[PATCH v2 00/28] [RFC] Integrate MbedTLS v3.6 LTS with U-Boot

Raymond Mao raymond.mao at linaro.org
Tue May 7 19:50:42 CEST 2024


Integrate MbedTLS v3.6 LTS (currently v3.6.0-RC1) with U-Boot.

Motivations:
------------
1. MbedTLS is well maintained with LTS versions.
2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
3. MbedTLS recently switched license back to GPLv2.

Prerequisite:
-------------
This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
    $ git subtree add --prefix lib/mbedtls/external/mbedtls \
          https://github.com/Mbed-TLS/mbedtls.git \
          v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
    $ git add --renormalize .
    $ git commit

New Kconfig options:
--------------------
`MBEDTLS_LIB` is for MbedTLS general switch.
`MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
MbedTLS.
`MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
and Pubkey parser with MbedTLS.
`MBEDTLS_LIB_TLS` is for SSL/TLS (Disabled until LWIP port for MbedTLS is
ready)
In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
are by default enabled in qemu_arm64_defconfig for testing purpose.

Patches for external MbedTLS project:
-------------------------------------
Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
executables which is not supported by MbedTLS at the moment,
addtional patches for MbedTLS are created to adapt with the EFI loader: 
1. Decoding of Microsoft Authentication Code.
2. Decoding of PKCS#9 Authenticate Attributes.
3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
4. MbedTLS native test suites for PKCS#7 signer's info.
All above 4 patches (tagged with `mbedtls/external`) are submitted to
MbedTLS project and being reviewed, eventually they should be part of
MbedTLS release.
See below PR for the reference:
https://github.com/Mbed-TLS/mbedtls/pull/9001

Miscellaneous:
--------------
Minor fixes for arm EFI linker script for testing EFI secure boot.

Optimized MbedTLS library size by tailoring the config file.
After disabling all unnecessary features for EFI loader, enabling MbedTLS
increases U-Boot size by 6.03% (V1).
For V2, this figure drops to about 4.66% by completely replacing
original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, sha512)
with MbedTLS when related Kconfig options are enabled.
Please see the output of bloat-o-meter for the reference of the size-growth
on QEMU arm64 target [1].

Tests done:
-----------
EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
verifying and booting) via U-Boot console.
EFI Secure Boot and Capsule sandbox test passed.

Known issues:
-------------
None.

