diff options
| author | Paul-Erwan Rio <paulerwan.rio@gmail.com> | 2023-12-21 08:26:11 +0100 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2024-01-11 22:09:11 -0500 |
| commit | 03e598263e3878b6f5d58f5525577903edadc644 (patch) | |
| tree | 22ac5da5ccb9298e7046389802af067937c23ac9 /tools | |
| parent | b646a1053fda188bfb054acc98aa73bb23b158b1 (diff) | |
| download | u-boot-03e598263e3878b6f5d58f5525577903edadc644.zip u-boot-03e598263e3878b6f5d58f5525577903edadc644.tar.gz u-boot-03e598263e3878b6f5d58f5525577903edadc644.tar.bz2 | |
tools: fix build without LIBCRYPTO support
Commit cb9faa6f98ae ("tools: Use a single target-independent config to
enable OpenSSL") introduced a target-independent configuration to build
crypto features in host tools.
But since commit 2c21256b27d7 ("hash: Use Kconfig to enable hashing in
host tools and SPL") the build without OpenSSL is broken, due to FIT
signature/encryption features. Add missing conditional compilation
tokens to fix this.
Signed-off-by: Paul-Erwan Rio <paulerwan.rio@gmail.com>
Tested-by: Alexander Dahl <ada@thorsis.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/Kconfig | 1 | ||||
| -rw-r--r-- | tools/fit_image.c | 2 | ||||
| -rw-r--r-- | tools/image-host.c | 4 | ||||
| -rw-r--r-- | tools/mkimage.c | 5 |
4 files changed, 9 insertions, 3 deletions
diff --git a/tools/Kconfig b/tools/Kconfig index f8632cd..f01ed78 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -51,6 +51,7 @@ config TOOLS_FIT_RSASSA_PSS Support the rsassa-pss signature scheme in the tools builds config TOOLS_FIT_SIGNATURE + depends on TOOLS_LIBCRYPTO def_bool y help Enable signature verification of FIT uImages in the tools builds diff --git a/tools/fit_image.c b/tools/fit_image.c index 71e031c..beef1fa 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -61,7 +61,7 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc, ret = fit_set_timestamp(ptr, 0, time); } - if (!ret) + if (CONFIG_IS_ENABLED(FIT_SIGNATURE) && !ret) ret = fit_pre_load_data(params->keydir, dest_blob, ptr); if (!ret) { diff --git a/tools/image-host.c b/tools/image-host.c index ca49503..90bc9f9 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -14,8 +14,10 @@ #include <image.h> #include <version.h> +#if CONFIG_IS_ENABLED(FIT_SIGNATURE) #include <openssl/pem.h> #include <openssl/evp.h> +#endif /** * fit_set_hash_value - set hash value in requested has node @@ -1131,6 +1133,7 @@ static int fit_config_add_verification_data(const char *keydir, return 0; } +#if CONFIG_IS_ENABLED(FIT_SIGNATURE) /* * 0) open file (open) * 1) read certificate (PEM_read_X509) @@ -1239,6 +1242,7 @@ int fit_pre_load_data(const char *keydir, void *keydest, void *fit) out: return ret; } +#endif int fit_cipher_data(const char *keydir, void *keydest, void *fit, const char *comment, int require_keys, diff --git a/tools/mkimage.c b/tools/mkimage.c index 6dfe3e1..ac62ebb 100644 --- a/tools/mkimage.c +++ b/tools/mkimage.c @@ -115,7 +115,7 @@ static void usage(const char *msg) " -B => align size in hex for FIT structure and header\n" " -b => append the device tree binary to the FIT\n" " -t => update the timestamp in the FIT\n"); -#ifdef CONFIG_FIT_SIGNATURE +#if CONFIG_IS_ENABLED(FIT_SIGNATURE) fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>] [-p addr] [-r] [-N engine]\n" " -k => set directory containing private keys\n" @@ -130,8 +130,9 @@ static void usage(const char *msg) " -o => algorithm to use for signing\n"); #else fprintf(stderr, - "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n"); + "Signing / verified boot not supported (CONFIG_TOOLS_FIT_SIGNATURE undefined)\n"); #endif + fprintf(stderr, " %s -V ==> print version information and exit\n", params.cmdname); fprintf(stderr, "Use '-T list' to see a list of available image types\n"); |