[U-Boot] [PATCH v2] rsa: Support LibreSSL in rsa-sign.c

Jonathan Gray jsg at jsg.id.au
Wed Jun 27 12:50:19 UTC 2018 

On Wed, Jun 27, 2018 at 12:33:05PM +0200, parazyd wrote:
> At present rsa-sign.c can not be compiled with LibreSSL older than
> 2.7.0. This commit adjusts the guards in the rsa-sign.c to check for
> LiBRESSL_VERSION_NUMBER where necessary.

These tests are wrong, an undefined cpp macro will be 0 so with
OpenSSL >= 1.1 the 'LIBRESSL_VERSION_NUMBER < 0x2070000fL' test
will pass as LIBRESSL_VERSION_NUMBER is not defined.

match the use in tools/kwbimage.c and tools/mxsimage.c

#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)

> 
> Signed-off-by: parazyd <parazyd at dyne.org>
> ---
>  lib/rsa/rsa-sign.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> index cfe09cc94c..ff866c6045 100644
> --- a/lib/rsa/rsa-sign.c
> +++ b/lib/rsa/rsa-sign.c
> @@ -20,7 +20,7 @@
>  #define HAVE_ERR_REMOVE_THREAD_STATE
>  #endif
>  
> -#if OPENSSL_VERSION_NUMBER < 0x10100000L
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER < 0x2070000fL
>  static void RSA_get0_key(const RSA *r,
>                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
>  {
> @@ -299,7 +299,7 @@ static int rsa_init(void)
>  {
>  	int ret;
>  
> -#if OPENSSL_VERSION_NUMBER < 0x10100000L
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER < 0x2070000fL
>  	ret = SSL_library_init();
>  #else
>  	ret = OPENSSL_init_ssl(0, NULL);
> @@ -432,7 +432,7 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
>  		ret = rsa_err("Could not obtain signature");
>  		goto err_sign;
>  	}
> -	#if OPENSSL_VERSION_NUMBER < 0x10100000L
> +	#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER < 0x2070000fL
>  		EVP_MD_CTX_cleanup(context);
>  	#else
>  		EVP_MD_CTX_reset(context);
> -- 
> 2.18.0
> 
> _______________________________________________
> U-Boot mailing list
> U-Boot at lists.denx.de
> https://lists.denx.de/listinfo/u-boot

More information about the U-Boot mailing list