[PATCH v6 2/8] lib: rsa: take spl/non-spl into account when building rsa_verify_with_pkey()

Heiko Stuebner heiko at sntech.de
Thu Jun 18 16:23:22 CEST 2020


From: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>

Right now in multiple places there are only checks for the full
CONFIG_RSA_VERIFY_WITH_PKEY option, not split into main,spl,tpl variants.

This breaks when the rsa functions get enabled for SPL, for example to
verify u-boot proper from spl.

So fix this by using the existing helpers to distinguis between
build-steps.

Signed-off-by: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>
---
changes in v5:
- include the additional config-check that landed in patch 1/8
  in v4
changes in v3.1:
- drop changeid
changes in v3:
- new patch with another build issue

 lib/rsa/Makefile     | 2 +-
 lib/rsa/rsa-verify.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile
index c61ebfd79e..8b75d41f04 100644
--- a/lib/rsa/Makefile
+++ b/lib/rsa/Makefile
@@ -6,5 +6,5 @@
 # Wolfgang Denk, DENX Software Engineering, wd at denx.de.
 
 obj-$(CONFIG_$(SPL_TPL_)RSA_VERIFY) += rsa-verify.o rsa-checksum.o
-obj-$(CONFIG_RSA_VERIFY_WITH_PKEY) += rsa-keyprop.o
+obj-$(CONFIG_$(SPL_TPL_)RSA_VERIFY_WITH_PKEY) += rsa-keyprop.o
 obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 1d55b997e3..048f1ab789 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -285,7 +285,7 @@ out:
 }
 #endif
 
-#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY)
+#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)
 /**
  * rsa_verify_key() - Verify a signature against some data using RSA Key
  *
@@ -359,7 +359,7 @@ static int rsa_verify_key(struct image_sign_info *info,
 }
 #endif
 
-#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
+#if CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)
 /**
  * rsa_verify_with_pkey() - Verify a signature against some data using
  * only modulus and exponent as RSA key properties.
@@ -492,7 +492,7 @@ int rsa_verify(struct image_sign_info *info,
 		return -EINVAL;
 	}
 
-	if (IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) {
+	if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) {
 		/* don't rely on fdt properties */
 		ret = rsa_verify_with_pkey(info, hash, sig, sig_len);
 
-- 
2.26.2



More information about the U-Boot mailing list