[1]: bloat-o-meter output between disabling/enabling MbedTLS (QEMU arm64)
```
add/remove: 212/81 grow/shrink: 20/17 up/down: 56376/-17495 (38881)
Function                                     old     new   delta
mbedtls_internal_sha1_process                  -    4540   +4540
mbedtls_x509_crt_parse_der_internal            -    3072   +3072
mbedtls_internal_md5_process                   -    2928   +2928
mbedtls_internal_sha256_process                -    2052   +2052
mbedtls_pkcs7_parse_der                        -    1608   +1608
mbedtls_rsa_private                            -    1468   +1468
pkcs7_parse_message                          372    1648   +1276
mbedtls_mpi_div_mpi                            -    1168   +1168
mbedtls_internal_sha512_process                -    1056   +1056
mbedtls_mpi_inv_mod                            -    1000   +1000
mbedtls_x509_dn_gets                           -     996    +996
x509_populate_cert                             -     948    +948
K                                              -     896    +896
oid_x520_attr_type                             -     840    +840
__udivti3                                      -     832    +832
mbedtls_x509_parse_subject_alt_name            -     724    +724
mbedtls_rsa_deduce_primes                      -     720    +720
mbedtls_mpi_exp_mod                            -     668    +668
mbedtls_rsa_rsaes_pkcs1_v15_decrypt            -     652    +652
pkcs7_get_signer_info                          -     632    +632
mbedtls_rsa_complete                           -     624    +624
mbedtls_rsa_validate_params                    -     608    +608
mbedtls_mpi_core_exp_mod                       -     560    +560
mbedtls_sha512_finish                          -     556    +556
mscode_parse                                  28     580    +552
mbedtls_x509_get_time                          -     552    +552
mbedtls_x509_get_name                          -     516    +516
mbedtls_sha256_finish                          -     484    +484
mbedtls_rsa_validate_crt                       -     464    +464
mbedtls_mpi_core_mla                           -     460    +460
rsa_rsassa_pkcs1_v15_encode                    -     420    +420
mbedtls_sha1_finish                            -     420    +420
mbedtls_mpi_gcd                                -     400    +400
oid_x509_ext                                   -     360    +360
rsa_parse_pub_key                             24     372    +348
mbedtls_x509_get_subject_alt_name_ext          -     348    +348
mbedtls_sha512_starts                          -     340    +340
mbedtls_mpi_mul_mpi                            -     340    +340
mbedtls_rsa_rsassa_pkcs1_v15_sign              -     336    +336
mbedtls_oid_get_numeric_string                 -     336    +336
mbedtls_md5_finish                             -     336    +336
mbedtls_pk_parse_subpubkey                     -     328    +328
oid_sig_alg                                    -     320    +320
mbedtls_rsa_deduce_private_exponent            -     312    +312
rsa_check_context.isra                         -     300    +300
mbedtls_rsa_rsaes_pkcs1_v15_encrypt            -     288    +288
mbedtls_rsa_parse_pubkey                       -     284    +284
mbedtls_mpi_sub_abs                            -     284    +284
mbedtls_mpi_core_montmul                       -     276    +276
mbedtls_rsa_rsassa_pkcs1_v15_verify            -     268    +268
mbedtls_asn1_traverse_sequence_of              -     268    +268
mbedtls_sha512_update                          -     264    +264
hash_command                                 472     732    +260
mbedtls_asn1_get_alg                           -     256    +256
mbedtls_sha256_update                          -     252    +252
mbedtls_mpi_add_abs                            -     248    +248
oid_md_alg                                     -     240    +240
mbedtls_sha1_update                            -     236    +236
mbedtls_rsa_deduce_crt                         -     236    +236
mbedtls_md5_update                             -     236    +236
mbedtls_rsa_import_raw                         -     232    +232
mbedtls_ct_memcpy_if                           -     228    +228
mbedtls_mpi_copy                               -     220    +220
mbedtls_mpi_cmp_mpi                            -     212    +212
mbedtls_mpi_shrink                             -     208    +208
mbedtls_ct_memmove_left                        -     208    +208
mbedtls_rsa_public                             -     204    +204
rsa_sign_wrap                                  -     196    +196
mbedtls_pk_parse_public_key                    -     196    +196
asn1_get_tagged_int                            -     196    +196
mbedtls_mpi_mul_int                            -     184    +184
mbedtls_mpi_core_write_be                      -     184    +184
mbedtls_pk_verify_restartable                  -     180    +180
mbedtls_mpi_mod_mpi                            -     180    +180
mbedtls_asn1_get_len                           -     180    +180
pk_get_pk_alg.isra                             -     176    +176
mbedtls_mpi_core_fill_random                   -     176    +176
x509_populate_pubkey                           -     164    +164
rsa_verify_wrap                                -     164    +164
mbedtls_x509_crt_free                          -     164    +164
mbedtls_mpi_core_shift_r                       -     164    +164
oid_pk_alg                                     -     160    +160
mbedtls_ct_zeroize_if                          -     156    +156
rsa_encrypt_wrap                               -     152    +152
rsa_decrypt_wrap                               -     152    +152
mbedtls_mpi_cmp_abs                            -     152    +152
add_sub_mpi                                    -     152    +152
mbedtls_sha512                                 -     148    +148
mbedtls_rsa_check_privkey                      -     148    +148
mbedtls_mpi_core_shift_l                       -     148    +148
mbedtls_x509_get_ext                           -     144    +144
mbedtls_mpi_grow                               -     144    +144
mbedtls_mpi_core_read_be                       -     144    +144
mbedtls_x509_get_serial                        -     140    +140
mbedtls_asn1_write_len                         -     140    +140
pkcs7_get_one_cert                             -     136    +136
mbedtls_x509_crl_free                          -     136    +136
mbedtls_rsa_free                               -     136    +136
mbedtls_rsa_check_pubkey                       -     136    +136
mbedtls_x509_get_key_usage                     -     128    +128
mbedtls_asn1_get_bitstring                     -     128    +128
do_sha1sum                                     -     128    +128
do_md5sum                                      -     128    +128
mbedtls_sha256_starts                          -     124    +124
mbedtls_mpi_core_mul                           -     124    +124
mbedtls_asn1_get_alg_null                      -     124    +124
hash_parse_string                              -     124    +124
mbedtls_x509_get_sig                           -     120    +120
