[PATCH] Add support for OpenSSL Provider API

[PATCH] Add support for OpenSSL Provider API

[Eddie Kovsky]

The Engine API has been deprecated since the release of OpenSSL 3.0. End users
have been advised to migrate to the new Provider interface. Several
distributions have already removed support for engines, which is preventing
U-Boot from being compiled in those environments.

The Kconfig option OPENSSL_NO_DEPRECATED introduces support for the Provider API
while continuing to use the existing Engine API on distros shipping older
releases of OpenSSL.

This is based on similar work contributed by Jan Stancek
updating Linux to use the Provider interface.

    commit 558bdc45dfb2669e1741384a0c80be9c82fa052c
    Author: Jan Stancek <jstancek@redhat.com>
    Date:   Fri Sep 20 19:52:48 2024 +0300

        sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3

The changes have been tested with the FIT signature verification vboot tests on
Fedora 42 and Debian 13. All 30 tests pass with both the legacy Engine library
installed and with the Provider API.

Signed-off-by: Eddie Kovsky <ekovsky@redhat.com>
---
 lib/aes/aes-encrypt.c |  2 +
 lib/rsa/Kconfig       |  8 ++++
 lib/rsa/rsa-sign.c    | 93 ++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 101 insertions(+), 2 deletions(-)

diff --git a/lib/aes/aes-encrypt.c b/lib/aes/aes-encrypt.c
index 90e1407b4f09..9595772cf58b 100644
--- a/lib/aes/aes-encrypt.c
+++ b/lib/aes/aes-encrypt.c
@@ -16,7 +16,9 @@
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 #include <openssl/engine.h>
+#endif
 #include <uboot_aes.h>
 
 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index 9033384e60a3..622f06f8dba0 100644
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -20,6 +20,14 @@ config SPL_RSA
 	bool "Use RSA Library within SPL"
 	depends on SPL
 
+config OPENSSL_NO_DEPRECATED
+	bool "Build U-Boot without support for OpenSSL Engine"
+	default n
+	help
+	  Add support for the OpenSSL Provider API, which is the officially
+	  supported mechanism in OpenSSL 3.x and later releases for accessing
+	  hardware and software cryptography.
+
 config SPL_RSA_VERIFY
 	bool
 	depends on SPL_RSA
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 92b9d7876e52..9ebbcdfd52f3 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -19,15 +19,51 @@
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
+#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
+#include <err.h>
+#include <openssl/provider.h>
+#include <openssl/store.h>
+#else
 #include <openssl/engine.h>
+#endif // CONFIG_OPENSSL_NO_DEPRECATED
+
+#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
+#define ERR(cond, fmt, ...)				\
+	do {						\
+		bool __cond = (cond);			\
+		drain_openssl_errors(__LINE__, 0);	\
+		if (__cond) {				\
+			errx(1, fmt, ## __VA_ARGS__);	\
+		}					\
+	} while (0)
+
+static void drain_openssl_errors(int l, int silent)
+{
+	const char *file;
+	char buf[120];
+	int e, line;
+
+	if (ERR_peek_error() == 0)
+		return;
+	if (!silent)
+		fprintf(stderr, "At main.c:%d:\n", l);
+
+	while ((e = ERR_peek_error_line(&file, &line))) {
+		ERR_error_string(e, buf);
+		if (!silent)
+			fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
+		ERR_get_error();
+	}
+}
+#endif // CONFIG_OPENSSL_NO_DEPRECATED
 
 static int rsa_err(const char *msg)
 {
-	unsigned long sslErr = ERR_get_error();
+	unsigned long ssl_err = ERR_get_error();
 
 	fprintf(stderr, "%s", msg);
 	fprintf(stderr, ": %s\n",
-		ERR_error_string(sslErr, 0));
+		ERR_error_string(ssl_err, 0));
 
 	return -1;
 }
@@ -98,6 +134,7 @@ err_cert:
  * @evpp	Returns EVP_PKEY object, or NULL on failure
  * Return: 0 if ok, -ve on error (in which case *evpp will be set to NULL)
  */
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 static int rsa_engine_get_pub_key(const char *keydir, const char *name,
 				  ENGINE *engine, EVP_PKEY **evpp)
 {
@@ -157,6 +194,7 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
 
 	return 0;
 }
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 /**
  * rsa_get_pub_key() - read a public key
@@ -170,8 +208,10 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
 static int rsa_get_pub_key(const char *keydir, const char *name,
 			   ENGINE *engine, EVP_PKEY **evpp)
 {
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (engine)
 		return rsa_engine_get_pub_key(keydir, name, engine, evpp);
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 	return rsa_pem_get_pub_key(keydir, name, evpp);
 }
 
