[PATCH v4 17/29] mbedtls: add public key porting layer

Raymond Mao raymond.mao at linaro.org
Thu Jul 18 22:39:43 CEST 2024


Hi Ilias,

On Wed, 3 Jul 2024 at 07:47, Ilias Apalodimas <ilias.apalodimas at linaro.org>
wrote:

> On Tue, 2 Jul 2024 at 21:30, Raymond Mao <raymond.mao at linaro.org> wrote:
> >
> > Add porting layer for public key on top of MbedTLS X509 library.
> > Introduce _LEGACY and _MBEDTLS kconfigs for public key legacy and
> > MbedTLS implementations respectively.
> >
> > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> > ---
> > Changes in v2
> > - Move the porting layer to MbedTLS dir.
> > Changes in v3
> > - None.
> > Changes in v4
> > - Introduce _LEGACY and _MBEDTLS kconfigs for public key legacy and
> >   MbedTLS implementations respectively.
> > - Move common functions to helper.
> >
> >  lib/mbedtls/Kconfig      | 50 ++++++++++++++++++++++++
> >  lib/mbedtls/Makefile     |  7 +++-
> >  lib/mbedtls/public_key.c | 82 ++++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 138 insertions(+), 1 deletion(-)
> >  create mode 100644 lib/mbedtls/public_key.c
> >
> > diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> > index 0cdf0135667..6f29b0c81a2 100644
> > --- a/lib/mbedtls/Kconfig
> > +++ b/lib/mbedtls/Kconfig
>
[snip]

> > @@ -232,7 +258,31 @@ endif # MBEDTLS_LIB_CRYPTO
> >
> >  config MBEDTLS_LIB_X509
> >         bool "MbedTLS certificate libraries"
> > +       select ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS if \
> > +               ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> > +       select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS if \
> > +               ASYMMETRIC_PUBLIC_KEY_SUBTYPE && SPL
>
> Why do we have to select SPL here and in the Kconfig above for the
> legacy option?
>
> It should be:
"select SPL_<ALG>_<LEGACY/MBEDTLS> if SPL_<ALG>"
For example:
```
config MBEDTLS_LIB_X509
      bool "MbedTLS certificate libraries"
       [...]
       select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS if \
              SPL_ASYMMETRIC_PUBLIC_KEY
```

Regards,
Raymond


More information about the U-Boot mailing list