mbedtls_pkcs7_free                             -     120    +120
mbedtls_oid_get_x509_ext_type                  -     120    +120
mbedtls_oid_get_pk_alg                         -     120    +120
mbedtls_oid_get_md_alg                         -     120    +120
mbedtls_oid_get_attr_short_name                -     120    +120
mbedtls_x509_get_subject_alt_name              -     116    +116
asn1_get_sequence_of_cb                        -     116    +116
mbedtls_x509_get_sig_alg                       -     112    +112
hash_show                                      -     112    +112
mbedtls_x509_get_ns_cert_type                  -     108    +108
mbedtls_mpi_resize_clear                       -     108    +108
mbedtls_mpi_lset                               -     108    +108
mbedtls_mpi_fill_random                        -     108    +108
mbedtls_asn1_get_sequence_of                   -     108    +108
mbedtls_mpi_core_get_mont_r2_unsafe            -     104    +104
oid_sig_alg_from_asn1                          -     100    +100
mbedtls_mpi_shift_l                            -     100    +100
public_key_verify_signature                  312     408     +96
mbedtls_rsa_info                               -      96     +96
mbedtls_pk_setup                               -      96     +96
mbedtls_mpi_read_binary                        -      96     +96
mbedtls_rsa_check_pub_priv                     -      92     +92
mbedtls_mpi_lsb                                -      92     +92
mbedtls_asn1_get_bool                          -      92     +92
mbedtls_mpi_core_bigendian_to_host             -      84     +84
mbedtls_mpi_core_bitlen                        -      76     +76
mbedtls_asn1_get_bitstring_null                -      76     +76
x509_free_mbedtls_ctx.part                     -      72     +72
mbedtls_sha1_starts                            -      72     +72
mbedtls_mpi_core_cond_assign                   -      72     +72
CSWTCH                                      1266    1338     +72
x509_populate_dn_name_string                   -      68     +68
mbedtls_pk_free                                -      68     +68
mbedtls_oid_get_sig_alg                        -      68     +68
mbedtls_mpi_free                               -      68     +68
mbedtls_mpi_core_sub                           -      68     +68
mbedtls_mpi_core_check_zero_ct                 -      68     +68
pkcs7_free_signer_info                         -      64     +64
pkcs7_free_message                           124     188     +64
mbedtls_oid_get_oid_by_md                      -      64     +64
rsa_debug                                      -      60     +60
mbedtls_mpi_sub_int                            -      60     +60
mbedtls_mpi_core_add                           -      60     +60
mbedtls_mpi_cmp_int                            -      60     +60
mbedtls_mpi_add_int                            -      60     +60
mbedtls_md5_starts                             -      60     +60
hash_init_sha512                              52     112     +60
hash_init_sha256                              52     112     +60
mbedtls_platform_zeroize                       -      56     +56
mbedtls_asn1_get_tag                           -      56     +56
_u_boot_list_2_cmd_2_sha1sum                   -      56     +56
_u_boot_list_2_cmd_2_md5sum                    -      56     +56
rsa_alloc_wrap                                 -      52     +52
mbedtls_mpi_shift_r                            -      52     +52
mbedtls_mpi_core_montmul_init                  -      52     +52
mbedtls_mpi_core_from_mont_rep                 -      52     +52
mbedtls_mpi_core_clz                           -      52     +52
mbedtls_ct_memcmp                              -      52     +52
mbedtls_mpi_core_sub_int                       -      48     +48
mbedtls_asn1_write_tag                         -      48     +48
mbedtls_asn1_sequence_free                     -      48     +48
mbedtls_asn1_free_named_data_list_shallow       -      48     +48
mbedtls_rsa_init                               -      44     +44
mbedtls_mpi_get_bit                            -      44     +44
hash_init_sha1                                52      96     +44
x509_parse2_int                                -      40     +40
mbedtls_zeroize_and_free                       -      40     +40
mbedtls_rsa_pkcs1_verify                       -      40     +40
mbedtls_rsa_pkcs1_sign                         -      40     +40
mbedtls_mpi_core_exp_mod_working_limbs         -      40     +40
rsa_free_wrap                                  -      36     +36
mbedtls_md_info_from_type                      -      36     +36
mbedtls_x509_get_alg                           -      32     +32
mbedtls_pk_get_type                            -      28     +28
mbedtls_mpi_size                               -      28     +28
mbedtls_mpi_core_to_mont_rep                   -      28     +28
x509_get_timestamp                             -      24     +24
mbedtls_x509_free_subject_alt_name             -      24     +24
mbedtls_rsa_pkcs1_encrypt                      -      20     +20
mbedtls_rsa_pkcs1_decrypt                      -      20     +20
mbedtls_pk_info_from_type                      -      20     +20
mbedtls_mpi_write_binary                       -      20     +20
mbedtls_md_get_size                            -      20     +20
rsa_can_do                                     -      16     +16
mbedtls_x509_crt_parse_der                     -      16     +16
mbedtls_sha512_free                            -      16     +16
mbedtls_sha256_free                            -      16     +16
mbedtls_sha1_free                              -      16     +16
mbedtls_mpi_init                               -      16     +16
mbedtls_md5_free                               -      16     +16
hash_finish_sha512                            72      88     +16
hash_finish_sha256                            72      88     +16
hash_finish_sha1                              72      88     +16
x509_free_certificate                         88     100     +12
sha512_csum_wd                                68      80     +12
sha256_csum_wd                                68      80     +12
sha1_csum_wd                                  68      80     +12
rsa_check_pair_wrap                            -      12     +12
md5_wd                                        68      80     +12
mbedtls_x509_crt_init                          -      12     +12
mbedtls_sha512_init                            -      12     +12
mbedtls_sha256_init                            -      12     +12
mbedtls_sha1_init                              -      12     +12
mbedtls_pkcs7_init                             -      12     +12
mbedtls_mpi_bitlen                             -      12     +12
mbedtls_md5_init                               -      12     +12
mbedtls_asn1_get_int                           -      12     +12
rsa_get_bitlen                                 -       8      +8
mpi_bigendian_to_host                          -       8      +8
memset_func                                    -       8      +8
mbedtls_sha512_info                            -       8      +8
