openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

FROMLIST: sign-file: Use OpenSSL provided define to compile out deprecated APIs 

OpenSSL's ENGINE API is deprecated in OpenSSL v3.0.

Use OPENSSL_NO_ENGINE to disallow its use and fall back on the BIO API.

This is required for fully hermetic builds in android-kernel.

Link: https://lore.kernel.org/lkml/20211005161833.1522737-1-lee.jones@linaro.org/
Fixes: bce40b72a3 ("ANDROID: Disable hermetic toolchain for allmodconfig builds")
Co-developed-by: Adam Langley <agl@google.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Change-Id: I5ecac477c274ef040934710fd4a042c133942e34
This commit is contained in:
Lee Jones 2021-10-05 14:33:06 +01:00
parent 0aad32680a
commit e9d39639a5
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
scripts/sign-file.c
View File

@ -135,7 +135,9 @@ static int pem_pw_cb(char *buf, int len, int w, void *v)
static EVP_PKEY *read_private_key(const char *private_key_name)
{
EVP_PKEY *private_key;
BIO *b;
#ifndef OPENSSL_NO_ENGINE
if (!strncmp(private_key_name, "pkcs11:", 7)) {
ENGINE *e;
@ -153,17 +155,16 @@ static EVP_PKEY *read_private_key(const char *private_key_name)
private_key = ENGINE_load_private_key(e, private_key_name,
NULL, NULL);
ERR(!private_key, "%s", private_key_name);
} else {
BIO *b;
b = BIO_new_file(private_key_name, "rb");
ERR(!b, "%s", private_key_name);
private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb,
NULL);
ERR(!private_key, "%s", private_key_name);
BIO_free(b);
return private_key;
}
#endif
b = BIO_new_file(private_key_name, "rb");
ERR(!b, "%s", private_key_name);
private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb,
NULL);
ERR(!private_key, "%s", private_key_name);
BIO_free(b);
return private_key;
}