[PATCH v4 2/6] lib/rsa: Make fdt_add_bignum() available outside of RSA code
Patrick DELAUNAY
patrick.delaunay at foss.st.com
Wed Jan 27 20:10:35 CET 2021
Hi,
On 1/8/21 8:17 PM, Alexandru Gagniuc wrote:
> fdt_add_bignum() is useful for algorithms other than just RSA. To
> allow its use for ECDSA, move it to a common file under lib/.
>
> The new file is suffixed with '-libcrypto' because it has a direct
> dependency on openssl. This is due to the use of the "BIGNUM *" type.
>
> Signed-off-by: Alexandru Gagniuc <mr.nuke.me at gmail.com>
> ---
> include/u-boot/fdt-libcrypto.h | 27 +++++++++++++
> lib/fdt-libcrypto.c | 72 ++++++++++++++++++++++++++++++++++
> lib/rsa/rsa-sign.c | 65 +-----------------------------
> tools/Makefile | 1 +
> 4 files changed, 101 insertions(+), 64 deletions(-)
> create mode 100644 include/u-boot/fdt-libcrypto.h
> create mode 100644 lib/fdt-libcrypto.c
(...)
> diff --git a/tools/Makefile b/tools/Makefile
> index b1595ad814..af7698fd01 100644
> --- a/tools/Makefile
> +++ b/tools/Makefile
> @@ -106,6 +106,7 @@ dumpimage-mkimage-objs := aisimage.o \
> socfpgaimage.o \
> lib/crc16.o \
> lib/hash-checksum.o \
> + lib/fdt-libcrypto.o \
> lib/sha1.o \
> lib/sha256.o \
> lib/sha512.o \
This part cause compilation issue when CONFIG_FIT_SIGNATURE is not
defined / when openssl is not used
fdt-libcrypto.c:(.text+0x2f): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x37): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x44): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x51): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x7d): undefined reference to `BN_CTX_new'
fdt-libcrypto.c:(.text+0x9d): undefined reference to `BN_set_word'
fdt-libcrypto.c:(.text+0xaf): undefined reference to `BN_set_word'
fdt-libcrypto.c:(.text+0xc5): undefined reference to `BN_exp'
fdt-libcrypto.c:(.text+0x135): undefined reference to `BN_div'
fdt-libcrypto.c:(.text+0x13d): undefined reference to `BN_get_word'
fdt-libcrypto.c:(.text+0x172): undefined reference to `BN_rshift'
fdt-libcrypto.c:(.text+0x1a9): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1b3): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1bd): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1c5): undefined reference to `BN_free'
libssl not always include in mkimage, see the lines:
# MXSImage needs LibSSL
ifneq
($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE)$(CONFIG_FIT_CIPHER),)
HOSTCFLAGS_kwbimage.o += \
$(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
HOSTLDLIBS_mkimage += \
$(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo
"-lssl -lcrypto")
=> I propose to add the added lib only when CONFIG_FIT_SIGNATURE is
activated by removing dumpimage-mkimage-objs udpate and with:
- FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o
common/image-fit-sig.o
+ FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o
common/image-fit-sig.o lib/fdt-libcrypto.o
Regards
Patrick
More information about the U-Boot
mailing list