sign-file,extract-cert: move common SSL helper functions to a header

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Couple error handling helpers are repeated in both tools, so
move them to a common header.

Signed-off-by: Jan Stancek <jstancek@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com>
Reviewed-by: Neal Gompa <neal@gompa.dev>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

authored by

Jan Stancek and committed by

Jarkko Sakkinen 2 years ago 300e6d41 70fd1966

+45 -71

5 changed files

expand all

MAINTAINERS

certs

Makefile

extract-cert.c

scripts

sign-file.c

ssl-common.h

MAINTAINERS

··· 5204 5204 F: Documentation/admin-guide/module-signing.rst 5205 5205 F: certs/ 5206 5206 F: scripts/sign-file.c 5207 + F: scripts/ssl-common.h 5207 5208 F: tools/certs/ 5208 5209 5209 5210 CFAG12864B LCD DRIVER

+1 -1

certs/Makefile

··· 84 84 85 85 hostprogs := extract-cert 86 86 87 - HOSTCFLAGS_extract-cert.o = $(shell $(HOSTPKG_CONFIG) --cflags libcrypto 2> /dev/null) 87 + HOSTCFLAGS_extract-cert.o = $(shell $(HOSTPKG_CONFIG) --cflags libcrypto 2> /dev/null) -I$(srctree)/scripts 88 88 HOSTLDLIBS_extract-cert = $(shell $(HOSTPKG_CONFIG) --libs libcrypto 2> /dev/null || echo -lcrypto)

+2 -35

certs/extract-cert.c

··· 23 23 #include <openssl/err.h> 24 24 #include <openssl/engine.h> 25 25 26 + #include "ssl-common.h" 27 + 26 28 /* 27 29 * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. 28 30 * ··· 41 39 "Usage: extract-cert <source> <dest>\n"); 42 40 exit(2); 43 41 } 44 - 45 - static void display_openssl_errors(int l) 46 - { 47 - const char *file; 48 - char buf[120]; 49 - int e, line; 50 - 51 - if (ERR_peek_error() == 0) 52 - return; 53 - fprintf(stderr, "At main.c:%d:\n", l); 54 - 55 - while ((e = ERR_get_error_line(&file, &line))) { 56 - ERR_error_string(e, buf); 57 - fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line); 58 - } 59 - } 60 - 61 - static void drain_openssl_errors(void) 62 - { 63 - const char *file; 64 - int line; 65 - 66 - if (ERR_peek_error() == 0) 67 - return; 68 - while (ERR_get_error_line(&file, &line)) {} 69 - } 70 - 71 - #define ERR(cond, fmt, ...) \ 72 - do { \ 73 - bool __cond = (cond); \ 74 - display_openssl_errors(__LINE__); \ 75 - if (__cond) { \ 76 - err(1, fmt, ## __VA_ARGS__); \ 77 - } \ 78 - } while(0) 79 42 80 43 static const char *key_pass; 81 44 static BIO *wb;

+2 -35

scripts/sign-file.c

··· 29 29 #include <openssl/err.h> 30 30 #include <openssl/engine.h> 31 31 32 + #include "ssl-common.h" 33 + 32 34 /* 33 35 * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. 34 36 * ··· 84 82 " scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n"); 85 83 exit(2); 86 84 } 87 - 88 - static void display_openssl_errors(int l) 89 - { 90 - const char *file; 91 - char buf[120]; 92 - int e, line; 93 - 94 - if (ERR_peek_error() == 0) 95 - return; 96 - fprintf(stderr, "At main.c:%d:\n", l); 97 - 98 - while ((e = ERR_get_error_line(&file, &line))) { 99 - ERR_error_string(e, buf); 100 - fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line); 101 - } 102 - } 103 - 104 - static void drain_openssl_errors(void) 105 - { 106 - const char *file; 107 - int line; 108 - 109 - if (ERR_peek_error() == 0) 110 - return; 111 - while (ERR_get_error_line(&file, &line)) {} 112 - } 113 - 114 - #define ERR(cond, fmt, ...) \ 115 - do { \ 116 - bool __cond = (cond); \ 117 - display_openssl_errors(__LINE__); \ 118 - if (__cond) { \ 119 - errx(1, fmt, ## __VA_ARGS__); \ 120 - } \ 121 - } while(0) 122 85 123 86 static const char *key_pass; 124 87

+39

scripts/ssl-common.h

··· 1 + /* SPDX-License-Identifier: LGPL-2.1+ */ 2 + /* 3 + * SSL helper functions shared by sign-file and extract-cert. 4 + */ 5 + 6 + static void display_openssl_errors(int l) 7 + { 8 + const char *file; 9 + char buf[120]; 10 + int e, line; 11 + 12 + if (ERR_peek_error() == 0) 13 + return; 14 + fprintf(stderr, "At main.c:%d:\n", l); 15 + 16 + while ((e = ERR_get_error_line(&file, &line))) { 17 + ERR_error_string(e, buf); 18 + fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line); 19 + } 20 + } 21 + 22 + static void drain_openssl_errors(void) 23 + { 24 + const char *file; 25 + int line; 26 + 27 + if (ERR_peek_error() == 0) 28 + return; 29 + while (ERR_get_error_line(&file, &line)) {} 30 + } 31 + 32 + #define ERR(cond, fmt, ...) \ 33 + do { \ 34 + bool __cond = (cond); \ 35 + display_openssl_errors(__LINE__); \ 36 + if (__cond) { \ 37 + errx(1, fmt, ## __VA_ARGS__); \ 38 + } \ 39 + } while (0)