mbedtls_sha384_info                            -       8      +8
mbedtls_sha256_info                            -       8      +8
mbedtls_sha1_info                              -       8      +8
mbedtls_rsa_get_len                            -       8      +8
mbedtls_rsa_get_bitlen                         -       8      +8
mbedtls_pk_verify                              -       8      +8
mbedtls_pk_init                                -       8      +8
mbedtls_mpi_sub_mpi                            -       8      +8
mbedtls_mpi_add_mpi                            -       8      +8
mbedtls_md5_info                               -       8      +8
mbedtls_ct_zero                                -       8      +8
sha512_update                                  4       8      +4
sha384_update                                  4       8      +4
sha256_update                                 12       8      -4
sha1_update                                   12       8      -4
rsapubkey_machine                             10       -     -10
x509_note_not_before                          12       -     -12
x509_note_not_after                           12       -     -12
month_lengths                                 12       -     -12
x509_akid_note_name                           16       -     -16
sha256_process                                16       -     -16
sha1_process                                  16       -     -16
rsapubkey_action_table                        16       -     -16
pkcs7_sig_note_skid                           16       -     -16
pkcs7_sig_note_serial                         16       -     -16
pkcs7_sig_note_issuer                         16       -     -16
pkcs7_check_content_type                      20       -     -20
hash_update_sha512                            36      16     -20
hash_update_sha256                            36      16     -20
hash_update_sha1                              36      16     -20
MD5Init                                       56      36     -20
x509_note_serial                              24       -     -24
x509_decoder                                  24       -     -24
x509_akid_decoder                             24       -     -24
sha1_starts                                   60      36     -24
rsapubkey_decoder                             24       -     -24
pkcs7_decoder                                 24       -     -24
mscode_machine                                24       -     -24
mscode_decoder                                24       -     -24
mscode_action_table                           24       -     -24
x509_note_subject                             28       -     -28
x509_note_issuer                              28       -     -28
x509_note_tbs_certificate                     32       -     -32
pkcs7_note_data                               32       -     -32
rsa_get_n                                     36       -     -36
hash_update_sha384                            36       -     -36
x509_note_params                              40       -     -40
x509_akid_action_table                        40       -     -40
pkcs7_note_content                            40       -     -40
asn1_op_lengths                               41       -     -41
rsa_get_e                                     48       -     -48
pkcs7_note_signeddata_version                 48       -     -48
pkcs7_note_certificate_list                   48       -     -48
hash_init_sha384                              52       -     -52
sha384_csum_wd                                68      12     -56
sha256_starts                                104      40     -64
sha256_padding                                64       -     -64
sha1_padding                                  64       -     -64
mscode_note_digest                            72       -     -72
hash_finish_sha384                            72       -     -72
pkcs7_sig_note_set_of_authattrs               84       -     -84
x509_note_OID                                 92       -     -92
x509_akid_note_serial                         92       -     -92
x509_akid_note_kid                            92       -     -92
pkcs7_sig_note_pkey_algo                      92       -     -92
x509_akid_machine                             93       -     -93
x509_extract_name_segment                     96       -     -96
pkcs7_note_signerinfo_version                 96       -     -96
pkcs7_sig_note_signature                     100       -    -100
x509_action_table                            104       -    -104
x509_machine                                 113       -    -113
x509_extract_key_data                        116       -    -116
sha512_finish                                152      36    -116
pkcs7_note_OID                               116       -    -116
pkcs7_extract_cert                           116       -    -116
sha512_starts                                168      40    -128
sha384_starts                                168      40    -128
mscode_note_content_type                     132       -    -132
pkcs7_action_table                           136       -    -136
sha384_finish                                152       4    -148
oid_index                                    150       -    -150
MD5Final                                     196      44    -152
sha512_base_do_finalize                      160       -    -160
x509_process_extension                       168       -    -168
x509_note_signature                          172       -    -172
pkcs7_note_signed_info                       216       -    -216
sha256_update.part                           228       -    -228
pkcs7_machine                                239       -    -239
sha1_update.part                             240       -    -240
sha512_base_do_update                        244       -    -244
pkcs7_sig_note_digest_algo                   244       -    -244
look_up_OID                                  244       -    -244
sprint_oid                                   260       -    -260
MD5Update                                    260       -    -260
sha1_finish                                  300      36    -264
mscode_note_digest_algo                      280       -    -280
oid_search_table                             296       -    -296
x509_cert_parse                              408     108    -300
x509_get_sig_params                          304       -    -304
pkcs7_sig_note_authenticated_attr            316       -    -316
x509_note_pkey_algo                          336       -    -336
sha256_finish                                404      36    -368
sha256_armv8_ce_process                      428       -    -428
x509_fabricate_name.isra                     460       -    -460
sha1_armv8_ce_process                        484       -    -484
oid_data                                     513       -    -513
sha512_K                                     640       -    -640
x509_decode_time                             672       -    -672
sha512_block_fn                             1212       -   -1212
asn1_ber_decoder                            1480       -   -1480
MD5Transform                                2552       -   -2552
Total: Before=835065, After=873946, chg +4.66%
```

