From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Fri, 11 Oct 2024 01:31:40 +0200
Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104])
	by lore.white.stw.pengutronix.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1sz2dA-002oi9-15
	for lore@lore.pengutronix.de;
	Fri, 11 Oct 2024 01:31:40 +0200
Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de)
	by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1sz2d9-00031d-PO; Fri, 11 Oct 2024 01:31:39 +0200
Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2])
 by metis.whiteo.stw.pengutronix.de with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <m.grzeschik@pengutronix.de>) id 1sz2cn-00031V-Ca
 for ptxdist@pengutronix.de; Fri, 11 Oct 2024 01:31:17 +0200
Received: from [2a0a:edc0:0:1101:1d::ac] (helo=dude04.red.stw.pengutronix.de)
 by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2)
 (envelope-from <m.grzeschik@pengutronix.de>) id 1sz2cn-000x5p-0G
 for ptxdist@pengutronix.de; Fri, 11 Oct 2024 01:31:17 +0200
Received: from localhost ([::1] helo=dude04.red.stw.pengutronix.de)
 by dude04.red.stw.pengutronix.de with esmtp (Exim 4.96)
 (envelope-from <m.grzeschik@pengutronix.de>) id 1sz2cm-000Phy-2w
 for ptxdist@pengutronix.de; Fri, 11 Oct 2024 01:31:16 +0200
From: Michael Grzeschik <m.grzeschik@pengutronix.de>
To: ptxdist@pengutronix.de
Date: Fri, 11 Oct 2024 01:31:15 +0200
Message-Id: <20241010233115.98774-1-m.grzeschik@pengutronix.de>
X-Mailer: git-send-email 2.39.5
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [ptxdist] [PATCH] scripts: lib: ptxd_lib_code_signing: use pkey
 instead of rsa
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <https://metis.pengutronix.de/mailman/options/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <https://metis.pengutronix.de/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <https://metis.pengutronix.de/mailman/listinfo/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false

This way openssl will automatically detect the used algorithm
of the pem and the helper is not limited to rsa.

Signed-off-by: Michael Grzeschik <m.grzeschik@pengutronix.de>
---
 scripts/lib/ptxd_lib_code_signing.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh
index bafdc1654..a98596b28 100644
--- a/scripts/lib/ptxd_lib_code_signing.sh
+++ b/scripts/lib/ptxd_lib_code_signing.sh
@@ -233,7 +233,7 @@ cs_import_pubkey_from_pem() {
 	openssl_keyopt=( -passin "file:${OPENSSL_KEYPASS}" )
     fi
 
-    openssl rsa \
+    openssl pkey \
 	"${openssl_keyopt[@]}" \
 	-in "${pem}" -inform pem -pubout -outform der |
     softhsm_pkcs11_tool --type pubkey --write-object /dev/stdin --label "${role}"
@@ -257,7 +257,7 @@ cs_import_privkey_from_pem() {
 	openssl_keyopt=( -passin "file:${OPENSSL_KEYPASS}" )
     fi
 
-    openssl rsa \
+    openssl pkey \
 	"${openssl_keyopt[@]}" \
 	-in "${pem}" -inform pem -outform der |
     softhsm_pkcs11_tool --type privkey --write-object /dev/stdin --label "${role}"
-- 
2.39.5