[PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS

Ilias Apalodimas ilias.apalodimas at linaro.org
Wed Oct 9 11:18:29 CEST 2024


On Fri, 4 Oct 2024 at 01:03, Raymond Mao <raymond.mao at linaro.org> wrote:
>
> Previous patch has introduced MbedTLS porting layer for mscode parser,
> here to adjust the header and makefiles accordingly.
> Adding _LEGACY Kconfig for legacy mscode implementation.
>
> Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> Changes in v3
> - Update commit message.
> Changes in v4
> - Control building legacy library via '_LEGACY' Kconfig.
> Changes in v5
> - Add kconfig for legacy mscode parser.
> - Correct header file include directories.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
>  include/crypto/mscode.h | 4 ++++
>  lib/crypto/Makefile     | 2 +-
>  lib/mbedtls/Kconfig     | 9 +++++++++
>  3 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/include/crypto/mscode.h b/include/crypto/mscode.h
> index 551058b96e6..678e69001b9 100644
> --- a/include/crypto/mscode.h
> +++ b/include/crypto/mscode.h
> @@ -9,6 +9,10 @@
>  #ifndef __UBOOT__
>  #include <crypto/hash_info.h>
>  #endif
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> +#include <mbedtls/asn1.h>
> +#include <mbedtls/oid.h>
> +#endif
>
>  struct pefile_context {
>  #ifndef __UBOOT__
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index 7129315393f..3caa45dc2a8 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -63,7 +63,7 @@ obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
>  #
>  # Signed PE binary-wrapped key handling
>  #
> -obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o
> +obj-$(CONFIG_$(SPL_)MSCODE_PARSER_LEGACY) += mscode.o
>
>  mscode-y := \
>         mscode_parser.o \
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index fd7263f9616..efeaed50385 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -120,6 +120,7 @@ config LEGACY_CRYPTO_CERT
>                 ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>         select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
>         select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
> +       select MSCODE_PARSER_LEGACY if MSCODE_PARSER
>         select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
>                 SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>         help
> @@ -150,6 +151,14 @@ config PKCS7_MESSAGE_PARSER_LEGACY
>           This option chooses legacy certificate library for PKCS7 message
>           parser.
>
> +config MSCODE_PARSER_LEGACY
> +       bool "MS authenticode parser with legacy certificate library"
> +       depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER
> +       select ASN1_DECODER_LEGACY
> +       help
> +         This option chooses legacy certificate library for MS authenticode
> +         parser.
> +
>  if SPL
>
>  config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
> --
> 2.25.1
>

Acked-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>


More information about the U-Boot mailing list