Skip to content

Commit

Permalink
Merge pull request #1042 from paullouisageneau/fix-key-generation-che…
Browse files Browse the repository at this point in the history
…ck-legacy-openssl

Fix key generation check legacy openssl
  • Loading branch information
paullouisageneau authored Nov 20, 2023
2 parents 1ef1515 + 917b0f0 commit 07ace06
Showing 1 changed file with 10 additions and 9 deletions.
19 changes: 10 additions & 9 deletions src/impl/certificate.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ Certificate Certificate::Generate(CertificateType type, const string &commonName
PLOG_VERBOSE << "Generating ECDSA P-256 key pair";
#if OPENSSL_VERSION_NUMBER >= 0x30000000
pkey = shared_ptr<EVP_PKEY>(EVP_EC_gen("P-256"), EVP_PKEY_free);
if (!pkey)
throw std::runtime_error("Unable to generate ECDSA P-256 key pair");
#else
pkey = shared_ptr<EVP_PKEY>(EVP_PKEY_new(), EVP_PKEY_free);
unique_ptr<EC_KEY, decltype(&EC_KEY_free)> ecc(
Expand All @@ -404,20 +406,20 @@ Certificate Certificate::Generate(CertificateType type, const string &commonName
throw std::runtime_error("Unable to allocate structure for ECDSA P-256 key pair");

EC_KEY_set_asn1_flag(ecc.get(), OPENSSL_EC_NAMED_CURVE); // Set ASN1 OID
if (!EC_KEY_generate_key(ecc.get()) ||
!EVP_PKEY_assign_EC_KEY(pkey.get(),
ecc.release())) // the key will be freed when pkey is freed
#endif
if (!pkey)
if (!EC_KEY_generate_key(ecc.get()) || !EVP_PKEY_assign_EC_KEY(pkey.get(), ecc.get()))
throw std::runtime_error("Unable to generate ECDSA P-256 key pair");

ecc.release(); // the key will be freed when pkey is freed
#endif
break;
}
case CertificateType::Rsa: {
PLOG_VERBOSE << "Generating RSA key pair";
const unsigned int bits = 2048;
#if OPENSSL_VERSION_NUMBER >= 0x30000000
pkey = shared_ptr<EVP_PKEY>(EVP_RSA_gen(bits), EVP_PKEY_free);
if (!pkey)
throw std::runtime_error("Unable to generate RSA key pair");
#else
pkey = shared_ptr<EVP_PKEY>(EVP_PKEY_new(), EVP_PKEY_free);
unique_ptr<RSA, decltype(&RSA_free)> rsa(RSA_new(), RSA_free);
Expand All @@ -428,12 +430,11 @@ Certificate Certificate::Generate(CertificateType type, const string &commonName
const unsigned int e = 65537; // 2^16 + 1
if (!BN_set_word(exponent.get(), e) ||
!RSA_generate_key_ex(rsa.get(), bits, exponent.get(), NULL) ||
!EVP_PKEY_assign_RSA(pkey.get(),
rsa.release())) // the key will be freed when pkey is freed
#endif
if (!pkey)
!EVP_PKEY_assign_RSA(pkey.get(), rsa.get()))
throw std::runtime_error("Unable to generate RSA key pair");

rsa.release(); // the key will be freed when pkey is freed
#endif
break;
}
default:
Expand Down

0 comments on commit 07ace06

Please sign in to comment.