@@ -207,6 +247,37 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
 		return -ENOENT;
 	}
 
+#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
+	EVP_PKEY *private_key = NULL;
+	OSSL_STORE_CTX *store;
+
+	if (!OSSL_PROVIDER_try_load(NULL, "pkcs11", true))
+		ERR(1, "OSSL_PROVIDER_try_load(pkcs11)");
+	if (!OSSL_PROVIDER_try_load(NULL, "default", true))
+		ERR(1, "OSSL_PROVIDER_try_load(default)");
+
+	store = OSSL_STORE_open(path, NULL, NULL, NULL, NULL);
+	ERR(!store, "OSSL_STORE_open");
+
+	while (!OSSL_STORE_eof(store)) {
+		OSSL_STORE_INFO *info = OSSL_STORE_load(store);
+
+		if (!info) {
+			drain_openssl_errors(__LINE__, 0);
+			continue;
+		}
+		if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
+			private_key = OSSL_STORE_INFO_get1_PKEY(info);
+			ERR(!private_key, "OSSL_STORE_INFO_get1_PKEY");
+		}
+		OSSL_STORE_INFO_free(info);
+		if (private_key)
+			break;
+	}
+	OSSL_STORE_close(store);
+
+	*evpp = private_key;
+#else
 	if (!PEM_read_PrivateKey(f, evpp, NULL, path)) {
 		rsa_err("Failure reading private key");
 		fclose(f);
@@ -214,6 +285,7 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
 	}
 	fclose(f);
 
+#endif // CONFIG_OPENSSL_NO_DEPRECATED
 	return 0;
 }
 
@@ -226,6 +298,7 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
  * @evpp	Returns EVP_PKEY object, or NULL on failure
  * Return: 0 if ok, -ve on error (in which case *evpp will be set to NULL)
  */
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 static int rsa_engine_get_priv_key(const char *keydir, const char *name,
 				   const char *keyfile,
 				   ENGINE *engine, EVP_PKEY **evpp)
@@ -293,6 +366,7 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
 
 	return 0;
 }
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 /**
  * rsa_get_priv_key() - read a private key
@@ -306,9 +380,11 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
 static int rsa_get_priv_key(const char *keydir, const char *name,
 			    const char *keyfile, ENGINE *engine, EVP_PKEY **evpp)
 {
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (engine)
 		return rsa_engine_get_priv_key(keydir, name, keyfile, engine,
 					       evpp);
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 	return rsa_pem_get_priv_key(keydir, name, keyfile, evpp);
 }
 
@@ -325,6 +401,7 @@ static int rsa_init(void)
 	return 0;
 }
 
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 static int rsa_engine_init(const char *engine_id, ENGINE **pe)
 {
 	const char *key_pass;
@@ -380,6 +457,7 @@ static void rsa_engine_remove(ENGINE *e)
 		ENGINE_free(e);
 	}
 }
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
 			     struct checksum_algo *checksum_algo,
@@ -480,11 +558,13 @@ int rsa_sign(struct image_sign_info *info,
 	if (ret)
 		return ret;
 
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (info->engine_id) {
 		ret = rsa_engine_init(info->engine_id, &e);
 		if (ret)
 			return ret;
 	}
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 	ret = rsa_get_priv_key(info->keydir, info->keyname, info->keyfile,
 			       e, &pkey);
@@ -496,16 +576,21 @@ int rsa_sign(struct image_sign_info *info,
 		goto err_sign;
 
