steven-bellock
commented
1 week ago @rw8896 is this to save on code size?
Open rw8896 opened 2 weeks ago
steven-bellock
commented
1 week ago @rw8896 is this to save on code size?
rw8896
commented
1 week ago Not really. It caused compiler errors as RSA was not enabled in my mbedtls configuration.
After looking into this function further, I think it doesn't allow the caller to specify the pathLen in basic constraints. If that's the case, maybe pathLen should be added as a input to make this API more general?
https://github.com/DMTF/libspdm/blob/b327ead227f14998789bca7d045af17b99dd6d50/os_stub/cryptlib_mbedtls/pk/x509.c#L1993 https://github.com/DMTF/libspdm/blob/b327ead227f14998789bca7d045af17b99dd6d50/os_stub/cryptlib_openssl/pk/x509.c#L2495
The implementation could use LIBSPDM_ENABLE_CAPABILITY_CSR_CAP to wrap the whole function. And it should add crypto options (e.g. LIBSPDM_RSA_SSA_2048_SUPPORT) to wrap around the crypto operation code.