[PATCH] lib: rsa: use actual OpenSSL 1.1.0 EVP MD API
Heinrich Schuchardt
xypron.glpk at gmx.de
Wed Mar 2 08:57:04 CET 2022
On 3/2/22 02:10, Simon Glass wrote:
> Hi,
>
> On Tue, 1 Mar 2022 at 08:12, Yann Droneaud <ydroneaud at opteya.com> wrote:
>>
>> Since OpenSSL 1.1.0, EVP_MD_CTX_create() is EVP_MD_CTX_new()
>> EVP_MD_CTX_destroy() is EVP_MD_CTX_free()
>> EVP_MD_CTX_init() is EVP_MD_CTX_reset()
>>
>> As there's no need to reset a newly created EVP_MD_CTX, moreover
>> EVP_DigestSignInit() does the reset, thus call to EVP_MD_CTX_init()
>> can be dropped.
>> As there's no need to reset an EVP_MD_CTX before it's destroyed,
>> as it will be reset by EVP_MD_CTX_free(), call to EVP_MD_CTX_reset()
>> is not needed and can be dropped.
>
> Do we still need to support the old version?
https://endoflife.software/applications/security-libraries/openssl says
support for 1.1.0 expired 2018. So there is no need to support older
APIs. But as many LTS distros are not on OpenSSL 3 yet, we have to stay
with the 1.1.1 API.
Best regards
Heinrich
>
>>
>> Signed-off-by: Yann Droneaud <ydroneaud at opteya.com>
>> ---
>>
>> lib/rsa/rsa-sign.c | 8 +++-----
>> 1 file changed, 3 insertions(+), 5 deletions(-)
>>
>
> Regards,
> Simon
More information about the U-Boot
mailing list