Hi Ilias, On Wed, 28 Aug 2024 at 05:54, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote:
> Hi Raymond > > On Sat, 17 Aug 2024 at 00:47, Raymond Mao <raymond....@linaro.org> wrote: > > > > Integrate common/hash.c on the hash shim layer so that hash APIs > > from mbedtls can be leveraged by boot/image and efi_loader. > > > > Signed-off-by: Raymond Mao <raymond....@linaro.org> > > --- > > Changes in v2 > > - Use the original head files instead of creating new ones. > > Changes in v3 > > - Add handle checkers for malloc. > > Changes in v4 > > - None. > > Changes in v5 > > - Add __maybe_unused to solve linker errors in some platforms. > > - replace malloc with calloc. > > Changes in v6 > > - None. > > > > common/hash.c | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++ > > 1 file changed, 146 insertions(+) > > > > diff --git a/common/hash.c b/common/hash.c > > index ac63803fed9..d25fc4854c7 100644 > > --- a/common/hash.c > > +++ b/common/hash.c > > @@ -35,6 +35,144 @@ > > #include <u-boot/sha512.h> > > #include <u-boot/md5.h> > > > > +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO) > > + > > +static int __maybe_unused hash_init_sha1(struct hash_algo *algo, void > **ctxp) > > +{ > > + int ret; > > + mbedtls_sha1_context *ctx = calloc(1, sizeof(*ctx)); > > + > > + if (!ctx) > > + return -ENOMEM; > > + > > + mbedtls_sha1_init(ctx); > > + ret = mbedtls_sha1_starts(ctx); > > + if (!ret) { > > + *ctxp = ctx; > > + } else { > > + mbedtls_sha1_free(ctx); > > + free(ctx); > > + } > > + > > + return ret; > > +} > > + > > +static int __maybe_unused hash_update_sha1(struct hash_algo *algo, void > *ctx, > > + const void *buf, unsigned int > size, > > + int is_last) > > +{ > > + return mbedtls_sha1_update((mbedtls_sha1_context *)ctx, buf, > size); > > +} > > + > > +static int __maybe_unused > > +hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, int > size) > > +{ > > + int ret; > > + > > + if (size < algo->digest_size) > > + return -1; > > + > > + ret = mbedtls_sha1_finish((mbedtls_sha1_context *)ctx, dest_buf); > > + if (!ret) { > > patch # calls finish & free regardless of the return result of > mbedtls_xxxx_finish(). > I think this should happen here as well > > Unlike the other one who returns void, this API returns int. Why don't we check the result here and return the error code when it exists? [snip] Regards, Raymond