nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make tor-gencert build on Android

Browse Source 
Previously, tor-gencert would call RSA_generate_key() directly.
This won't work on Android, which removes the (deprecated since
OpenSSL 0.9.8) function.  We can't call RSA_generate_key_ex()
unconditionally either, since that didn't exist before 0.9.8.
Instead, we must call our own crypto_pk_generate_key_with_bits,
which knows how to call RSA_generate_key or RSA_generate_key_ex as
appropriate.

 [Based on patch by Nathan Freitas]
This commit is contained in:
Nick Mathewson 2009-09-29 00:49:43 -04:00
parent cfba9c01bf
commit d471795764
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/tools/tor-gencert.c
View File

@ -13,6 +13,7 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include <openssl/err.h>
@ -218,6 +219,20 @@ parse_commandline(int argc, char **argv)
return 0;
}
static RSA *
generate_key(int bits)
{
RSA *rsa = NULL;
crypto_pk_env_t *env = crypto_new_pk_env();
if (crypto_pk_generate_key_with_bits(env,bits)<0)
goto done;
rsa = _crypto_pk_env_get_rsa(env);
rsa = RSAPrivateKey_dup(rsa);
done:
crypto_free_pk_env(env);
return rsa;
}
/** Try to read the identity key from <b>identity_key_file</b>. If no such
* file exists and create_identity_key is set, make a new identity key and
* store it. Return 0 on success, nonzero on failure.
@ -238,7 +253,7 @@ load_identity_key(void)
}
log_notice(LD_GENERAL, "Generating %d-bit RSA identity key.",
IDENTITY_KEY_BITS);
if (!(key = RSA_generate_key(IDENTITY_KEY_BITS, 65537, NULL, NULL))) {
if (!(key = generate_key(IDENTITY_KEY_BITS))) {
log_err(LD_GENERAL, "Couldn't generate identity key.");
crypto_log_errors(LOG_ERR, "Generating identity key");
return 1;
@ -323,7 +338,7 @@ generate_signing_key(void)
RSA *key;
log_notice(LD_GENERAL, "Generating %d-bit RSA signing key.",
SIGNING_KEY_BITS);
if (!(key = RSA_generate_key(SIGNING_KEY_BITS, 65537, NULL, NULL))) {
if (!(key = generate_key(SIGNING_KEY_BITS))) {
log_err(LD_GENERAL, "Couldn't generate signing key.");
crypto_log_errors(LOG_ERR, "Generating signing key");
return 1;