Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pass spdm context as cookie to libspdm_*_data_sign() #2591

Closed
wants to merge 1 commit into from
Closed

pass spdm context as cookie to libspdm_*_data_sign() #2591

wants to merge 1 commit into from

Conversation

bluerise
Copy link

Hi there,

is there a reason that these two are not being passed the spdm context?

Right now there's no state connected to the signing backend. This means it needs to be hardcoded which credentials are being used. Passing the context allows the backend code to retrieve the app-specific context to access local credentials.

The initial diff passes the context as void *, as the header for the prototypes are included in the common lib before libspdm_context_t is defined. There's probably a way to work around this though.

There might be more crypto wrappers where this might be useful, trying to start the discussion using this PR.

Opinions?

Cheers,
Patrick

pass spdm context as cookie to libspdm_*_data_sign()
f617115 
Right now there's no state connected to the signing backend.  This means
it needs to be hardcoded which credentials are being used.  Passing the
context allows the backend code to retrieve the app-specific context to
access local credentials.

Signed-off-by: Patrick Wildt <pwildt@google.com>
@mfischer
Copy link

@bluerise have you considered introducing a

struct libspdm_context {
  void *data;
};

This might make future extension of the API easier?

@steven-bellock
Copy link
Contributor

This is #2494. If it is to go into libspdm 3.x then it will need to be behind a disabled-by-default macro so as to not break current builds, and it is needed for (pretty much) all HAL functions.

@bluerise
Copy link
Author

Ah, yep, I agree. I support #2494, closing this PR then!

@bluerise bluerise closed this Feb 27, 2024
@bluerise bluerise deleted the creds branch February 27, 2024 17:31
@bluerise
Copy link
Author

@steven-bellock Ah, I thought you're working on this, looks you mainly created the issue. Should I come up with macros and changes to the other HAL functions?

@steven-bellock
Copy link
Contributor

Yeah go for it.

@bluerise bluerise mentioned this pull request Feb 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bluerise @mfischer @steven-bellock