aboutsummaryrefslogtreecommitdiff
path: root/src/tools/tor-gencert.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2009-09-29 00:49:43 -0400
committerNick Mathewson <nickm@torproject.org>2009-09-29 00:53:43 -0400
commitd4717957646d9a2f97dd3ca6139e13f67b9b5ff0 (patch)
tree42350fda29c7dbf27caee7d326781eda331eafc9 /src/tools/tor-gencert.c
parentcfba9c01bf37a3c2f67b18275522df81c081e898 (diff)
downloadtor-d4717957646d9a2f97dd3ca6139e13f67b9b5ff0.tar.gz
tor-d4717957646d9a2f97dd3ca6139e13f67b9b5ff0.zip
Make tor-gencert build on Android
Previously, tor-gencert would call RSA_generate_key() directly. This won't work on Android, which removes the (deprecated since OpenSSL 0.9.8) function. We can't call RSA_generate_key_ex() unconditionally either, since that didn't exist before 0.9.8. Instead, we must call our own crypto_pk_generate_key_with_bits, which knows how to call RSA_generate_key or RSA_generate_key_ex as appropriate. [Based on patch by Nathan Freitas]
Diffstat (limited to 'src/tools/tor-gencert.c')
-rw-r--r--src/tools/tor-gencert.c19
1 files changed, 17 insertions, 2 deletions
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index 9ade76397a..04d53be072 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -13,6 +13,7 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
+#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include <openssl/err.h>
@@ -218,6 +219,20 @@ parse_commandline(int argc, char **argv)
return 0;
}
+static RSA *
+generate_key(int bits)
+{
+ RSA *rsa = NULL;
+ crypto_pk_env_t *env = crypto_new_pk_env();
+ if (crypto_pk_generate_key_with_bits(env,bits)<0)
+ goto done;
+ rsa = _crypto_pk_env_get_rsa(env);
+ rsa = RSAPrivateKey_dup(rsa);
+ done:
+ crypto_free_pk_env(env);
+ return rsa;
+}
+
/** Try to read the identity key from <b>identity_key_file</b>. If no such
* file exists and create_identity_key is set, make a new identity key and
* store it. Return 0 on success, nonzero on failure.
@@ -238,7 +253,7 @@ load_identity_key(void)
}
log_notice(LD_GENERAL, "Generating %d-bit RSA identity key.",
IDENTITY_KEY_BITS);
- if (!(key = RSA_generate_key(IDENTITY_KEY_BITS, 65537, NULL, NULL))) {
+ if (!(key = generate_key(IDENTITY_KEY_BITS))) {
log_err(LD_GENERAL, "Couldn't generate identity key.");
crypto_log_errors(LOG_ERR, "Generating identity key");
return 1;
@@ -323,7 +338,7 @@ generate_signing_key(void)
RSA *key;
log_notice(LD_GENERAL, "Generating %d-bit RSA signing key.",
SIGNING_KEY_BITS);
- if (!(key = RSA_generate_key(SIGNING_KEY_BITS, 65537, NULL, NULL))) {
+ if (!(key = generate_key(SIGNING_KEY_BITS))) {
log_err(LD_GENERAL, "Couldn't generate signing key.");
crypto_log_errors(LOG_ERR, "Generating signing key");
return 1;