diff options
| author | Lennart Poettering <lennart@poettering.net> | 2020-11-24 15:07:53 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2020-12-17 19:57:57 +0100 |
| commit | f2d5df8a302dcd940689310ef8623d9b48bbc68a (patch) | |
| tree | f9643d881fffe59721349add2e3591898da41d11 /src/home/homectl-pkcs11.c | |
| parent | 73d874bacdaf800b1f7ca0794f38e2fdd453fb6f (diff) | |
| download | systemd-f2d5df8a302dcd940689310ef8623d9b48bbc68a.tar.gz | |
homed: move helper calls for RSA encryption to shared code
Diffstat (limited to 'src/home/homectl-pkcs11.c')
| -rw-r--r-- | src/home/homectl-pkcs11.c | 42 |
1 files changed, 2 insertions, 40 deletions
diff --git a/src/home/homectl-pkcs11.c b/src/home/homectl-pkcs11.c index 4b7f8336aa..f4cfb94d2c 100644 --- a/src/home/homectl-pkcs11.c +++ b/src/home/homectl-pkcs11.c @@ -93,43 +93,6 @@ static int acquire_pkcs11_certificate( #endif } -static int encrypt_bytes( - EVP_PKEY *pkey, - const void *decrypted_key, - size_t decrypted_key_size, - void **ret_encrypt_key, - size_t *ret_encrypt_key_size) { - - _cleanup_(EVP_PKEY_CTX_freep) EVP_PKEY_CTX *ctx = NULL; - _cleanup_free_ void *b = NULL; - size_t l; - - ctx = EVP_PKEY_CTX_new(pkey, NULL); - if (!ctx) - return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to allocate public key context"); - - if (EVP_PKEY_encrypt_init(ctx) <= 0) - return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to initialize public key context"); - - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) - return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to configure PKCS#1 padding"); - - if (EVP_PKEY_encrypt(ctx, NULL, &l, decrypted_key, decrypted_key_size) <= 0) - return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to determine encrypted key size"); - - b = malloc(l); - if (!b) - return log_oom(); - - if (EVP_PKEY_encrypt(ctx, b, &l, decrypted_key, decrypted_key_size) <= 0) - return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to determine encrypted key size"); - - *ret_encrypt_key = TAKE_PTR(b); - *ret_encrypt_key_size = l; - - return 0; -} - static int add_pkcs11_encrypted_key( JsonVariant **v, const char *uri, @@ -267,9 +230,8 @@ int identity_add_pkcs11_key_data(JsonVariant **v, const char *uri) { size_t decrypted_key_size, encrypted_key_size; _cleanup_(X509_freep) X509 *cert = NULL; EVP_PKEY *pkey; + int bits, r; RSA *rsa; - int bits; - int r; assert(v); @@ -308,7 +270,7 @@ int identity_add_pkcs11_key_data(JsonVariant **v, const char *uri) { if (r < 0) return log_error_errno(r, "Failed to generate random key: %m"); - r = encrypt_bytes(pkey, decrypted_key, decrypted_key_size, &encrypted_key, &encrypted_key_size); + r = rsa_encrypt_bytes(pkey, decrypted_key, decrypted_key_size, &encrypted_key, &encrypted_key_size); if (r < 0) return log_error_errno(r, "Failed to encrypt key: %m"); |