diff options
Diffstat (limited to 'package/boot/uboot-mvebu/patches/0011-rsa-Fix-build-with-OpenSSL-1.1.x.patch')
-rw-r--r-- | package/boot/uboot-mvebu/patches/0011-rsa-Fix-build-with-OpenSSL-1.1.x.patch | 153 |
1 files changed, 0 insertions, 153 deletions
diff --git a/package/boot/uboot-mvebu/patches/0011-rsa-Fix-build-with-OpenSSL-1.1.x.patch b/package/boot/uboot-mvebu/patches/0011-rsa-Fix-build-with-OpenSSL-1.1.x.patch deleted file mode 100644 index fbbfe462b7..0000000000 --- a/package/boot/uboot-mvebu/patches/0011-rsa-Fix-build-with-OpenSSL-1.1.x.patch +++ /dev/null @@ -1,153 +0,0 @@ -From 59be82ef7e7ec4be6e1597d8aef65dd3d8c3a0d9 Mon Sep 17 00:00:00 2001 -From: Jelle van der Waa <jelle@vdwaa.nl> -Date: Mon, 8 May 2017 21:31:19 +0200 -Subject: [PATCH 1/2] rsa: Fix build with OpenSSL 1.1.x - -The rsa_st struct has been made opaque in 1.1.x, add forward compatible -code to access the n, e, d members of rsa_struct. - -EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be -called to reinitialise an already created structure. ---- - lib/rsa/rsa-sign.c | 44 ++++++++++++++++++++++++++++++++++++++------ - 1 file changed, 38 insertions(+), 6 deletions(-) - ---- a/lib/rsa/rsa-sign.c -+++ b/lib/rsa/rsa-sign.c -@@ -9,6 +9,7 @@ - #include <string.h> - #include <image.h> - #include <time.h> -+#include <openssl/bn.h> - #include <openssl/rsa.h> - #include <openssl/pem.h> - #include <openssl/err.h> -@@ -20,6 +21,19 @@ - #define HAVE_ERR_REMOVE_THREAD_STATE - #endif - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+static void RSA_get0_key(const RSA *r, -+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ if (n != NULL) -+ *n = r->n; -+ if (e != NULL) -+ *e = r->e; -+ if (d != NULL) -+ *d = r->d; -+} -+#endif -+ - static int rsa_err(const char *msg) - { - unsigned long sslErr = ERR_get_error(); -@@ -286,16 +300,22 @@ static int rsa_init(void) - { - int ret; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - ret = SSL_library_init(); -+#else -+ ret = OPENSSL_init_ssl(0, NULL); -+#endif - if (!ret) { - fprintf(stderr, "Failure to init SSL library\n"); - return -1; - } -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - SSL_load_error_strings(); - - OpenSSL_add_all_algorithms(); - OpenSSL_add_all_digests(); - OpenSSL_add_all_ciphers(); -+#endif - - return 0; - } -@@ -335,12 +355,15 @@ err_set_rsa: - err_engine_init: - ENGINE_free(e); - err_engine_by_id: -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - ENGINE_cleanup(); -+#endif - return ret; - } - - static void rsa_remove(void) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); - #ifdef HAVE_ERR_REMOVE_THREAD_STATE -@@ -349,6 +372,7 @@ static void rsa_remove(void) - ERR_remove_state(0); - #endif - EVP_cleanup(); -+#endif - } - - static void rsa_engine_remove(ENGINE *e) -@@ -409,7 +433,11 @@ static int rsa_sign_with_key(RSA *rsa, s - ret = rsa_err("Could not obtain signature"); - goto err_sign; - } -- EVP_MD_CTX_cleanup(context); -+ #if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_MD_CTX_cleanup(context); -+ #else -+ EVP_MD_CTX_reset(context); -+ #endif - EVP_MD_CTX_destroy(context); - EVP_PKEY_free(key); - -@@ -479,6 +507,7 @@ static int rsa_get_exponent(RSA *key, ui - { - int ret; - BIGNUM *bn_te; -+ const BIGNUM *key_e; - uint64_t te; - - ret = -EINVAL; -@@ -487,17 +516,18 @@ static int rsa_get_exponent(RSA *key, ui - if (!e) - goto cleanup; - -- if (BN_num_bits(key->e) > 64) -+ RSA_get0_key(key, NULL, &key_e, NULL); -+ if (BN_num_bits(key_e) > 64) - goto cleanup; - -- *e = BN_get_word(key->e); -+ *e = BN_get_word(key_e); - -- if (BN_num_bits(key->e) < 33) { -+ if (BN_num_bits(key_e) < 33) { - ret = 0; - goto cleanup; - } - -- bn_te = BN_dup(key->e); -+ bn_te = BN_dup(key_e); - if (!bn_te) - goto cleanup; - -@@ -527,6 +557,7 @@ int rsa_get_params(RSA *key, uint64_t *e - { - BIGNUM *big1, *big2, *big32, *big2_32; - BIGNUM *n, *r, *r_squared, *tmp; -+ const BIGNUM *key_n; - BN_CTX *bn_ctx = BN_CTX_new(); - int ret = 0; - -@@ -548,7 +579,8 @@ int rsa_get_params(RSA *key, uint64_t *e - if (0 != rsa_get_exponent(key, exponent)) - ret = -1; - -- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || -+ RSA_get0_key(key, &key_n, NULL, NULL); -+ if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || - !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) - ret = -1; - |