Raymond Mao (28):
  CI: Exclude MbedTLS subtree for CONFIG checks
  mbedtls: Add script to update MbedTLS subtree
  mbedtls: add mbedtls into the build system
  arm: EFI linker script text section alignment
  image: remove redundant hash includes
  efi_loader: remove redundant hash includes
  lib: Adapt digest header files to MbedTLS
  md5: Adapt to the changes of md5 header
  mbedtls: add digest shim layer for MbedTLS
  hash: integrate hash on mbedtls
  makefile: add mbedtls include directories
  mbedtls/external: support MicroSoft Authentication Code
  mbedtls/external: support PKCS9 Authenticate Attributes
  mbedtls/external: support decoding multiple signer's cert
  mbedtls/external: update MbedTLS PKCS7 test suites
  mbedtls: add public key porting layer
  lib/crypto: Adapt public_key header with MbedTLS
  mbedtls: add X509 cert parser porting layer
  lib/crypto: Adapt x509_cert_parser to MbedTLS
  mbedtls: add PKCS7 parser porting layer
  lib/crypto: Adapt PKCS7 parser to MbedTLS
  mbedtls: add MSCode parser porting layer
  lib/crypto: Adapt mscode_parser to MbedTLS
  mbedtls: add RSA helper layer on MbedTLS
  lib/rypto: Adapt rsa_helper to MbedTLS
  asn1_decoder: remove ASN1 decoder when using MbedTLS
  test: Remove ASN1 library test
  configs: enable MbedTLS as default setting

