Merge pull request #326 from jcastillo-arm/jc/tbb_ecdsa

TBB: build 'cert_create' with ECDSA only if OpenSSL supports it

Merge pull request #326 from jcastillo-arm/jc/tbb_ecdsa
TBB: build 'cert_create' with ECDSA only if OpenSSL supports it
1ea5233f · Achin Gupta · 84f95bed · ed2a76ea · 1ea5233f · 1ea5233f
Commit 1ea5233f authored Jul 01, 2015 by Achin Gupta
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h
@@ -47,7 +47,10 @@ enum {
 /* Supported key algorithms */
 enum {
 	KEY_ALG_RSA,
-	KEY_ALG_ECDSA
+#ifndef OPENSSL_NO_EC
+	KEY_ALG_ECDSA,
+#endif /* OPENSSL_NO_EC */
+	KEY_ALG_MAX_NUM
 };
 /*

--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c
@@ -59,56 +59,77 @@ static int key_new(key_t *key)
 	return 1;
 }
-int key_create(key_t *key, int type)
+static int key_create_rsa(key_t *key)
 {
 	RSA *rsa = NULL;
-	EC_KEY *ec = NULL;
-	/* Create OpenSSL key container */
+	rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL);
-	if (!key_new(key)) {
+	if (rsa == NULL) {
+		printf("Cannot create RSA key\n");
 		goto err;
 	}
+	if (!EVP_PKEY_assign_RSA(key->key, rsa)) {
-	switch (type) {
+		printf("Cannot assign RSA key\n");
-	case KEY_ALG_RSA:
-		/* Generate a new RSA key */
-		rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL);
-		if (rsa == NULL) {
-			printf("Cannot create RSA key\n");
-			goto err;
-		}
-		if (!EVP_PKEY_assign_RSA(key->key, rsa)) {
-			printf("Cannot assign RSA key\n");
-			goto err;
-		}
-		break;
-	case KEY_ALG_ECDSA:
-		/* Generate a new ECDSA key */
-		ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-		if (ec == NULL) {
-			printf("Cannot create EC key\n");
-			goto err;
-		}
-		if (!EC_KEY_generate_key(ec)) {
-			printf("Cannot generate EC key\n");
-			goto err;
-		}
-		EC_KEY_set_flags(ec, EC_PKEY_NO_PARAMETERS);
-		EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
-		if (!EVP_PKEY_assign_EC_KEY(key->key, ec)) {
-			printf("Cannot assign EC key\n");
-			goto err;
-		}
-		break;
-	default:
 		goto err;
 	}
 	return 1;
 err:
 	RSA_free(rsa);
+	return 0;
+}
+#ifndef OPENSSL_NO_EC
+static int key_create_ecdsa(key_t *key)
+{
+	EC_KEY *ec = NULL;
+	ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+	if (ec == NULL) {
+		printf("Cannot create EC key\n");
+		goto err;
+	}
+	if (!EC_KEY_generate_key(ec)) {
+		printf("Cannot generate EC key\n");
+		goto err;
+	}
+	EC_KEY_set_flags(ec, EC_PKEY_NO_PARAMETERS);
+	EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
+	if (!EVP_PKEY_assign_EC_KEY(key->key, ec)) {
+		printf("Cannot assign EC key\n");
+		goto err;
+	}
+	return 1;
+err:
 	EC_KEY_free(ec);
+	return 0;
+}
+#endif /* OPENSSL_NO_EC */
+typedef int (*key_create_fn_t)(key_t *key);
+static const key_create_fn_t key_create_fn[KEY_ALG_MAX_NUM] = {
+	key_create_rsa,
+#ifndef OPENSSL_NO_EC
+	key_create_ecdsa,
+#endif /* OPENSSL_NO_EC */
+};
+int key_create(key_t *key, int type)
+{
+	if (type >= KEY_ALG_MAX_NUM) {
+		printf("Invalid key type\n");
+		return 0;
+	}
+	/* Create OpenSSL key container */
+	if (!key_new(key)) {
+		return 0;
+	}
+	if (key_create_fn[type]) {
+		return key_create_fn[type](key);
+	}
 	return 0;
 }

--- a/tools/cert_create/src/main.c
+++ b/tools/cert_create/src/main.c
@@ -142,7 +142,9 @@ static char *strdup(const char *str)
 static const char *key_algs_str[] = {
 	[KEY_ALG_RSA] = "rsa",
+#ifndef OPENSSL_NO_EC
 	[KEY_ALG_ECDSA] = "ecdsa"
+#endif /* OPENSSL_NO_EC */
 };
 /* Command line options */