int rsa_sign(char *path, struct rsa_key *rsa, unsigned char **sigret, unsigned int *siglen) { char errbuf[1024]; int max_len = 0, ret; char sha256[SHA256_DIGEST_LENGTH * 2 +1]; if (access(rsa->path, R_OK) == -1) { pkg_emit_errno("access", rsa->path); return (EPKG_FATAL); } if (rsa->key == NULL && _load_rsa_private_key(rsa) != EPKG_OK) { pkg_emit_error("can't load key from %s", rsa->path); return (EPKG_FATAL); } max_len = RSA_size(rsa->key); *sigret = calloc(1, max_len + 1); sha256_file(path, sha256); ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa->key); if (ret == 0) { /* XXX pass back RSA errors correctly */ pkg_emit_error("%s: %s", rsa->path, ERR_error_string(ERR_get_error(), errbuf)); return (EPKG_FATAL); } return (EPKG_OK); }
int rsa_sign(char *path, pem_password_cb *password_cb, char *rsa_key_path, unsigned char **sigret, unsigned int *siglen) { char errbuf[1024]; int max_len = 0, ret; RSA *rsa = NULL; char sha256[SHA256_DIGEST_LENGTH * 2 +1]; if (access(rsa_key_path, R_OK) == -1) { pkg_emit_errno("access", rsa_key_path); return EPKG_FATAL; } SSL_load_error_strings(); OpenSSL_add_all_algorithms(); OpenSSL_add_all_ciphers(); rsa = _load_rsa_private_key(rsa_key_path, password_cb); if (rsa == NULL) { pkg_emit_error("can't load key from %s", rsa_key_path); return EPKG_FATAL; } max_len = RSA_size(rsa); *sigret = calloc(1, max_len + 1); sha256_file(path, sha256); ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa); if (ret == 0) { /* XXX pass back RSA errors correctly */ pkg_emit_error("%s: %s", rsa_key_path, ERR_error_string(ERR_get_error(), errbuf)); return EPKG_FATAL; } RSA_free(rsa); ERR_free_strings(); return (EPKG_OK); }