diff mbox series

[1/2] selftests/x86: sgxsign: Do not query RSA password

Message ID 20190829220924.12692-1-jarkko.sakkinen@linux.intel.com (mailing list archive)
State New, archived
Headers show
Series [1/2] selftests/x86: sgxsign: Do not query RSA password | expand

Commit Message

Jarkko Sakkinen Aug. 29, 2019, 10:09 p.m. UTC
Pass NULL as the value for @cb in PEM_read_RSAPrivateKey() and remove
pem_password_cb().  According to the man page [1], when both @cb and @u
are NULL, a default callback provided by OpenSSL will be used to query
the password. Since our key is not sealed, this is dead functionality.

Cc: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 tools/testing/selftests/x86/sgx/sgxsign.c | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)
diff mbox series

Patch

diff --git a/tools/testing/selftests/x86/sgx/sgxsign.c b/tools/testing/selftests/x86/sgx/sgxsign.c
index 0b89823fc703..3d9007af40c9 100644
--- a/tools/testing/selftests/x86/sgx/sgxsign.c
+++ b/tools/testing/selftests/x86/sgx/sgxsign.c
@@ -20,8 +20,6 @@  struct sgx_sigstruct_payload {
 	struct sgx_sigstruct_body body;
 };
 
-static const char *sign_key_pass;
-
 static bool check_crypto_errors(void)
 {
 	int err;
@@ -50,18 +48,6 @@  static void exit_usage(const char *program)
 	exit(1);
 }
 
-static int pem_passwd_cb(char *buf, int size, int rwflag, void *u)
-{
-	if (!sign_key_pass)
-		return -1;
-
-	strncpy(buf, sign_key_pass, size);
-	/* no retry */
-	sign_key_pass = NULL;
-
-	return strlen(buf) >= size ? size - 1 : strlen(buf);
-}
-
 static inline const BIGNUM *get_modulus(RSA *key)
 {
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -85,7 +71,7 @@  static RSA *load_sign_key(const char *path)
 		return NULL;
 	}
 	key = RSA_new();
-	if (!PEM_read_RSAPrivateKey(f, &key, pem_passwd_cb, NULL))
+	if (!PEM_read_RSAPrivateKey(f, &key, NULL, NULL))
 		return NULL;
 	fclose(f);
 
@@ -455,7 +441,6 @@  int main(int argc, char **argv)
 #endif
 	ss.body.xfrm = 3,
 
-	sign_key_pass = getenv("KBUILD_SGX_SIGN_PIN");
 	program = argv[0];
 
 	do {