that can be used to
sign FIT images instead of forcing users to use pkcs11 type of service.
Relax engine selection so that other openssl engines can be specified and
use generic key id definition formula.
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Cc: Tom Rini <trini@konsulko.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/rsa/rsa-sign.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index fb5e07b56d..5b5905aeb5 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -141,6 +141,15 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name, snprintf(key_id, sizeof(key_id), "pkcs11:object=%s;type=public", name); + } else if (engine_id) { + if (keydir) + snprintf(key_id, sizeof(key_id), + "%s%s", + keydir, name); + else + snprintf(key_id, sizeof(key_id), + "%s", + name); } else { fprintf(stderr, "Engine not supported\n"); return -ENOTSUP; @@ -252,6 +261,15 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name, snprintf(key_id, sizeof(key_id), "pkcs11:object=%s;type=private", name); + } else if (engine_id) { + if (keydir) + snprintf(key_id, sizeof(key_id), + "%s%s", + keydir, name); + else + snprintf(key_id, sizeof(key_id), + "%s", + name); } else { fprintf(stderr, "Engine not supported\n"); return -ENOTSUP; |