From: Kel Modderman <kel@otaku42.de>
Date: Fri, 16 Nov 2018 16:50:45 +0100
Subject: [PATCH] Allow build without embedding pubkey data into crda/regdbdump
 binaries

Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
---
 Makefile | 5 +++++
 reglib.c | 6 ++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index b74d3b544bd9..9ce318484001 100644
--- a/Makefile
+++ b/Makefile
@@ -42,7 +42,12 @@ ifeq ($(USE_OPENSSL),1)
 CFLAGS += -DUSE_OPENSSL -DPUBKEY_DIR=\"$(RUNTIME_PUBKEY_DIR)\" `pkg-config --cflags openssl`
 LIBREGLIBS += `pkg-config --libs openssl`
 
+ifeq ($(RUNTIME_PUBKEY_ONLY),1)
+CFLAGS += -DRUNTIME_PUBKEY_ONLY
+else
+CFLAGS += -DHAVE_KEYS_SSL
 $(LIBREG): keys-ssl.c
+endif
 
 else
 CFLAGS += -DUSE_GCRYPT
diff --git a/reglib.c b/reglib.c
index e00e9b8d4b44..87691022f9e7 100644
--- a/reglib.c
+++ b/reglib.c
@@ -30,7 +30,7 @@
 
 #include "reglib.h"
 
-#ifdef USE_OPENSSL
+#if defined(USE_OPENSSL) && defined(HAVE_KEYS_SSL)
 #include "keys-ssl.c"
 #endif
 
@@ -83,7 +83,6 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen)
 {
 	RSA *rsa;
 	uint8_t hash[SHA_DIGEST_LENGTH];
-	unsigned int i;
 	int ok = 0;
 	DIR *pubkey_dir;
 	struct dirent *nextfile;
@@ -95,6 +94,8 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen)
 		goto out;
 	}
 
+#ifdef HAVE_KEYS_SSL
+	unsigned int i;
 	for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
 		rsa = RSA_new();
 		if (!rsa) {
@@ -112,6 +113,7 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen)
 		rsa->n = NULL;
 		RSA_free(rsa);
 	}
+#endif
 	if (!ok && (pubkey_dir = opendir(PUBKEY_DIR))) {
 		while (!ok && (nextfile = readdir(pubkey_dir))) {
 			snprintf(filename, PATH_MAX, "%s/%s", PUBKEY_DIR,