Re: [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS

9 Oct 2024

On Fri, 4 Oct 2024 at 01:03, Raymond Mao raymond.mao@linaro.org wrote:
...
Previous patch has introduced MbedTLS porting layer for mscode parser,
here to adjust the header and makefiles accordingly.
Adding _LEGACY Kconfig for legacy mscode implementation.
Signed-off-by: Raymond Mao raymond.mao@linaro.org
Changes in v2

Move the porting layer to MbedTLS dir.

Changes in v3

Update commit message.

Changes in v4

Control building legacy library via '_LEGACY' Kconfig.

Changes in v5

Add kconfig for legacy mscode parser.
Correct header file include directories.

Changes in v6

None.

Changes in v7

None.

Changes in v8

None

include/crypto/mscode.h | 4 ++++
 lib/crypto/Makefile     | 2 +-
 lib/mbedtls/Kconfig     | 9 +++++++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/include/crypto/mscode.h b/include/crypto/mscode.h
index 551058b96e6..678e69001b9 100644
--- a/include/crypto/mscode.h
+++ b/include/crypto/mscode.h
@@ -9,6 +9,10 @@
 #ifndef __UBOOT__
 #include <crypto/hash_info.h>
 #endif
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+#include <mbedtls/asn1.h>
+#include <mbedtls/oid.h>
+#endif
struct pefile_context {
 #ifndef __UBOOT__
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 7129315393f..3caa45dc2a8 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -63,7 +63,7 @@ obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
 #
 # Signed PE binary-wrapped key handling
 #
-obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o
+obj-$(CONFIG_$(SPL_)MSCODE_PARSER_LEGACY) += mscode.o
mscode-y := \
        mscode_parser.o \
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index fd7263f9616..efeaed50385 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -120,6 +120,7 @@ config LEGACY_CRYPTO_CERT
                ASYMMETRIC_PUBLIC_KEY_SUBTYPE
        select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
        select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER

  select MSCODE_PARSER_LEGACY if MSCODE_PARSER
  select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
          SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
  help



@@ -150,6 +151,14 @@ config PKCS7_MESSAGE_PARSER_LEGACY
          This option chooses legacy certificate library for PKCS7 message
          parser.
+config MSCODE_PARSER_LEGACY

  bool "MS authenticode parser with legacy certificate library"


  depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER


  select ASN1_DECODER_LEGACY


  help


    This option chooses legacy certificate library for MS authenticode


    parser.




if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
2.25.1
Acked-by: Ilias Apalodimas ilias.apalodimas@linaro.org

    