The secure boot features cannot be built without 'LIBCRYPTO' enabled. This kind of reverts some of <b4f3cc2c42d97967a3a3c8796c340f6b07ecccac> changes.
Signed-off-by: Paul-Erwan Rio paulerwan.rio@gmail.com ---
tools/kwbimage.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 6abb9f2d5c..0db99dbb02 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -19,6 +19,7 @@ #include <stdint.h> #include "kwbimage.h"
+#if CONFIG_IS_ENABLED(LIBCRYPTO) #include <openssl/bn.h> #include <openssl/rsa.h> #include <openssl/pem.h> @@ -44,6 +45,7 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) EVP_MD_CTX_reset(ctx); } #endif +#endif
/* fls - find last (most-significant) bit set in 4-bit integer */ static inline int fls4(int num) @@ -62,7 +64,9 @@ static inline int fls4(int num)
static struct image_cfg_element *image_cfg; static int cfgn; +#if CONFIG_IS_ENABLED(LIBCRYPTO) static int verbose_mode; +#endif
struct boot_mode { unsigned int id; @@ -278,6 +282,7 @@ image_count_options(unsigned int optiontype) return count; }
+#if CONFIG_IS_ENABLED(LIBCRYPTO) static int image_get_csk_index(void) { struct image_cfg_element *e; @@ -299,6 +304,7 @@ static bool image_get_spezialized_img(void)
return e->sec_specialized_img; } +#endif
static int image_get_bootfrom(void) { @@ -432,6 +438,7 @@ static uint8_t baudrate_to_option(unsigned int baudrate) } }
+#if CONFIG_IS_ENABLED(LIBCRYPTO) static void kwb_msg(const char *fmt, ...) { if (verbose_mode) { @@ -926,6 +933,7 @@ static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr) done: return ret; } +#endif
static size_t image_headersz_align(size_t headersz, uint8_t blockid) { @@ -1079,11 +1087,13 @@ static size_t image_headersz_v1(int *hasext) */ headersz = sizeof(struct main_hdr_v1);
+#if CONFIG_IS_ENABLED(LIBCRYPTO) if (image_get_csk_index() >= 0) { headersz += sizeof(struct secure_hdr_v1); if (hasext) *hasext = 1; } +#endif
cpu_sheeva = image_is_cpu_sheeva();
@@ -1270,6 +1280,7 @@ err_close: return -1; }
+#if CONFIG_IS_ENABLED(LIBCRYPTO) static int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr) { FILE *hashf; @@ -1382,6 +1393,7 @@ static int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
return 0; } +#endif
static void finish_register_set_header_v1(uint8_t **cur, uint8_t **next_ext, struct register_set_hdr_v1 *register_set_hdr, @@ -1406,7 +1418,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, struct main_hdr_v1 *main_hdr; struct opt_hdr_v1 *ohdr; struct register_set_hdr_v1 *register_set_hdr; +#if CONFIG_IS_ENABLED(LIBCRYPTO) struct secure_hdr_v1 *secure_hdr = NULL; +#endif size_t headersz; uint8_t *image, *cur; int hasext = 0; @@ -1491,6 +1505,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, if (main_hdr->blockid == IBR_HDR_PEX_ID) main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
+#if CONFIG_IS_ENABLED(LIBCRYPTO) if (image_get_csk_index() >= 0) { /* * only reserve the space here; we fill the header later since @@ -1501,6 +1516,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, *next_ext = 1; next_ext = &secure_hdr->next; } +#endif
datai = 0; for (cfgi = 0; cfgi < cfgn; cfgi++) { @@ -1552,9 +1568,11 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, &datai, delay); }
+#if CONFIG_IS_ENABLED(LIBCRYPTO) if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz + headersz, headersz, image, secure_hdr)) return NULL; +#endif
*imagesz = headersz;