 	EVP_PKEY_free(pkey);
+
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (info->engine_id)
 		rsa_engine_remove(e);
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 	return ret;
 
 err_sign:
 	EVP_PKEY_free(pkey);
 err_priv:
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (info->engine_id)
 		rsa_engine_remove(e);
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 	return ret;
 }
 
@@ -645,11 +730,13 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
 	ENGINE *e = NULL;
 
 	debug("%s: Getting verification data\n", __func__);
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (info->engine_id) {
 		ret = rsa_engine_init(info->engine_id, &e);
 		if (ret)
 			return ret;
 	}
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 	ret = rsa_get_pub_key(info->keydir, info->keyname, e, &pkey);
 	if (ret)
 		goto err_get_pub_key;
@@ -726,8 +813,10 @@ done:
 err_get_params:
 	EVP_PKEY_free(pkey);
 err_get_pub_key:
+#ifndef CONFIG_OPENSSL_NO_DEPRECATED
 	if (info->engine_id)
 		rsa_engine_remove(e);
+#endif // !CONFIG_OPENSSL_NO_DEPRECATED
 
 	if (ret)
 		return ret;
-- 
2.51.0

Re: [PATCH] Add support for OpenSSL Provider API

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 2761 bytes --]

On Fri, Oct 17, 2025 at 11:13:27AM -0600, Eddie Kovsky wrote:

> The Engine API has been deprecated since the release of OpenSSL 3.0. End users
> have been advised to migrate to the new Provider interface. Several
> distributions have already removed support for engines, which is preventing
> U-Boot from being compiled in those environments.
> 
> The Kconfig option OPENSSL_NO_DEPRECATED introduces support for the Provider API
> while continuing to use the existing Engine API on distros shipping older
> releases of OpenSSL.
> 
> This is based on similar work contributed by Jan Stancek
> updating Linux to use the Provider interface.
> 
>     commit 558bdc45dfb2669e1741384a0c80be9c82fa052c
>     Author: Jan Stancek <jstancek@redhat.com>
>     Date:   Fri Sep 20 19:52:48 2024 +0300
> 
>         sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3
> 
> The changes have been tested with the FIT signature verification vboot tests on
> Fedora 42 and Debian 13. All 30 tests pass with both the legacy Engine library
> installed and with the Provider API.
> 
> Signed-off-by: Eddie Kovsky <ekovsky@redhat.com>
> ---
>  lib/aes/aes-encrypt.c |  2 +
>  lib/rsa/Kconfig       |  8 ++++
>  lib/rsa/rsa-sign.c    | 93 ++++++++++++++++++++++++++++++++++++++++++-
>  3 files changed, 101 insertions(+), 2 deletions(-)

Thanks for doing this, I'm glad to see the work, and my comments are
really style things to fix up and v2 once there's been time for real
content comments if any.

[snip]
> diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
> index 9033384e60a3..622f06f8dba0 100644
> --- a/lib/rsa/Kconfig
> +++ b/lib/rsa/Kconfig
> @@ -20,6 +20,14 @@ config SPL_RSA
>  	bool "Use RSA Library within SPL"
>  	depends on SPL
>  
> +config OPENSSL_NO_DEPRECATED
> +	bool "Build U-Boot without support for OpenSSL Engine"
> +	default n

This is the default, you can drop this.

[snip]
> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> index 92b9d7876e52..9ebbcdfd52f3 100644
> --- a/lib/rsa/rsa-sign.c
> +++ b/lib/rsa/rsa-sign.c
> @@ -19,15 +19,51 @@
>  #include <openssl/err.h>
>  #include <openssl/ssl.h>
>  #include <openssl/evp.h>
> +#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
> +#include <err.h>
> +#include <openssl/provider.h>
> +#include <openssl/store.h>
> +#else
>  #include <openssl/engine.h>
> +#endif // CONFIG_OPENSSL_NO_DEPRECATED

Two things (here and elsewhere). One, since we're generally using
'#ifndef CONFIG_OPENSSL_NO_DEPRECATED' just using '#ifdef
CONFIG_OPENSSL_NO_DEPRECATED' is fine, using a macro here is not aiding
readability. Two, if the if/else/endif is within the patch context we
really don't need a comment on the endif part.

