TBB: rework cert_create tool to follow a data driven approach
This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates,
keys and extensions defined in the CoT, register them using the
appropiate macros and the tool will take care of creating the
certificates corresponding to the CoT specified.
Change-Id: I29950b39343c3e1b71718fce0e77dcf2a9a0be2f
diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c
index 22fe3d5..e58b10e 100644
--- a/tools/cert_create/src/cert.c
+++ b/tools/cert_create/src/cert.c
@@ -98,9 +98,10 @@
int cert_new(cert_t *cert, int days, int ca, STACK_OF(X509_EXTENSION) * sk)
{
- EVP_PKEY *pkey = cert->key->key;
- EVP_PKEY *ikey = cert->issuer->key->key;
- X509 *issuer = cert->issuer->x;
+ EVP_PKEY *pkey = keys[cert->key].key;
+ cert_t *issuer_cert = &certs[cert->issuer];
+ EVP_PKEY *ikey = keys[issuer_cert->key].key;
+ X509 *issuer = issuer_cert->x;
X509 *x = NULL;
X509_EXTENSION *ex = NULL;
X509_NAME *name = NULL;
@@ -147,7 +148,7 @@
/* Issuer name */
name = X509_get_issuer_name(x);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
- (const unsigned char *)cert->issuer->cn, -1, -1, 0);
+ (const unsigned char *)issuer_cert->cn, -1, -1, 0);
X509_set_issuer_name(x, name);
/* Add various extensions: standard extensions */