rsa-verify: Rework host check for CONFIG_RSA_VERIFY_WITH_PKEY
While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we cannot undef the symbol in this manner. As this ends up being a test within another function we can use !tools_build() as a test here. Cc: AKASHI Takahiro <takahiro.akashi@linaro.org> Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
parent
218ce3695b
commit
137de2cf0d
@ -23,18 +23,6 @@
|
||||
#include <u-boot/rsa-mod-exp.h>
|
||||
#include <u-boot/rsa.h>
|
||||
|
||||
#ifndef __UBOOT__
|
||||
/*
|
||||
* NOTE:
|
||||
* Since host tools, like mkimage, make use of openssl library for
|
||||
* RSA encryption, rsa_verify_with_pkey()/rsa_gen_key_prop() are
|
||||
* of no use and should not be compiled in.
|
||||
* So just turn off CONFIG_RSA_VERIFY_WITH_PKEY.
|
||||
*/
|
||||
|
||||
#undef CONFIG_RSA_VERIFY_WITH_PKEY
|
||||
#endif
|
||||
|
||||
/* Default public exponent for backward compatibility */
|
||||
#define RSA_DEFAULT_PUBEXP 65537
|
||||
|
||||
@ -506,7 +494,13 @@ int rsa_verify_hash(struct image_sign_info *info,
|
||||
{
|
||||
int ret = -EACCES;
|
||||
|
||||
if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) {
|
||||
/*
|
||||
* Since host tools, like mkimage, make use of openssl library for
|
||||
* RSA encryption, rsa_verify_with_pkey()/rsa_gen_key_prop() are
|
||||
* of no use and should not be compiled in.
|
||||
*/
|
||||
if (!tools_build() && CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) &&
|
||||
!info->fdt_blob) {
|
||||
/* don't rely on fdt properties */
|
||||
ret = rsa_verify_with_pkey(info, hash, sig, sig_len);
|
||||
if (ret)
|
||||
|
Loading…
Reference in New Issue
Block a user