Hi Ilias, On Fri, 30 Aug 2024 at 05:37, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote:
> Hi Simon, > > On Thu, 29 Aug 2024 at 18:01, Simon Glass <s...@chromium.org> wrote: > > > > Hi Raymond, > > > > On Fri, 16 Aug 2024 at 15:47, Raymond Mao <raymond....@linaro.org> > wrote: > > > > > > Integrate common/hash.c on the hash shim layer so that hash APIs > > > from mbedtls can be leveraged by boot/image and efi_loader. > > > > > > Signed-off-by: Raymond Mao <raymond....@linaro.org> > > > --- > > > Changes in v2 > > > - Use the original head files instead of creating new ones. > > > Changes in v3 > > > - Add handle checkers for malloc. > > > Changes in v4 > > > - None. > > > Changes in v5 > > > - Add __maybe_unused to solve linker errors in some platforms. > > > - replace malloc with calloc. > > > Changes in v6 > > > - None. > > > > > > common/hash.c | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++ > > > 1 file changed, 146 insertions(+) > > > > I am not seeing the benefit of replacing U-Boot's hashing algorithms. > > They work well and don't change. Also it seems to be making the code a > > lot uglier, with an uncertain timeline for clean-up. > > A lot uglier where? It adds a few wrappers that fit into the current > design and callbacks. > I don't think what you are asking is possible. To do assymetric > crypto, signatures etc -- and in the future add TLS support in wget > mbedTLS relies on its internal hashing functions for the cipher suites > it supports. So what you are asking would just make the code even > larger. Raymond can you please double check? > > Digest is the basic library of MbedTLS, I don't believe we can disable it but only use the ones for certificates, unless MbedTLS makes changes to allow hooking external digest libraries - as I mentioned in a previous reply, I don't think this is what MbedTLS wants. Regards, Raymond
