[U-Boot] [PATCH] rsa: Support LibreSSL in rsa-sign.c

Ivan J. parazyd at dyne.org
Wed Jun 27 10:34:17 UTC 2018


On Wed, Jun 27, 2018 at 11:53:59AM +1000, Jonathan Gray wrote:
> On Tue, Jun 26, 2018 at 07:49:47AM +0200, parazyd wrote:
> > This commit will allow rsa-sign.c to be compiled when LibreSSL is used
> > instead of OpenSSL.
> 
> It isn't clear what version of LibreSSL you are using but this is
> wrong.  The latest LibreSSL has RSA_get0_key(), OPENSSL_init_ssl() and
> EVP_MD_CTX_reset().
> 

Indeed, I wrote this in mind for pre-2.7.0. I've now sent an updated
patch to the ML.

> > 
> > Signed-off-by: parazyd <parazyd at dyne.org>
> > ---
> >  lib/rsa/rsa-sign.c | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> > 
> > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > index cfe09cc94c..e835dc944b 100644
> > --- a/lib/rsa/rsa-sign.c
> > +++ b/lib/rsa/rsa-sign.c
> > @@ -20,7 +20,7 @@
> >  #define HAVE_ERR_REMOVE_THREAD_STATE
> >  #endif
> >  
> > -#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
> >  static void RSA_get0_key(const RSA *r,
> >                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
> >  {
> > @@ -299,7 +299,7 @@ static int rsa_init(void)
> >  {
> >  	int ret;
> >  
> > -#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
> >  	ret = SSL_library_init();
> >  #else
> >  	ret = OPENSSL_init_ssl(0, NULL);
> > @@ -432,7 +432,7 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
> >  		ret = rsa_err("Could not obtain signature");
> >  		goto err_sign;
> >  	}
> > -	#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > +	#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
> >  		EVP_MD_CTX_cleanup(context);
> >  	#else
> >  		EVP_MD_CTX_reset(context);
> > -- 
> > 2.18.0
> > 
> > _______________________________________________
> > U-Boot mailing list
> > U-Boot at lists.denx.de
> > https://lists.denx.de/listinfo/u-boot

-- 
~ parazyd
GnuPG: 03337671FDE75BB6A85EC91FB876CB44FA1B0274
GnuPG: https://parazyd.org/fa1b0274.asc


More information about the U-Boot mailing list