From c9ddb71d35c68ba58f5318a5bcc504a2ee1026a9 Mon Sep 17 00:00:00 2001
From: Sascha Hauer <s.hauer@pengutronix.de>
Date: Tue, 13 Feb 2024 10:18:12 +0100
Subject: signing.bbclass: make it work with eliptic curve keys

"openssl rsa" works with RSA keys only. Use "openssl pkey" instead which
is a frontend that picks the right operation automatically and works
with RSA keys, eliptic curve keys and also DSA keys.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-oe/classes/signing.bbclass | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta-oe/classes/signing.bbclass b/meta-oe/classes/signing.bbclass
index 79944e3fe9..553d74e283 100644
--- a/meta-oe/classes/signing.bbclass
+++ b/meta-oe/classes/signing.bbclass
@@ -161,11 +161,11 @@ signing_import_pubkey_from_pem() {
     local pem="${2}"
 
     if [ -n "${IMPORT_PASS_FILE}" ]; then
-        openssl rsa \
+        openssl pkey \
             -passin "file:${IMPORT_PASS_FILE}" \
             -in "${pem}" -inform pem -pubout -outform der
     else
-        openssl rsa \
+        openssl pkey \
             -in "${pem}" -inform pem -pubout -outform der
     fi |
     signing_pkcs11_tool --type pubkey --write-object /proc/self/fd/0 --label "${role}"
@@ -189,11 +189,11 @@ signing_import_privkey_from_pem() {
     local pem="${2}"
 
     if [ -n "${IMPORT_PASS_FILE}" ]; then
-        openssl rsa \
+        openssl pkey \
             -passin "file:${IMPORT_PASS_FILE}" \
             -in "${pem}" -inform pem -outform der
     else
-        openssl rsa \
+        openssl pkey \
             -in "${pem}" -inform pem -outform der
     fi |
     signing_pkcs11_tool --type privkey --write-object /proc/self/fd/0 --label "${role}"
-- 
cgit v1.2.3-54-g00ecf