 .azure-pipelines.yml                          |    3 +-
 .gitlab-ci.yml                                |    3 +-
 Makefile                                      |   13 +
 arch/arm/lib/elf_aarch64_efi.lds              |    1 +
 boot/image-fit.c                              |    4 -
 boot/image.c                                  |    2 -
 common/hash.c                                 |  134 +
 configs/qemu_arm64_defconfig                  |    5 +
 configs/sandbox_defconfig                     |    4 +
 drivers/crypto/hash/hash_sw.c                 |    8 +-
 include/crypto/mscode.h                       |    4 +
 include/crypto/pkcs7_parser.h                 |   56 +
 include/crypto/public_key.h                   |    6 +
 include/crypto/x509_parser.h                  |   36 +
 include/stdio.h                               |    1 +
 include/stdlib.h                              |    1 +
 include/u-boot/md5.h                          |   17 +-
 include/u-boot/sha1.h                         |   21 +-
 include/u-boot/sha256.h                       |   20 +
 include/u-boot/sha512.h                       |   22 +-
 lib/Kconfig                                   |    4 +
 lib/Makefile                                  |   10 +-
 lib/crypto/Makefile                           |   12 +-
 lib/crypto/asymmetric_type.c                  |    2 +-
 lib/crypto/x509_public_key.c                  |    4 +
 lib/efi_loader/efi_signature.c                |    1 -
 lib/efi_loader/efi_tcg2.c                     |    3 -
 lib/mbedtls/Kconfig                           |   25 +
 lib/mbedtls/Makefile                          |  132 +
 .../external/mbedtls/include/mbedtls/oid.h    |   35 +
 .../external/mbedtls/include/mbedtls/pkcs7.h  |   21 +
 lib/mbedtls/external/mbedtls/library/pkcs7.c  |  154 +-
 .../tests/suites/test_suite_pkcs7.data        |    4 +-
 lib/mbedtls/mbedtls_def_config.h              | 4262 +++++++++++++++++
 lib/mbedtls/md5.c                             |   68 +
 lib/mbedtls/mscode_parser.c                   |  111 +
 lib/mbedtls/pkcs7_parser.c                    |  533 +++
 lib/mbedtls/port/assert.h                     |   12 +
 lib/mbedtls/port/limits.h                     |   33 +
 lib/mbedtls/public_key.c                      |  105 +
 lib/mbedtls/rsa_helper.c                      |   99 +
 lib/mbedtls/sha1.c                            |  111 +
 lib/mbedtls/sha256.c                          |   65 +
 lib/mbedtls/sha512.c                          |   96 +
 lib/mbedtls/update-mbedtls-subtree.sh         |   50 +
 lib/mbedtls/x509_cert_parser.c                |  497 ++
 lib/md5.c                                     |   10 +-
 test/Kconfig                                  |    2 +-
 48 files changed, 6747 insertions(+), 75 deletions(-)
 create mode 100644 lib/mbedtls/Kconfig
 create mode 100644 lib/mbedtls/Makefile
 create mode 100644 lib/mbedtls/mbedtls_def_config.h
 create mode 100644 lib/mbedtls/md5.c
 create mode 100644 lib/mbedtls/mscode_parser.c
 create mode 100644 lib/mbedtls/pkcs7_parser.c
 create mode 100644 lib/mbedtls/port/assert.h
 create mode 100644 lib/mbedtls/port/limits.h
 create mode 100644 lib/mbedtls/public_key.c
 create mode 100644 lib/mbedtls/rsa_helper.c
 create mode 100644 lib/mbedtls/sha1.c
 create mode 100644 lib/mbedtls/sha256.c
 create mode 100644 lib/mbedtls/sha512.c
 create mode 100755 lib/mbedtls/update-mbedtls-subtree.sh
 create mode 100644 lib/mbedtls/x509_cert_parser.c

-- 
2.25.1



More information about the U-Boot mailing list