int
rsa_sign(char *path, struct rsa_key *rsa, unsigned char **sigret, unsigned int *siglen)
{
char errbuf[1024];
int max_len = 0, ret;
char sha256[SHA256_DIGEST_LENGTH * 2 +1];
if (access(rsa->path, R_OK) == -1) {
pkg_emit_errno("access", rsa->path);
return (EPKG_FATAL);
}
if (rsa->key == NULL && _load_rsa_private_key(rsa) != EPKG_OK) {
pkg_emit_error("can't load key from %s", rsa->path);
return (EPKG_FATAL);
}
max_len = RSA_size(rsa->key);
*sigret = calloc(1, max_len + 1);
sha256_file(path, sha256);
ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa->key);
if (ret == 0) {
/* XXX pass back RSA errors correctly */
pkg_emit_error("%s: %s", rsa->path,
ERR_error_string(ERR_get_error(), errbuf));
return (EPKG_FATAL);
}
return (EPKG_OK);
}
int
rsa_sign(char *path, pem_password_cb *password_cb, char *rsa_key_path,
unsigned char **sigret, unsigned int *siglen)
{
char errbuf[1024];
int max_len = 0, ret;
RSA *rsa = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 +1];
if (access(rsa_key_path, R_OK) == -1) {
pkg_emit_errno("access", rsa_key_path);
return EPKG_FATAL;
}
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
rsa = _load_rsa_private_key(rsa_key_path, password_cb);
if (rsa == NULL) {
pkg_emit_error("can't load key from %s", rsa_key_path);
return EPKG_FATAL;
}
max_len = RSA_size(rsa);
*sigret = calloc(1, max_len + 1);
sha256_file(path, sha256);
ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa);
if (ret == 0) {
/* XXX pass back RSA errors correctly */
pkg_emit_error("%s: %s", rsa_key_path,
ERR_error_string(ERR_get_error(), errbuf));
return EPKG_FATAL;
}
RSA_free(rsa);
ERR_free_strings();
return (EPKG_OK);
}
