Hi Raymond On Tue, 2 Jul 2024 at 21:33, Raymond Mao <raymond....@linaro.org> wrote: > > Add porting layer for MSCode on top of MbedTLS ASN1 library. > Introduce _LEGACY and _MBEDTLS kconfigs for MSCode legacy and > MbedTLS implementations respectively.
You should mention explicitly on the commit message, that this patch is expected to be merged in mbedTLS upstream and we can remove it in the future > > Signed-off-by: Raymond Mao <raymond....@linaro.org> > --- > Changes in v2 > - Move the porting layer to MbedTLS dir. > Changes in v3 > - None. > Changes in v4 > - Introduce _LEGACY and _MBEDTLS kconfigs for MSCode legacy and > MbedTLS implementations respectively. > - Fix a few code style. > > lib/mbedtls/Kconfig | 17 +++++ > lib/mbedtls/Makefile | 1 + > lib/mbedtls/mscode_parser.c | 123 ++++++++++++++++++++++++++++++++++++ > 3 files changed, 141 insertions(+) > create mode 100644 lib/mbedtls/mscode_parser.c > > diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig > index 8c5b617bb48..d8a8f87e031 100644 > --- a/lib/mbedtls/Kconfig > +++ b/lib/mbedtls/Kconfig > @@ -126,6 +126,7 @@ config LEGACY_CRYPTO_CERT > ASYMMETRIC_PUBLIC_KEY_SUBTYPE > select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER > select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER > + select MSCODE_PARSER_LEGACY if MSCODE_PARSER > select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_LEGACY if \ > ASYMMETRIC_PUBLIC_KEY_SUBTYPE && SPL > help > @@ -156,6 +157,14 @@ config PKCS7_MESSAGE_PARSER_LEGACY > This option chooses legacy certificate library for PKCS7 message > parser. > > +config MSCODE_PARSER_LEGACY Where is this used? Is it on a later patch? The MSCODE_PARSER_MBEDTLS option is part of this patch on the Makefile > + bool "MS authenticode parser with legacy certificate library" > + depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER > + select ASN1_DECODER_LEGACY > + help > + This option chooses legacy certificate library for MS authenticode > + parser. > + > if SPL > > config SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_LEGACY > @@ -280,6 +289,7 @@ config MBEDTLS_LIB_X509 > ASYMMETRIC_PUBLIC_KEY_SUBTYPE > select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER > select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER > + select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER > select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS if \ > ASYMMETRIC_PUBLIC_KEY_SUBTYPE && SPL > help > @@ -309,6 +319,13 @@ config PKCS7_MESSAGE_PARSER_MBEDTLS > This option chooses MbedTLS certificate library for PKCS7 message > parser. > > +config MSCODE_PARSER_MBEDTLS > + bool "MS authenticode parser with MbedTLS certificate library" > + select ASN1_DECODER_MBEDTLS > + help > + This option chooses MbedTLS certificate library for MS authenticode > + parser. > + > if SPL > > config SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS > diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile > index 7b40ff0c467..ac7c487449d 100644 > --- a/lib/mbedtls/Makefile > +++ b/lib/mbedtls/Makefile > @@ -27,6 +27,7 @@ > x509_mbedtls-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE_MBEDTLS) += \ > x509_mbedtls-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \ > x509_cert_parser.o > x509_mbedtls-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += pkcs7_parser.o > +x509_mbedtls-$(CONFIG_$(SPL_)MSCODE_PARSER_MBEDTLS) += mscode_parser.o > > # MbedTLS crypto library > obj-$(CONFIG_MBEDTLS_LIB_CRYPTO) += mbedtls_lib_crypto.o > diff --git a/lib/mbedtls/mscode_parser.c b/lib/mbedtls/mscode_parser.c > new file mode 100644 > index 00000000000..c3805c6503c > --- /dev/null > +++ b/lib/mbedtls/mscode_parser.c > @@ -0,0 +1,123 @@ [...] Thanks /Ilias
