From 67e4a1dd99a39b09c2c1424b34d280901ca0483f Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Fri, 16 Sep 2022 10:34:35 +0200
Subject: [PATCH] System / Trust / Revocation - only use withPadding() for RSA
 based public keys. regression in
 https://github.com/opnsense/core/commit/9606957ef84370f6a537b35de4fab9906d7f5620

---
 src/etc/inc/certs.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc
index 0113fb9f0..960ca2766 100644
--- a/src/etc/inc/certs.inc
+++ b/src/etc/inc/certs.inc
@@ -663,7 +663,9 @@ function crl_update(&$crl)
     /* get the private key to sign the new (updated) CRL */
     try {
         $ca_key = PublicKeyLoader::loadPrivateKey($ca_str_key);
-        $ca_key = $ca_key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1);
+        if (method_exists($ca_key, 'withPadding')) {
+            $ca_key = $ca_key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1);
+        }
         $ca_cert->setPrivateKey($ca_key);
     } catch (NoKeyLoadedException $e) {
         syslog(LOG_ERR, 'Cert revocation error: Unable to load CA private key');