[PATCH v6 07/28] hash: integrate hash on mbedtls
Raymond Mao
raymond.mao at linaro.org
Tue Sep 3 17:45:10 CEST 2024
Hi Simon,
On Thu, 29 Aug 2024 at 11:01, Simon Glass <sjg at chromium.org> wrote:
> Hi Raymond,
>
> On Fri, 16 Aug 2024 at 15:47, Raymond Mao <raymond.mao at linaro.org> wrote:
> >
> > Integrate common/hash.c on the hash shim layer so that hash APIs
> > from mbedtls can be leveraged by boot/image and efi_loader.
> >
> > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> > ---
> > Changes in v2
> > - Use the original head files instead of creating new ones.
> > Changes in v3
> > - Add handle checkers for malloc.
> > Changes in v4
> > - None.
> > Changes in v5
> > - Add __maybe_unused to solve linker errors in some platforms.
> > - replace malloc with calloc.
> > Changes in v6
> > - None.
> >
> > common/hash.c | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 146 insertions(+)
>
> I am not seeing the benefit of replacing U-Boot's hashing algorithms.
> They work well and don't change. Also it seems to be making the code a
> lot uglier, with an uncertain timeline for clean-up.
>
> The truth is that other MbedTLS modules e.g. x509, pkcs7 all depend on its
own digest library and there is no option for MbedTLS to depend on an
external
digest library.
Unless a refactoring in MbedTLS itself - I believe this is difficult for
the MbedTLS
project to adopt as it is aimed to be an all-in-one crypto solution.
Regards,
Raymond
More information about the U-Boot
mailing list