Introduce read_priv_pkey() to read keys using EVP_PKEY, and change read_priv_key() to be wrapper for it. Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx> --- src/libimaevm.c | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/src/libimaevm.c b/src/libimaevm.c index da0f422..c620c1e 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -753,10 +753,10 @@ void calc_keyid_v2(uint32_t *keyid, char *str, RSA *key) free(pkey); } -static RSA *read_priv_key(const char *keyfile, const char *keypass) +static EVP_PKEY *read_priv_pkey(const char *keyfile, const char *keypass) { FILE *fp; - RSA *key; + EVP_PKEY *key; fp = fopen(keyfile, "r"); if (!fp) { @@ -764,18 +764,40 @@ static RSA *read_priv_key(const char *keyfile, const char *keypass) return NULL; } ERR_load_crypto_strings(); - key = PEM_read_RSAPrivateKey(fp, NULL, NULL, (void *)keypass); + key = PEM_read_PrivateKey(fp, NULL, NULL, (void *)keypass); if (!key) { char str[256]; - ERR_error_string(ERR_get_error(), str); - log_err("PEM_read_RSAPrivateKey() failed: %s\n", str); + ERR_error_string(ERR_peek_error(), str); + log_err("PEM_read_PrivateKey() failed: %s\n", str); +#ifdef USE_FPRINTF + ERR_print_errors_fp(stderr); +#else + ERR_clear_error(); +#endif } fclose(fp); return key; } +static RSA *read_priv_key(const char *keyfile, const char *keypass) +{ + EVP_PKEY *pkey; + RSA *key; + + pkey = read_priv_pkey(keyfile, keypass); + if (!pkey) + return NULL; + key = EVP_PKEY_get1_RSA(pkey); + EVP_PKEY_free(pkey); + if (!key) { + log_err("sign_hash_v1: unsupported key type\n"); + return NULL; + } + return key; +} + static int get_hash_algo_v1(const char *algo) { -- 2.11.0