rsa: Make fdt_add_bignum() available outside of RSA code

Patrick DELAUNAY Wed, 27 Jan 2021 11:10:55 -0800

Hi,

On 1/8/21 8:17 PM, Alexandru Gagniuc wrote:

fdt_add_bignum() is useful for algorithms other than just RSA. To
allow its use for ECDSA, move it to a common file under lib/.


The new file is suffixed with '-libcrypto' because it has a direct
dependency on openssl. This is due to the use of the "BIGNUM *" type.

Signed-off-by: Alexandru Gagniuc <mr.nuke...@gmail.com>
---
  include/u-boot/fdt-libcrypto.h | 27 +++++++++++++
  lib/fdt-libcrypto.c            | 72 ++++++++++++++++++++++++++++++++++
  lib/rsa/rsa-sign.c             | 65 +-----------------------------
  tools/Makefile                 |  1 +
  4 files changed, 101 insertions(+), 64 deletions(-)
  create mode 100644 include/u-boot/fdt-libcrypto.h
  create mode 100644 lib/fdt-libcrypto.c

(...)

diff --git a/tools/Makefile b/tools/Makefile
index b1595ad814..af7698fd01 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -106,6 +106,7 @@ dumpimage-mkimage-objs := aisimage.o \
                        socfpgaimage.o \
                        lib/crc16.o \
                        lib/hash-checksum.o \
+                       lib/fdt-libcrypto.o \
                        lib/sha1.o \
                        lib/sha256.o \
                        lib/sha512.o \

This part cause compilation issue when CONFIG_FIT_SIGNATURE is notdefined / when openssl is not used


fdt-libcrypto.c:(.text+0x2f): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x37): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x44): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x51): undefined reference to `BN_new'
fdt-libcrypto.c:(.text+0x7d): undefined reference to `BN_CTX_new'
fdt-libcrypto.c:(.text+0x9d): undefined reference to `BN_set_word'
fdt-libcrypto.c:(.text+0xaf): undefined reference to `BN_set_word'
fdt-libcrypto.c:(.text+0xc5): undefined reference to `BN_exp'
fdt-libcrypto.c:(.text+0x135): undefined reference to `BN_div'
fdt-libcrypto.c:(.text+0x13d): undefined reference to `BN_get_word'
fdt-libcrypto.c:(.text+0x172): undefined reference to `BN_rshift'
fdt-libcrypto.c:(.text+0x1a9): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1b3): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1bd): undefined reference to `BN_free'
fdt-libcrypto.c:(.text+0x1c5): undefined reference to `BN_free'

libssl not always include in mkimage, see the lines:

  # MXSImage needs LibSSL

ifneq($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE)$(CONFIG_FIT_CIPHER),)

  HOSTCFLAGS_kwbimage.o += \
      $(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
  HOSTLDLIBS_mkimage += \

$(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo"-lssl -lcrypto")



=> I propose to add the added lib only when CONFIG_FIT_SIGNATURE is

      activated by removing dumpimage-mkimage-objs udpate and with:

- FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.ocommon/image-fit-sig.o

+ FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.ocommon/image-fit-sig.o lib/fdt-libcrypto.o



Regards

Patrick

Re: [PATCH v4 2/6] lib/rsa: Make fdt_add_bignum() available outside of RSA code

Reply via email to