fix(cert-create): add guardrails around brainpool usage OpenSSL has brainpool support only since version 1.1.0, make sure we put a proper guardrail around it. Change-Id: Ia2ee686904ed80699f77b1da953546ab7538ec37 Signed-off-by: Donald Chan <donachan@tesla.com>

commit: 50d5397fc01d41900658f26659e4a2f467d6a5f0 [log] [tgz]
author: Donald Chan <donachan@tesla.com> Wed Apr 10 14:56:53 2024 -0700
committer: Donald Chan <donachan@tesla.com> Tue Apr 16 17:26:26 2024 +0200
tree: 1da1a8d92087c2dbc4c4388aabd55c17f184b93f
parent: 890b1ea1b7fbad863575f831480aef88dad84783 [diff] [blame]
diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c
index 04214aa..f6ceeda 100644
--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c

@@ -168,6 +168,7 @@
 	}
 }
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 static int key_create_ecdsa_brainpool_r(key_t *key, int key_bits)
 {
 	return key_create_ecdsa(key, key_bits, NID_brainpoolP256r1);
@@ -177,6 +178,7 @@
 {
 	return key_create_ecdsa(key, key_bits, NID_brainpoolP256t1);
 }
+#endif
 #endif /* USING_OPENSSL3 */
 #endif /* OPENSSL_NO_EC */
 
@@ -185,8 +187,10 @@
 	[KEY_ALG_RSA] = key_create_rsa,
 #ifndef OPENSSL_NO_EC
 	[KEY_ALG_ECDSA_NIST] = key_create_ecdsa_nist,
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	[KEY_ALG_ECDSA_BRAINPOOL_R] = key_create_ecdsa_brainpool_r,
 	[KEY_ALG_ECDSA_BRAINPOOL_T] = key_create_ecdsa_brainpool_t,
+#endif
 #endif /* OPENSSL_NO_EC */
 };
commit	50d5397fc01d41900658f26659e4a2f467d6a5f0	[log] [tgz]
author	Donald Chan <donachan@tesla.com>	Wed Apr 10 14:56:53 2024 -0700
committer	Donald Chan <donachan@tesla.com>	Tue Apr 16 17:26:26 2024 +0200
tree	1da1a8d92087c2dbc4c4388aabd55c17f184b93f
parent	890b1ea1b7fbad863575f831480aef88dad84783 [diff] [blame]