feat: Add option to enable/disable use of OpenSSL functions

This commit implements step 7 of the Meson migration plan. It introduces a new boolean option, 'use_openssl_functions', to control whether to use OpenSSL's own crypto functions or the library's internal ones. This mirrors the behavior of the '--disable-use-openssl-functions' flag in the Autotools build system. The option is added to 'meson_options.txt' and the corresponding C defines are conditionally applied in 'src/meson.build' for both TPM 1.2 and TPM 2.0 builds when using the OpenSSL backend. Signed-off-by: Gemini <gemini@google.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2026-01-03 15:39:33 +00:00 · 2025-08-04 14:51:25 +04:00 · 2025-08-04 14:51:25 +04:00 · 4bfb164c8a
commit 4bfb164c8a
parent 74b91bec7e
2 changed files with 22 additions and 3 deletions
--- a/meson_options.txt
+++ b/meson_options.txt
@ -1,3 +1,4 @@
 option('tpm1', type: 'boolean', value: true, description: 'Build with TPM 1.2 support.')
 option('tpm2', type: 'boolean', value: true, description: 'Build with TPM 2.0 support.')
-option('crypto_backend', type: 'combo', choices: ['openssl', 'freebl'], value: 'openssl', description: 'Choose the cryptographic backend.')
+option('crypto_backend', type: 'combo', choices: ['openssl', 'freebl'], value: 'openssl', description: 'Choose the cryptographic backend.')
+option('use_openssl_functions', type: 'boolean', value: true, description: 'Use OpenSSL functions for crypto instead of internal code.')
--- a/src/meson.build
+++ b/src/meson.build
@ -12,11 +12,29 @@ endif
 crypto_deps = []
 tpm1_crypto_sources = []
 freebl_inc = []
+openssl_flags = []
 if crypto_backend == 'openssl'
  crypto_deps += dependency('openssl', version: '>=1.1.0', required: true)
  if with_tpm1
    tpm1_crypto_sources += 'tpm12/tpm_crypto.c'
  endif
+  if get_option('use_openssl_functions')
+    openssl_flags += [
+      '-DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1',
+      '-DUSE_OPENSSL_FUNCTIONS_EC=1',
+      '-DUSE_OPENSSL_FUNCTIONS_ECDSA=1',
+      '-DUSE_OPENSSL_FUNCTIONS_RSA=1',
+      '-DUSE_OPENSSL_FUNCTIONS_SSKDF=1'
+    ]
+  else
+    openssl_flags += [
+      '-DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=0',
+      '-DUSE_OPENSSL_FUNCTIONS_EC=0',
+      '-DUSE_OPENSSL_FUNCTIONS_ECDSA=0',
+      '-DUSE_OPENSSL_FUNCTIONS_RSA=0',
+      '-DUSE_OPENSSL_FUNCTIONS_SSKDF=0'
+    ]
+  endif
 else # freebl
  nss_dep = dependency('nss')
  nspr_dep = dependency('nspr')
@ -75,7 +93,7 @@ if with_tpm1
  )

  tpm1_lib = static_library('tpms_tpm12', tpm1_sources,
-    c_args: common_c_args + [
+    c_args: common_c_args + openssl_flags + [
      '-DTPM_V12',
      '-DTPM_PCCLIENT',
      '-DTPM_POSIX',
@ -148,7 +166,7 @@ if with_tpm2
  )

  tpm2_lib = static_library('tpms_tpm2', tpm2_sources,
-    c_args: common_c_args + [
+    c_args: common_c_args + openssl_flags + [
      '-D_POSIX_C_SOURCE=200809L',
      '-DTPM_POSIX',
      '-include', 'config.h'