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

Re: [PATCH] Add support for OpenSSL Provider API

[Mark Kettenis]

> From: Eddie Kovsky <ekovsky@redhat.com>
> Date: Fri, 17 Oct 2025 11:13:27 -0600
> 
> The Engine API has been deprecated since the release of OpenSSL
> 3.0. End users have been advised to migrate to the new Provider
> interface. Several distributions have already removed support for
> engines, which is preventing U-Boot from being compiled in those
> environments.
> 
> The Kconfig option OPENSSL_NO_DEPRECATED introduces support for the
> Provider API while continuing to use the existing Engine API on
> distros shipping older releases of OpenSSL.
> 
> This is based on similar work contributed by Jan Stancek
> updating Linux to use the Provider interface.
> 
>     commit 558bdc45dfb2669e1741384a0c80be9c82fa052c
>     Author: Jan Stancek <jstancek@redhat.com>
>     Date:   Fri Sep 20 19:52:48 2024 +0300
> 
>         sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3
> 
> The changes have been tested with the FIT signature verification
> vboot tests on Fedora 42 and Debian 13. All 30 tests pass with both
> the legacy Engine library installed and with the Provider API.

Did you test this with LibreSSL?

> Signed-off-by: Eddie Kovsky <ekovsky@redhat.com>
> ---
>  lib/aes/aes-encrypt.c |  2 +
>  lib/rsa/Kconfig       |  8 ++++
>  lib/rsa/rsa-sign.c    | 93 ++++++++++++++++++++++++++++++++++++++++++-
>  3 files changed, 101 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/aes/aes-encrypt.c b/lib/aes/aes-encrypt.c
> index 90e1407b4f09..9595772cf58b 100644
> --- a/lib/aes/aes-encrypt.c
> +++ b/lib/aes/aes-encrypt.c
> @@ -16,7 +16,9 @@
>  #include <openssl/err.h>
>  #include <openssl/ssl.h>
>  #include <openssl/evp.h>
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  #include <openssl/engine.h>
> +#endif
>  #include <uboot_aes.h>
>  
>  #if OPENSSL_VERSION_NUMBER >= 0x10000000L
> diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
> index 9033384e60a3..622f06f8dba0 100644
> --- a/lib/rsa/Kconfig
> +++ b/lib/rsa/Kconfig
> @@ -20,6 +20,14 @@ config SPL_RSA
>  	bool "Use RSA Library within SPL"
>  	depends on SPL
>  
> +config OPENSSL_NO_DEPRECATED
> +	bool "Build U-Boot without support for OpenSSL Engine"
> +	default n
> +	help
> +	  Add support for the OpenSSL Provider API, which is the officially
> +	  supported mechanism in OpenSSL 3.x and later releases for accessing
> +	  hardware and software cryptography.
> +
>  config SPL_RSA_VERIFY
>  	bool
>  	depends on SPL_RSA
> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> index 92b9d7876e52..9ebbcdfd52f3 100644
> --- a/lib/rsa/rsa-sign.c
> +++ b/lib/rsa/rsa-sign.c
> @@ -19,15 +19,51 @@
>  #include <openssl/err.h>
>  #include <openssl/ssl.h>
>  #include <openssl/evp.h>
> +#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
> +#include <err.h>
> +#include <openssl/provider.h>
> +#include <openssl/store.h>
> +#else
>  #include <openssl/engine.h>
> +#endif // CONFIG_OPENSSL_NO_DEPRECATED
> +
> +#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
> +#define ERR(cond, fmt, ...)				\
> +	do {						\
> +		bool __cond = (cond);			\
> +		drain_openssl_errors(__LINE__, 0);	\
