Merge branch '2023-06-20-assorted-update' into next

- Assorted updates and improvements
author: Tom Rini <trini@konsulko.com> 2023-06-21 14:39:38 -0400
committer: Tom Rini <trini@konsulko.com> 2023-06-21 14:39:38 -0400
commit: 43dc016497ff9fd39139833852b0214f625fa4ca (patch)
tree: 27d68ac47a07e9a8cb54cf93065385d630f2d659 /lib/ecdsa/ecdsa-libcrypto.c
parent: 5f024d10bbae9e52396191b8dadf0e8ddb059c85 (diff)
parent: 230038f8ef0e2e7db8e40957a3b35109d8f7459f (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index d5939af2c56..5fa9be10b4b 100644
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -111,16 +111,30 @@ static size_t ecdsa_key_size_bytes(const EC_KEY *key)
 	return EC_GROUP_order_bits(group) / 8;
 }
 
+static int default_password(char *buf, int size, int rwflag, void *u)
+{
+	strncpy(buf, (char *)u, size);
+	buf[size - 1] = '\0';
+	return strlen(buf);
+}
+
 static int read_key(struct signer *ctx, const char *key_name)
 {
 	FILE *f = fopen(key_name, "r");
+	const char *key_pass;
 
 	if (!f) {
 		fprintf(stderr, "Can not get key file '%s'\n", key_name);
 		return -ENOENT;
 	}
 
-	ctx->evp_key = PEM_read_PrivateKey(f, NULL, NULL, NULL);
+	key_pass = getenv("MKIMAGE_SIGN_PASSWORD");
+	if (key_pass) {
+		ctx->evp_key = PEM_read_PrivateKey(f, NULL, default_password, (void *)key_pass);
+
+	} else {
+		ctx->evp_key = PEM_read_PrivateKey(f, NULL, NULL, NULL);
+	}
 	fclose(f);
 	if (!ctx->evp_key) {
 		fprintf(stderr, "Can not read key from '%s'\n", key_name);
author	Tom Rini <trini@konsulko.com>	2023-06-21 14:39:38 -0400
committer	Tom Rini <trini@konsulko.com>	2023-06-21 14:39:38 -0400
commit	43dc016497ff9fd39139833852b0214f625fa4ca (patch)
tree	27d68ac47a07e9a8cb54cf93065385d630f2d659 /lib/ecdsa/ecdsa-libcrypto.c
parent	5f024d10bbae9e52396191b8dadf0e8ddb059c85 (diff)
parent	230038f8ef0e2e7db8e40957a3b35109d8f7459f (diff)