diff options
author | davidcunado-arm <david.cunado@arm.com> | 2017-02-14 08:56:44 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-14 08:56:44 +0000 |
commit | 7a1c268fd80e85fa00998533d8993c660682e88d (patch) | |
tree | d61570390886e6d1ac2af926ffe760e2796bf60b /tools | |
parent | 27e16d85ecd8df73c2f3ebd2bad43deee975a6de (diff) | |
parent | c893c73309aab3a9acfa0f0508a194a2078da556 (diff) |
Merge pull request #833 from masahir0y/cert_create
Bug fix and cleanup of cert_create tool
Diffstat (limited to 'tools')
-rw-r--r-- | tools/cert_create/include/key.h | 1 | ||||
-rw-r--r-- | tools/cert_create/src/cert.c | 10 | ||||
-rw-r--r-- | tools/cert_create/src/ext.c | 29 | ||||
-rw-r--r-- | tools/cert_create/src/key.c | 28 | ||||
-rw-r--r-- | tools/cert_create/src/main.c | 24 |
5 files changed, 40 insertions, 52 deletions
diff --git a/tools/cert_create/include/key.h b/tools/cert_create/include/key.h index f60997f0..433f72ce 100644 --- a/tools/cert_create/include/key.h +++ b/tools/cert_create/include/key.h @@ -73,6 +73,7 @@ typedef struct key_s { /* Exported API */ int key_init(void); key_t *key_get_by_opt(const char *opt); +int key_new(key_t *key); int key_create(key_t *key, int type); int key_load(key_t *key, unsigned int *err_code); int key_store(key_t *key); diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c index a559832e..375c66bf 100644 --- a/tools/cert_create/src/cert.c +++ b/tools/cert_create/src/cert.c @@ -103,10 +103,10 @@ int cert_new(cert_t *cert, int days, int ca, STACK_OF(X509_EXTENSION) * sk) cert_t *issuer_cert = &certs[cert->issuer]; EVP_PKEY *ikey = keys[issuer_cert->key].key; X509 *issuer = issuer_cert->x; - X509 *x = NULL; - X509_EXTENSION *ex = NULL; - X509_NAME *name = NULL; - ASN1_INTEGER *sno = NULL; + X509 *x; + X509_EXTENSION *ex; + X509_NAME *name; + ASN1_INTEGER *sno; int i, num; /* Create the certificate structure */ @@ -202,7 +202,7 @@ int cert_init(void) cert_t *cert_get_by_opt(const char *opt) { - cert_t *cert = NULL; + cert_t *cert; unsigned int i; for (i = 0; i < num_certs; i++) { diff --git a/tools/cert_create/src/ext.c b/tools/cert_create/src/ext.c index 3f56edb7..a50919ee 100644 --- a/tools/cert_create/src/ext.c +++ b/tools/cert_create/src/ext.c @@ -181,13 +181,13 @@ X509_EXTENSION *ext_new(int nid, int crit, unsigned char *data, int len) X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md, unsigned char *buf, size_t len) { - X509_EXTENSION *ex = NULL; - ASN1_OCTET_STRING *octet = NULL; - HASH *hash = NULL; - ASN1_OBJECT *algorithm = NULL; - X509_ALGOR *x509_algor = NULL; + X509_EXTENSION *ex; + ASN1_OCTET_STRING *octet; + HASH *hash; + ASN1_OBJECT *algorithm; + X509_ALGOR *x509_algor; unsigned char *p = NULL; - int sz = -1; + int sz; /* OBJECT_IDENTIFIER with hash algorithm */ algorithm = OBJ_nid2obj(md->type); @@ -254,16 +254,15 @@ X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md, */ X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value) { - X509_EXTENSION *ex = NULL; - ASN1_INTEGER *counter = NULL; + X509_EXTENSION *ex; + ASN1_INTEGER *counter; unsigned char *p = NULL; - int sz = -1; + int sz; /* Encode counter */ counter = ASN1_INTEGER_new(); ASN1_INTEGER_set(counter, value); - sz = i2d_ASN1_INTEGER(counter, NULL); - i2d_ASN1_INTEGER(counter, &p); + sz = i2d_ASN1_INTEGER(counter, &p); /* Create the extension */ ex = ext_new(nid, crit, p, sz); @@ -292,9 +291,9 @@ X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value) */ X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k) { - X509_EXTENSION *ex = NULL; - unsigned char *p = NULL; - int sz = -1; + X509_EXTENSION *ex; + unsigned char *p; + int sz; /* Encode key */ BIO *mem = BIO_new(BIO_s_mem()); @@ -316,7 +315,7 @@ X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k) ext_t *ext_get_by_opt(const char *opt) { - ext_t *ext = NULL; + ext_t *ext; unsigned int i; /* Sequential search. This is not a performance concern since the number diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c index a7ee7596..ce0e4da6 100644 --- a/tools/cert_create/src/key.c +++ b/tools/cert_create/src/key.c @@ -49,7 +49,7 @@ /* * Create a new key container */ -static int key_new(key_t *key) +int key_new(key_t *key) { /* Create key pair container */ key->key = EVP_PKEY_new(); @@ -62,7 +62,7 @@ static int key_new(key_t *key) static int key_create_rsa(key_t *key) { - RSA *rsa = NULL; + RSA *rsa; rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL); if (rsa == NULL) { @@ -83,7 +83,7 @@ err: #ifndef OPENSSL_NO_EC static int key_create_ecdsa(key_t *key) { - EC_KEY *ec = NULL; + EC_KEY *ec; ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); if (ec == NULL) { @@ -123,11 +123,6 @@ int key_create(key_t *key, int type) return 0; } - /* Create OpenSSL key container */ - if (!key_new(key)) { - return 0; - } - if (key_create_fn[type]) { return key_create_fn[type](key); } @@ -137,14 +132,8 @@ int key_create(key_t *key, int type) int key_load(key_t *key, unsigned int *err_code) { - FILE *fp = NULL; - EVP_PKEY *k = NULL; - - /* Create OpenSSL key container */ - if (!key_new(key)) { - *err_code = KEY_ERR_MALLOC; - return 0; - } + FILE *fp; + EVP_PKEY *k; if (key->fn) { /* Load key from file */ @@ -173,7 +162,7 @@ int key_load(key_t *key, unsigned int *err_code) int key_store(key_t *key) { - FILE *fp = NULL; + FILE *fp; if (key->fn) { fp = fopen(key->fn, "w"); @@ -196,7 +185,6 @@ int key_init(void) { cmd_opt_t cmd_opt; key_t *key; - int rc = 0; unsigned int i; for (i = 0; i < num_keys; i++) { @@ -211,12 +199,12 @@ int key_init(void) } } - return rc; + return 0; } key_t *key_get_by_opt(const char *opt) { - key_t *key = NULL; + key_t *key; unsigned int i; /* Sequential search. This is not a performance concern since the number diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index c58f41de..c9c96222 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -134,7 +134,6 @@ static void print_help(const char *cmd, const struct option *long_opt) printf("\t%s [OPTIONS]\n\n", cmd); printf("Available options:\n"); - i = 0; opt = long_opt; while (opt->name) { p = line; @@ -261,12 +260,12 @@ static const cmd_opt_t common_cmd_opt[] = { int main(int argc, char *argv[]) { - STACK_OF(X509_EXTENSION) * sk = NULL; - X509_EXTENSION *cert_ext = NULL; - ext_t *ext = NULL; - key_t *key = NULL; - cert_t *cert = NULL; - FILE *file = NULL; + STACK_OF(X509_EXTENSION) * sk; + X509_EXTENSION *cert_ext; + ext_t *ext; + key_t *key; + cert_t *cert; + FILE *file; int i, j, ext_nid, nvctr; int c, opt_idx = 0; const struct option *cmd_opt; @@ -367,6 +366,11 @@ int main(int argc, char *argv[]) /* Load private keys from files (or generate new ones) */ for (i = 0 ; i < num_keys ; i++) { + if (!key_new(&keys[i])) { + ERROR("Failed to allocate key container\n"); + exit(1); + } + /* First try to load the key from disk */ if (key_load(&keys[i], &err_code)) { /* Key loaded successfully */ @@ -374,11 +378,7 @@ int main(int argc, char *argv[]) } /* Key not loaded. Check the error code */ - if (err_code == KEY_ERR_MALLOC) { - /* Cannot allocate memory. Abort. */ - ERROR("Malloc error while loading '%s'\n", keys[i].fn); - exit(1); - } else if (err_code == KEY_ERR_LOAD) { + if (err_code == KEY_ERR_LOAD) { /* File exists, but it does not contain a valid private * key. Abort. */ ERROR("Error loading '%s'\n", keys[i].fn); |