> +		if (__cond) {				\
> +			errx(1, fmt, ## __VA_ARGS__);	\
> +		}					\
> +	} while (0)
> +
> +static void drain_openssl_errors(int l, int silent)
> +{
> +	const char *file;
> +	char buf[120];
> +	int e, line;
> +
> +	if (ERR_peek_error() == 0)
> +		return;
> +	if (!silent)
> +		fprintf(stderr, "At main.c:%d:\n", l);
> +
> +	while ((e = ERR_peek_error_line(&file, &line))) {
> +		ERR_error_string(e, buf);
> +		if (!silent)
> +			fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
> +		ERR_get_error();
> +	}
> +}
> +#endif // CONFIG_OPENSSL_NO_DEPRECATED
>  
>  static int rsa_err(const char *msg)
>  {
> -	unsigned long sslErr = ERR_get_error();
> +	unsigned long ssl_err = ERR_get_error();
>  
>  	fprintf(stderr, "%s", msg);
>  	fprintf(stderr, ": %s\n",
> -		ERR_error_string(sslErr, 0));
> +		ERR_error_string(ssl_err, 0));
>  
>  	return -1;
>  }
> @@ -98,6 +134,7 @@ err_cert:
>   * @evpp	Returns EVP_PKEY object, or NULL on failure
>   * Return: 0 if ok, -ve on error (in which case *evpp will be set to NULL)
>   */
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  static int rsa_engine_get_pub_key(const char *keydir, const char *name,
>  				  ENGINE *engine, EVP_PKEY **evpp)
>  {
> @@ -157,6 +194,7 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
>  
>  	return 0;
>  }
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  /**
>   * rsa_get_pub_key() - read a public key
> @@ -170,8 +208,10 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
>  static int rsa_get_pub_key(const char *keydir, const char *name,
>  			   ENGINE *engine, EVP_PKEY **evpp)
>  {
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (engine)
>  		return rsa_engine_get_pub_key(keydir, name, engine, evpp);
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  	return rsa_pem_get_pub_key(keydir, name, evpp);
>  }
>  
> @@ -207,6 +247,37 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
>  		return -ENOENT;
>  	}
>  
> +#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
> +	EVP_PKEY *private_key = NULL;
> +	OSSL_STORE_CTX *store;
> +
> +	if (!OSSL_PROVIDER_try_load(NULL, "pkcs11", true))
> +		ERR(1, "OSSL_PROVIDER_try_load(pkcs11)");
> +	if (!OSSL_PROVIDER_try_load(NULL, "default", true))
> +		ERR(1, "OSSL_PROVIDER_try_load(default)");
> +
> +	store = OSSL_STORE_open(path, NULL, NULL, NULL, NULL);
> +	ERR(!store, "OSSL_STORE_open");
> +
> +	while (!OSSL_STORE_eof(store)) {
> +		OSSL_STORE_INFO *info = OSSL_STORE_load(store);
> +
> +		if (!info) {
> +			drain_openssl_errors(__LINE__, 0);
> +			continue;
> +		}
> +		if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
> +			private_key = OSSL_STORE_INFO_get1_PKEY(info);
> +			ERR(!private_key, "OSSL_STORE_INFO_get1_PKEY");
> +		}
> +		OSSL_STORE_INFO_free(info);
> +		if (private_key)
> +			break;
> +	}
> +	OSSL_STORE_close(store);
> +
> +	*evpp = private_key;
> +#else
>  	if (!PEM_read_PrivateKey(f, evpp, NULL, path)) {
>  		rsa_err("Failure reading private key");
>  		fclose(f);
> @@ -214,6 +285,7 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
>  	}
>  	fclose(f);
>  
> +#endif // CONFIG_OPENSSL_NO_DEPRECATED
>  	return 0;
>  }
>  
