Hi Ilias, On Fri, 6 Sept 2024 at 03:36, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote:
> Hi Raymond, > > On Tue, 3 Sept 2024 at 18:54, Raymond Mao <raymond....@linaro.org> wrote: > > > > Hi Ilias, > > > > On Fri, 30 Aug 2024 at 05:37, Ilias Apalodimas < > ilias.apalodi...@linaro.org> wrote: > >> > >> Hi Simon, > >> > >> On Thu, 29 Aug 2024 at 18:01, Simon Glass <s...@chromium.org> wrote: > >> > > >> > Hi Raymond, > >> > > >> > On Fri, 16 Aug 2024 at 15:47, Raymond Mao <raymond....@linaro.org> > wrote: > >> > > > >> > > Integrate common/hash.c on the hash shim layer so that hash APIs > >> > > from mbedtls can be leveraged by boot/image and efi_loader. > >> > > > >> > > Signed-off-by: Raymond Mao <raymond....@linaro.org> > >> > > --- > >> > > Changes in v2 > >> > > - Use the original head files instead of creating new ones. > >> > > Changes in v3 > >> > > - Add handle checkers for malloc. > >> > > Changes in v4 > >> > > - None. > >> > > Changes in v5 > >> > > - Add __maybe_unused to solve linker errors in some platforms. > >> > > - replace malloc with calloc. > >> > > Changes in v6 > >> > > - None. > >> > > > >> > > common/hash.c | 146 > ++++++++++++++++++++++++++++++++++++++++++++++++++ > >> > > 1 file changed, 146 insertions(+) > >> > > >> > I am not seeing the benefit of replacing U-Boot's hashing algorithms. > >> > They work well and don't change. Also it seems to be making the code a > >> > lot uglier, with an uncertain timeline for clean-up. > >> > >> A lot uglier where? It adds a few wrappers that fit into the current > >> design and callbacks. > >> I don't think what you are asking is possible. To do assymetric > >> crypto, signatures etc -- and in the future add TLS support in wget > >> mbedTLS relies on its internal hashing functions for the cipher suites > >> it supports. So what you are asking would just make the code even > >> larger. Raymond can you please double check? > >> > > Digest is the basic library of MbedTLS, I don't believe we can disable it > > but only use the ones for certificates, unless MbedTLS makes changes > > to allow hooking external digest libraries - as I mentioned in a > previous reply, > > I don't think this is what MbedTLS wants. > > There's a config option on config.h we could use to override shaXXX, > but given that mbedTLS can be used to add more hashing alogorithms, I > dont think we should do that > > If you mean the _ALT macros, they are used for porting HW acceleration. Maybe we can point this to the original U-Boot ones, but I didn't try. Raymond
