git.baikalelectronics.ru Git - arm-tf.git/commit

author	Juan Pablo Conde <juanpablo.conde@arm.com>
	Wed, 2 Mar 2022 23:10:08 +0000 (18:10 -0500)
committer	Juan Pablo Conde <juanpablo.conde@arm.com>
	Mon, 16 May 2022 17:01:59 +0000 (19:01 +0200)
commit	9bc52d330fccb0e4df22006630350a42457d3306
tree	63ffde9e46553c18610de02d89de254eb3f37fdd	tree \| snapshot
parent	b1470ccc928c45d4ee53f384d8c2d5d39b31b5e1	commit \| diff

refactor(security): upgrade tools to OpenSSL 3.0

Host tools cert_tool and encrypt_fw refactored to be fully
compatible with OpenSSL v3.0.

Changes were made following the OpenSSL 3.0 migration guide:
https://www.openssl.org/docs/man3.0/man7/migration_guide.html
In some cases, those changes are straightforward and only
a small modification on the types or API calls was needed
(e.g.: replacing BN_pseudo_rand() with BN_rand(). Both identical
since v1.1.0).
The use of low level APIs is now deprecated. In some cases,
the new API provides a simplified solution for our goals and
therefore the code was simplified accordingly (e.g.: generating
RSA keys through EVP_RSA_gen() without the need of handling the
exponent). However, in some cases, a more
sophisticated approach was necessary, as the use of a context
object was required (e.g.: when retrieving the digest value from
an SHA file).

Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I978e8578fe7ab3e71307450ebe7e7812fbcaedb6

docs/getting_started/prerequisites.rst		diff \| blob \| history
tools/cert_create/Makefile		diff \| blob \| history
tools/cert_create/src/cert.c		diff \| blob \| history
tools/cert_create/src/key.c		diff \| blob \| history
tools/cert_create/src/sha.c		diff \| blob \| history
tools/encrypt_fw/Makefile		diff \| blob \| history
tools/fiptool/Makefile		diff \| blob \| history