> @@ -226,6 +298,7 @@ static int rsa_pem_get_priv_key(const char *keydir, const char *name,
>   * @evpp	Returns EVP_PKEY object, or NULL on failure
>   * Return: 0 if ok, -ve on error (in which case *evpp will be set to NULL)
>   */
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  static int rsa_engine_get_priv_key(const char *keydir, const char *name,
>  				   const char *keyfile,
>  				   ENGINE *engine, EVP_PKEY **evpp)
> @@ -293,6 +366,7 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
>  
>  	return 0;
>  }
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  /**
>   * rsa_get_priv_key() - read a private key
> @@ -306,9 +380,11 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
>  static int rsa_get_priv_key(const char *keydir, const char *name,
>  			    const char *keyfile, ENGINE *engine, EVP_PKEY **evpp)
>  {
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (engine)
>  		return rsa_engine_get_priv_key(keydir, name, keyfile, engine,
>  					       evpp);
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  	return rsa_pem_get_priv_key(keydir, name, keyfile, evpp);
>  }
>  
> @@ -325,6 +401,7 @@ static int rsa_init(void)
>  	return 0;
>  }
>  
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  static int rsa_engine_init(const char *engine_id, ENGINE **pe)
>  {
>  	const char *key_pass;
> @@ -380,6 +457,7 @@ static void rsa_engine_remove(ENGINE *e)
>  		ENGINE_free(e);
>  	}
>  }
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
>  			     struct checksum_algo *checksum_algo,
> @@ -480,11 +558,13 @@ int rsa_sign(struct image_sign_info *info,
>  	if (ret)
>  		return ret;
>  
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (info->engine_id) {
>  		ret = rsa_engine_init(info->engine_id, &e);
>  		if (ret)
>  			return ret;
>  	}
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  	ret = rsa_get_priv_key(info->keydir, info->keyname, info->keyfile,
>  			       e, &pkey);
> @@ -496,16 +576,21 @@ int rsa_sign(struct image_sign_info *info,
>  		goto err_sign;
>  
>  	EVP_PKEY_free(pkey);
> +
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (info->engine_id)
>  		rsa_engine_remove(e);
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  	return ret;
>  
>  err_sign:
>  	EVP_PKEY_free(pkey);
>  err_priv:
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (info->engine_id)
>  		rsa_engine_remove(e);
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  	return ret;
>  }
>  
> @@ -645,11 +730,13 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
>  	ENGINE *e = NULL;
>  
>  	debug("%s: Getting verification data\n", __func__);
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (info->engine_id) {
>  		ret = rsa_engine_init(info->engine_id, &e);
>  		if (ret)
>  			return ret;
>  	}
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  	ret = rsa_get_pub_key(info->keydir, info->keyname, e, &pkey);
>  	if (ret)
>  		goto err_get_pub_key;
> @@ -726,8 +813,10 @@ done:
>  err_get_params:
>  	EVP_PKEY_free(pkey);
>  err_get_pub_key:
> +#ifndef CONFIG_OPENSSL_NO_DEPRECATED
>  	if (info->engine_id)
>  		rsa_engine_remove(e);
> +#endif // !CONFIG_OPENSSL_NO_DEPRECATED
>  
>  	if (ret)
>  		return ret;
> -- 
> 2.51.0
> 
> 

