diff options
author | Jo-Philipp Wich <jo@mein.io> | 2016-11-30 18:09:05 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2016-11-30 18:20:32 +0100 |
commit | 70b104f98c0657323b28fce140b73a94bf3eb756 (patch) | |
tree | 338c649e777090758b63c15d23dd37941b06f59e | |
parent | f2010b0929f09a83f54c260ba7006325118ad95a (diff) | |
download | upstream-70b104f98c0657323b28fce140b73a94bf3eb756.tar.gz upstream-70b104f98c0657323b28fce140b73a94bf3eb756.tar.bz2 upstream-70b104f98c0657323b28fce140b73a94bf3eb756.zip |
tools: mkimage: fix build with OpenSSL 1.1.x (FS#182)
The OpenSSL 1.1.x version series undergone some major API changes which made
the RSA structure opaque and deprecated a number of methods, so add some
conditional compat code to make the u-boot source build again.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-rw-r--r-- | tools/mkimage/patches/210-openssl-1.1.x-compat.patch | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch new file mode 100644 index 0000000000..fa7c99f39b --- /dev/null +++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch @@ -0,0 +1,97 @@ +--- a/lib/rsa/rsa-sign.c ++++ b/lib/rsa/rsa-sign.c +@@ -15,10 +15,25 @@ + #include <openssl/ssl.h> + #include <openssl/evp.h> + +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER < 0x10000000L ++#define HAVE_ERR_REMOVE_STATE ++#elif OPENSSL_VERSION_NUMBER < 0x10100000L + #define HAVE_ERR_REMOVE_THREAD_STATE + #endif + ++#if OPENSSL_VERSION_NUMBER < 0x10100005L ++static void RSA_get0_key(const RSA *r, ++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++ if (n != NULL) ++ *n = r->n; ++ if (e != NULL) ++ *e = r->e; ++ if (d != NULL) ++ *d = r->d; ++} ++#endif ++ + static int rsa_err(const char *msg) + { + unsigned long sslErr = ERR_get_error(); +@@ -154,7 +169,8 @@ static void rsa_remove(void) + ERR_free_strings(); + #ifdef HAVE_ERR_REMOVE_THREAD_STATE + ERR_remove_thread_state(NULL); +-#else ++#endif ++#ifdef HAVE_ERR_REMOVE_STATE + ERR_remove_state(0); + #endif + EVP_cleanup(); +@@ -210,7 +226,6 @@ static int rsa_sign_with_key(RSA *rsa, s + ret = rsa_err("Could not obtain signature"); + goto err_sign; + } +- EVP_MD_CTX_cleanup(context); + EVP_MD_CTX_destroy(context); + EVP_PKEY_free(key); + +@@ -270,23 +285,26 @@ static int rsa_get_exponent(RSA *key, ui + BIGNUM *bn_te; + uint64_t te; + ++ const BIGNUM *bn_e; ++ RSA_get0_key(key, NULL, &bn_e, NULL); ++ + ret = -EINVAL; + bn_te = NULL; + + if (!e) + goto cleanup; + +- if (BN_num_bits(key->e) > 64) ++ if (BN_num_bits(bn_e) > 64) + goto cleanup; + +- *e = BN_get_word(key->e); ++ *e = BN_get_word(bn_e); + +- if (BN_num_bits(key->e) < 33) { ++ if (BN_num_bits(bn_e) < 33) { + ret = 0; + goto cleanup; + } + +- bn_te = BN_dup(key->e); ++ bn_te = BN_dup(bn_e); + if (!bn_te) + goto cleanup; + +@@ -319,6 +337,9 @@ int rsa_get_params(RSA *key, uint64_t *e + BN_CTX *bn_ctx = BN_CTX_new(); + int ret = 0; + ++ const BIGNUM *bn_n; ++ RSA_get0_key(key, &bn_n, NULL, NULL); ++ + /* Initialize BIGNUMs */ + big1 = BN_new(); + big2 = BN_new(); +@@ -337,7 +358,7 @@ int rsa_get_params(RSA *key, uint64_t *e + if (0 != rsa_get_exponent(key, exponent)) + ret = -1; + +- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || ++ if (!BN_copy(n, bn_n) || !BN_set_word(big1, 1L) || + !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) + ret = -1; + |