aboutsummaryrefslogtreecommitdiff
path: root/tools/cert_create/src/key.c
diff options
context:
space:
mode:
authorSoby Mathew <soby.mathew@arm.com>2019-09-13 12:00:59 +0000
committerTrustedFirmware Code Review <review@review.trustedfirmware.org>2019-09-13 12:00:59 +0000
commitc428fbaeab3191a5b7fda38fc2aa8da3d716ab97 (patch)
treed45974a3798396c1e0c56ccc9287ed0c3b625cab /tools/cert_create/src/key.c
parent76eac18647f3bb81e029309ea61f8c4c5336ca27 (diff)
parent6a415a508ea6acec321e4609d3f8e5c03ba67664 (diff)
downloadtrusted-firmware-a-c428fbaeab3191a5b7fda38fc2aa8da3d716ab97.tar.gz
Merge changes from topic "jc/rsa-pkcs" into integration
* changes: Remove RSA PKCS#1 v1.5 support from cert_tool Add documentation for new KEY_SIZE option Add cert_create tool support for RSA key sizes Support larger RSA key sizes when using MBEDTLS
Diffstat (limited to 'tools/cert_create/src/key.c')
-rw-r--r--tools/cert_create/src/key.c13
1 files changed, 6 insertions, 7 deletions
diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c
index fece77085..0f80cce9b 100644
--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c
@@ -41,7 +41,7 @@ int key_new(key_t *key)
return 1;
}
-static int key_create_rsa(key_t *key)
+static int key_create_rsa(key_t *key, int key_bits)
{
BIGNUM *e;
RSA *rsa = NULL;
@@ -63,7 +63,7 @@ static int key_create_rsa(key_t *key)
goto err;
}
- if (!RSA_generate_key_ex(rsa, RSA_KEY_BITS, e, NULL)) {
+ if (!RSA_generate_key_ex(rsa, key_bits, e, NULL)) {
printf("Cannot generate RSA key\n");
goto err;
}
@@ -82,7 +82,7 @@ err:
}
#ifndef OPENSSL_NO_EC
-static int key_create_ecdsa(key_t *key)
+static int key_create_ecdsa(key_t *key, int key_bits)
{
EC_KEY *ec;
@@ -109,16 +109,15 @@ err:
}
#endif /* OPENSSL_NO_EC */
-typedef int (*key_create_fn_t)(key_t *key);
+typedef int (*key_create_fn_t)(key_t *key, int key_bits);
static const key_create_fn_t key_create_fn[KEY_ALG_MAX_NUM] = {
key_create_rsa, /* KEY_ALG_RSA */
- key_create_rsa, /* KEY_ALG_RSA_1_5 */
#ifndef OPENSSL_NO_EC
key_create_ecdsa, /* KEY_ALG_ECDSA */
#endif /* OPENSSL_NO_EC */
};
-int key_create(key_t *key, int type)
+int key_create(key_t *key, int type, int key_bits)
{
if (type >= KEY_ALG_MAX_NUM) {
printf("Invalid key type\n");
@@ -126,7 +125,7 @@ int key_create(key_t *key, int type)
}
if (key_create_fn[type]) {
- return key_create_fn[type](key);
+ return key_create_fn[type](key, key_bits);
}
return 0;