Re: [PATCH] Add support for OpenSSL Provider API

[Eddie Kovsky]

On 10/17/25, Tom Rini wrote:
> On Fri, Oct 17, 2025 at 11:13:27AM -0600, Eddie Kovsky wrote:
> 
> > The Engine API has been deprecated since the release of OpenSSL 3.0. End users
> > have been advised to migrate to the new Provider interface. Several
> > distributions have already removed support for engines, which is preventing
> > U-Boot from being compiled in those environments.
> > 
> > The Kconfig option OPENSSL_NO_DEPRECATED introduces support for the Provider API
> > while continuing to use the existing Engine API on distros shipping older
> > releases of OpenSSL.
> > 
> > This is based on similar work contributed by Jan Stancek
> > updating Linux to use the Provider interface.
> > 
> >     commit 558bdc45dfb2669e1741384a0c80be9c82fa052c
> >     Author: Jan Stancek <jstancek@redhat.com>
> >     Date:   Fri Sep 20 19:52:48 2024 +0300
> > 
> >         sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3
> > 
> > The changes have been tested with the FIT signature verification vboot tests on
> > Fedora 42 and Debian 13. All 30 tests pass with both the legacy Engine library
> > installed and with the Provider API.
> > 
> > Signed-off-by: Eddie Kovsky <ekovsky@redhat.com>
> > ---
> >  lib/aes/aes-encrypt.c |  2 +
> >  lib/rsa/Kconfig       |  8 ++++
> >  lib/rsa/rsa-sign.c    | 93 ++++++++++++++++++++++++++++++++++++++++++-
> >  3 files changed, 101 insertions(+), 2 deletions(-)
> 
> Thanks for doing this, I'm glad to see the work, and my comments are
> really style things to fix up and v2 once there's been time for real
> content comments if any.
> 
> [snip]
> > diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
> > index 9033384e60a3..622f06f8dba0 100644
> > --- a/lib/rsa/Kconfig
> > +++ b/lib/rsa/Kconfig
> > @@ -20,6 +20,14 @@ config SPL_RSA
> >  	bool "Use RSA Library within SPL"
> >  	depends on SPL
> >  
> > +config OPENSSL_NO_DEPRECATED
> > +	bool "Build U-Boot without support for OpenSSL Engine"
> > +	default n
> 
> This is the default, you can drop this.
> 
> [snip]
> > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > index 92b9d7876e52..9ebbcdfd52f3 100644
> > --- a/lib/rsa/rsa-sign.c
> > +++ b/lib/rsa/rsa-sign.c
> > @@ -19,15 +19,51 @@
> >  #include <openssl/err.h>
> >  #include <openssl/ssl.h>
> >  #include <openssl/evp.h>
> > +#if (IS_ENABLED(CONFIG_OPENSSL_NO_DEPRECATED))
> > +#include <err.h>
> > +#include <openssl/provider.h>
> > +#include <openssl/store.h>
> > +#else
> >  #include <openssl/engine.h>
> > +#endif // CONFIG_OPENSSL_NO_DEPRECATED
> 
> Two things (here and elsewhere). One, since we're generally using
> '#ifndef CONFIG_OPENSSL_NO_DEPRECATED' just using '#ifdef
> CONFIG_OPENSSL_NO_DEPRECATED' is fine, using a macro here is not aiding
> readability. Two, if the if/else/endif is within the patch context we
> really don't need a comment on the endif part.
> 
> -- 
> Tom

Hi Tom

I was trying to stick to the coding guidelines as closely as possible.
But I'm happy to replace the macro usage with standard #ifdef. I will
remove the extra comments and the default Kconfig as well when I send a
v2.

Thanks

Eddie

Re: [PATCH] Add support for OpenSSL Provider API

[Eddie Kovsky]

On 10/18/25, Mark Kettenis wrote:
> > From: Eddie Kovsky <ekovsky@redhat.com>
> > Date: Fri, 17 Oct 2025 11:13:27 -0600
> > 
> > The Engine API has been deprecated since the release of OpenSSL
> > 3.0. End users have been advised to migrate to the new Provider
> > interface. Several distributions have already removed support for
> > engines, which is preventing U-Boot from being compiled in those
> > environments.
> > 
> > The Kconfig option OPENSSL_NO_DEPRECATED introduces support for the
> > Provider API while continuing to use the existing Engine API on
> > distros shipping older releases of OpenSSL.
> > 
> > This is based on similar work contributed by Jan Stancek
> > updating Linux to use the Provider interface.
> > 
> >     commit 558bdc45dfb2669e1741384a0c80be9c82fa052c
> >     Author: Jan Stancek <jstancek@redhat.com>
> >     Date:   Fri Sep 20 19:52:48 2024 +0300
> > 
> >         sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3
> > 
> > The changes have been tested with the FIT signature verification
> > vboot tests on Fedora 42 and Debian 13. All 30 tests pass with both
> > the legacy Engine library installed and with the Provider API.
> 
> Did you test this with LibreSSL?
> 

Hi Mark

No, I did not test this patch with LibreSSL. OpenSSL is the build
dependency for U-Boot, so that's what I was focused on. The LibreSSL
project states that "The OpenSSL 3 API is not currently supported."

I did make sure to add #ifdef guards throughout the existing code so
that users who do not enable this configuration option can continue to
use the engine interface. That should also work for users who substitute
LibreSSL on their systems.

I did attempt to use the libretls package since you first asked about
this, but I wasn't able to get the build to compile. Is this something
you would be able to verify? I'd be happy to add your Tested-by.

Thanks

Eddie