sign-file,extract-cert: move common SSL helper functions to a header

Couple error handling helpers are repeated in both tools, so
move them to a common header.

Signed-off-by: Jan Stancek <jstancek@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com>
Reviewed-by: Neal Gompa <neal@gompa.dev>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
This commit is contained in:
Jan Stancek 2024-07-12 09:11:14 +02:00 committed by Jarkko Sakkinen
parent 70fd1966c9
commit 300e6d4116
5 changed files with 45 additions and 71 deletions

View File

@ -5204,6 +5204,7 @@ S: Maintained
F: Documentation/admin-guide/module-signing.rst F: Documentation/admin-guide/module-signing.rst
F: certs/ F: certs/
F: scripts/sign-file.c F: scripts/sign-file.c
F: scripts/ssl-common.h
F: tools/certs/ F: tools/certs/
CFAG12864B LCD DRIVER CFAG12864B LCD DRIVER

View File

@ -84,5 +84,5 @@ targets += x509_revocation_list
hostprogs := extract-cert hostprogs := extract-cert
HOSTCFLAGS_extract-cert.o = $(shell $(HOSTPKG_CONFIG) --cflags libcrypto 2> /dev/null) HOSTCFLAGS_extract-cert.o = $(shell $(HOSTPKG_CONFIG) --cflags libcrypto 2> /dev/null) -I$(srctree)/scripts
HOSTLDLIBS_extract-cert = $(shell $(HOSTPKG_CONFIG) --libs libcrypto 2> /dev/null || echo -lcrypto) HOSTLDLIBS_extract-cert = $(shell $(HOSTPKG_CONFIG) --libs libcrypto 2> /dev/null || echo -lcrypto)

View File

@ -23,6 +23,8 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/engine.h> #include <openssl/engine.h>
#include "ssl-common.h"
/* /*
* OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API.
* *
@ -40,41 +42,6 @@ void format(void)
exit(2); exit(2);
} }
static void display_openssl_errors(int l)
{
const char *file;
char buf[120];
int e, line;
if (ERR_peek_error() == 0)
return;
fprintf(stderr, "At main.c:%d:\n", l);
while ((e = ERR_get_error_line(&file, &line))) {
ERR_error_string(e, buf);
fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
}
}
static void drain_openssl_errors(void)
{
const char *file;
int line;
if (ERR_peek_error() == 0)
return;
while (ERR_get_error_line(&file, &line)) {}
}
#define ERR(cond, fmt, ...) \
do { \
bool __cond = (cond); \
display_openssl_errors(__LINE__); \
if (__cond) { \
err(1, fmt, ## __VA_ARGS__); \
} \
} while(0)
static const char *key_pass; static const char *key_pass;
static BIO *wb; static BIO *wb;
static char *cert_dst; static char *cert_dst;

View File

@ -29,6 +29,8 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/engine.h> #include <openssl/engine.h>
#include "ssl-common.h"
/* /*
* OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API.
* *
@ -83,41 +85,6 @@ void format(void)
exit(2); exit(2);
} }
static void display_openssl_errors(int l)
{
const char *file;
char buf[120];
int e, line;
if (ERR_peek_error() == 0)
return;
fprintf(stderr, "At main.c:%d:\n", l);
while ((e = ERR_get_error_line(&file, &line))) {
ERR_error_string(e, buf);
fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
}
}
static void drain_openssl_errors(void)
{
const char *file;
int line;
if (ERR_peek_error() == 0)
return;
while (ERR_get_error_line(&file, &line)) {}
}
#define ERR(cond, fmt, ...) \
do { \
bool __cond = (cond); \
display_openssl_errors(__LINE__); \
if (__cond) { \
errx(1, fmt, ## __VA_ARGS__); \
} \
} while(0)
static const char *key_pass; static const char *key_pass;
static int pem_pw_cb(char *buf, int len, int w, void *v) static int pem_pw_cb(char *buf, int len, int w, void *v)

39
scripts/ssl-common.h Normal file
View File

@ -0,0 +1,39 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
/*
* SSL helper functions shared by sign-file and extract-cert.
*/
static void display_openssl_errors(int l)
{
const char *file;
char buf[120];
int e, line;
if (ERR_peek_error() == 0)
return;
fprintf(stderr, "At main.c:%d:\n", l);
while ((e = ERR_get_error_line(&file, &line))) {
ERR_error_string(e, buf);
fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
}
}
static void drain_openssl_errors(void)
{
const char *file;
int line;
if (ERR_peek_error() == 0)
return;
while (ERR_get_error_line(&file, &line)) {}
}
#define ERR(cond, fmt, ...) \
do { \
bool __cond = (cond); \
display_openssl_errors(__LINE__); \
if (__cond) { \
errx(1, fmt, ## __VA_ARGS__); \
} \
} while (0)