Merge pull request #326 from jcastillo-arm/jc/tbb_ecdsa

TBB: build 'cert_create' with ECDSA only if OpenSSL supports it
2015-07-01 16:09:27 +01:00 · 2015-07-01 16:09:27 +01:00 · 1ea5233f34
parent 84f95bed54 ed2a76eab4
commit 1ea5233f34
3 changed files with 65 additions and 39 deletions
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h
@ -47,7 +47,10 @@ enum {
 /* Supported key algorithms */
 enum {
 	KEY_ALG_RSA,
-	KEY_ALG_ECDSA
+#ifndef OPENSSL_NO_EC
+	KEY_ALG_ECDSA,
+#endif /* OPENSSL_NO_EC */
+	KEY_ALG_MAX_NUM
 };

 /*
--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c
@ -59,56 +59,77 @@ static int key_new(key_t *key)
 	return 1;
 }

-int key_create(key_t *key, int type)
+static int key_create_rsa(key_t *key)
 {
 	RSA *rsa = NULL;
-	EC_KEY *ec = NULL;

-	/* Create OpenSSL key container */
-	if (!key_new(key)) {
+	rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL);
+	if (rsa == NULL) {
+		printf("Cannot create RSA key\n");
 		goto err;
 	}
-
-	switch (type) {
-	case KEY_ALG_RSA:
-		/* Generate a new RSA key */
-		rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL);
-		if (rsa == NULL) {
-			printf("Cannot create RSA key\n");
-			goto err;
-		}
-		if (!EVP_PKEY_assign_RSA(key->key, rsa)) {
-			printf("Cannot assign RSA key\n");
-			goto err;
-		}
-		break;
-	case KEY_ALG_ECDSA:
-		/* Generate a new ECDSA key */
-		ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-		if (ec == NULL) {
-			printf("Cannot create EC key\n");
-			goto err;
-		}
-		if (!EC_KEY_generate_key(ec)) {
-			printf("Cannot generate EC key\n");
-			goto err;
-		}
-		EC_KEY_set_flags(ec, EC_PKEY_NO_PARAMETERS);
-		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
-		if (!EVP_PKEY_assign_EC_KEY(key->key, ec)) {
-			printf("Cannot assign EC key\n");
-			goto err;
-		}
-		break;
-	default:
+	if (!EVP_PKEY_assign_RSA(key->key, rsa)) {
+		printf("Cannot assign RSA key\n");
 		goto err;
 	}

 	return 1;
-
 err:
 	RSA_free(rsa);
+	return 0;
+}
+
+#ifndef OPENSSL_NO_EC
+static int key_create_ecdsa(key_t *key)
+{
+	EC_KEY *ec = NULL;
+
+	ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+	if (ec == NULL) {
+		printf("Cannot create EC key\n");
+		goto err;
+	}
+	if (!EC_KEY_generate_key(ec)) {
+		printf("Cannot generate EC key\n");
+		goto err;
+	}
+	EC_KEY_set_flags(ec, EC_PKEY_NO_PARAMETERS);
+	EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
+	if (!EVP_PKEY_assign_EC_KEY(key->key, ec)) {
+		printf("Cannot assign EC key\n");
+		goto err;
+	}
+
+	return 1;
+err:
 	EC_KEY_free(ec);
+	return 0;
+}
+#endif /* OPENSSL_NO_EC */
+
+typedef int (*key_create_fn_t)(key_t *key);
+static const key_create_fn_t key_create_fn[KEY_ALG_MAX_NUM] = {
+	key_create_rsa,
+#ifndef OPENSSL_NO_EC
+	key_create_ecdsa,
+#endif /* OPENSSL_NO_EC */
+};
+
+int key_create(key_t *key, int type)
+{
+	if (type >= KEY_ALG_MAX_NUM) {
+		printf("Invalid key type\n");
+		return 0;
+	}
+
+	/* Create OpenSSL key container */
+	if (!key_new(key)) {
+		return 0;
+	}
+
+	if (key_create_fn[type]) {
+		return key_create_fn[type](key);
+	}

 	return 0;
 }
--- a/tools/cert_create/src/main.c
+++ b/tools/cert_create/src/main.c
@ -142,7 +142,9 @@ static char *strdup(const char *str)

 static const char *key_algs_str[] = {
 	[KEY_ALG_RSA] = "rsa",
+#ifndef OPENSSL_NO_EC
 	[KEY_ALG_ECDSA] = "ecdsa"
+#endif /* OPENSSL_NO_EC */
 };

 /* Command line options */