[U-Boot] [PATCH] rsa-sign: Fix build against libressl

Wed, 18 Apr 2018 13:38:37 -0700 

Libressl implements the OpenSSL 1.1 API partially and improved the
support with version 2.7. For some code we have to take use the OpenSSL
1.0 API and for some parts the OpenSSL 1.1 API can be used.
This was compile tested against libressl 2.6.4 and 2.7.2.

Signed-off-by: Hauke Mehrtens <ha...@hauke-m.de>
---
 lib/rsa/rsa-sign.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 1da4ef7fff..b2a4446d83 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -21,7 +21,8 @@
 #define HAVE_ERR_REMOVE_THREAD_STATE
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
 static void RSA_get0_key(const RSA *r,
                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
 {
@@ -300,7 +301,8 @@ static int rsa_init(void)
 {
        int ret;
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
        ret = SSL_library_init();
 #else
        ret = OPENSSL_init_ssl(0, NULL);
@@ -309,7 +311,7 @@ static int rsa_init(void)
                fprintf(stderr, "Failure to init SSL library\n");
                return -1;
        }
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
        SSL_load_error_strings();
 
        OpenSSL_add_all_algorithms();
@@ -355,7 +357,7 @@ err_set_rsa:
 err_engine_init:
        ENGINE_free(e);
 err_engine_by_id:
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L ||  defined(LIBRESSL_VERSION_NUMBER)
        ENGINE_cleanup();
 #endif
        return ret;
@@ -363,7 +365,7 @@ err_engine_by_id:
 
 static void rsa_remove(void)
 {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
        CRYPTO_cleanup_all_ex_data();
        ERR_free_strings();
 #ifdef HAVE_ERR_REMOVE_THREAD_STATE
@@ -433,7 +435,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo 
*checksum_algo,
                ret = rsa_err("Could not obtain signature");
                goto err_sign;
        }
-       #if OPENSSL_VERSION_NUMBER < 0x10100000L
+       #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+           defined(LIBRESSL_VERSION_NUMBER)
                EVP_MD_CTX_cleanup(context);
        #else
                EVP_MD_CTX_reset(context);
-- 
2.11.0

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot

Reply via email to