[U-Boot] [PATCH] rsa: Support LibreSSL in rsa-sign.c
This commit will allow rsa-sign.c to be compiled when LibreSSL is used instead of OpenSSL.
Signed-off-by: parazyd parazyd@dyne.org --- lib/rsa/rsa-sign.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..e835dc944b 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,7 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +299,7 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -432,7 +432,7 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; } - #if OPENSSL_VERSION_NUMBER < 0x10100000L + #if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
+Tom
On 25 June 2018 at 23:49, parazyd parazyd@dyne.org wrote:
This commit will allow rsa-sign.c to be compiled when LibreSSL is used instead of OpenSSL.
I think it is better to describe the problem/motivation and the change that is being made:
E.g. At present rsa-sign.c cannot be built with LibreSSL. Adjust the version-number check to fix this.
Signed-off-by: parazyd parazyd@dyne.org
lib/rsa/rsa-sign.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
Reviewed-by: Simon Glass sjg@chromium.org
On Tue, Jun 26, 2018 at 07:49:47AM +0200, parazyd wrote:
This commit will allow rsa-sign.c to be compiled when LibreSSL is used instead of OpenSSL.
It isn't clear what version of LibreSSL you are using but this is wrong. The latest LibreSSL has RSA_get0_key(), OPENSSL_init_ssl() and EVP_MD_CTX_reset().
Signed-off-by: parazyd parazyd@dyne.org
lib/rsa/rsa-sign.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..e835dc944b 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,7 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +299,7 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -432,7 +432,7 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
-- 2.18.0
U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
On Wed, Jun 27, 2018 at 11:53:59AM +1000, Jonathan Gray wrote:
On Tue, Jun 26, 2018 at 07:49:47AM +0200, parazyd wrote:
This commit will allow rsa-sign.c to be compiled when LibreSSL is used instead of OpenSSL.
It isn't clear what version of LibreSSL you are using but this is wrong. The latest LibreSSL has RSA_get0_key(), OPENSSL_init_ssl() and EVP_MD_CTX_reset().
Indeed, I wrote this in mind for pre-2.7.0. I've now sent an updated patch to the ML.
Signed-off-by: parazyd parazyd@dyne.org
lib/rsa/rsa-sign.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..e835dc944b 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,7 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +299,7 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -432,7 +432,7 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
-- 2.18.0
U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
participants (4)
-
Ivan J. -
Jonathan Gray -
parazyd
-
Simon Glass