libspdm icon indicating copy to clipboard operation
libspdm copied to clipboard
verified publisher icon DMTF

All functions that access the cryptography module need to return libspdm_return_t

Open steven-bellock opened this issue 3 years ago • 2 comments

The cryptography module may be an entirely distinct subsystem within the Requester / Responder. Its availability may not be guaranteed due to it being a shared resource, failure of a self-test, or system security lockdown. Currently most of the functions that access the cryptography module return bool instead of libspdm_return_t. For example https://github.com/DMTF/libspdm/blob/470105492df5b7392a76bba0b73993bb9ed22ec3/library/spdm_common_lib/libspdm_com_crypto_service.c#L806-L809 The caller does not whether the operation failed due to a mismatch in hashes or due to unavailability of the cryptography module.

steven-bellock avatar Mar 21 '22 22:03 steven-bellock

This seems incompatible change. I think we can fix in this 2.0.0. Do we have a list?

jyao1 avatar Mar 22 '22 14:03 jyao1

@steven-bellock to provide a proposal. May also propose an acquire / release pattern for accessing cryptography operations.

steven-bellock avatar Apr 04 '22 14:04 steven-bellock

I no longer care about this issue. Returning bool is fine.

steven-bellock avatar Dec 01 '22 17:12 steven-bellock