From mboxrd@z Thu Jan 1 00:00:00 1970 From: AKASHI Takahiro Date: Thu, 16 May 2019 20:56:40 +0900 Subject: [U-Boot] RSA in U-Boot In-Reply-To: <20190516111359.GQ22232@bill-the-cat> References: <20190318021712.GC9937@linaro.org> <20190425021223.GH7158@linaro.org> <99c1f624-be7f-b6ab-10be-420129670dbf@csgraf.de> <747471f3-4490-bfe7-7369-68846f2b4ea3@redhat.com> <422971965.15677087.1556343097301.JavaMail.zimbra@redhat.com> <4b32b851-181e-5846-c5b0-17cadae06f33@gmx.de> <20190516103902.C27F1245E45@gemini.denx.de> <20190516104554.GA15680@apalos> <20190516111359.GQ22232@bill-the-cat> Message-ID: <20190516115636.GA8052@fireball> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi Tom, On Thu, May 16, 2019 at 07:13:59AM -0400, Tom Rini wrote: > On Thu, May 16, 2019 at 01:45:54PM +0300, Ilias Apalodimas wrote: > > On Thu, May 16, 2019 at 12:39:02PM +0200, Wolfgang Denk wrote: > > Hello Wolfgang, > > > > Thanks for taking the time with this > > > > > > > > There is LibreSSL as well which is a fork of openssl. Guess that too should > > > > be fine. What would be the more preferred solution here. The relevant bits > > > > can be imported from the kernel code into u-boot, or there can be a > > > > solution with linking of ssl/tls library with u-boot. Which would be the > > > > more preferred solution. It'd be great if the maintainers can comment on > > > > this. Thanks. > > > > > > I'd go for the Linux kernel code. A number of issues we have here > > > (cross compiling, code size, license compatibility, long term > > > maintenance efforts) have already been considered there, so why > > > should we duplicate all these efforts? And if we did, is there any > > > clear benefit from doing this? > > Well someone has to port the linux code in U-Boot and maintain it though. > > > > The LibreSSL proposal was made with some of these in mind. > > We don't expect the licence to ever change (which is compatible) > > and it's being maintained. > > I am not sure on the portability status, but i think it runs on all major > > architectures. > > > > I'd imagine this lifts the maintenance burden from U-Boot. On the other > > hand we'll rely on an external library to offer the functionality. > > I don't see how using LibreSSL instead of Linux kernel code would have a > lesser maintenance burden, sorry. If anything, given the number of > parts of the code we have today that come from the Linux kernel, adding > one more to the "keep in sync, or at least port bugfixes" list is less > than "add a new external project to keep an eye on". # I will reply on this topic in more details tomorrow. Can you give me an example of U-Boot code which comes from linux (or other projects) and is regularly synced (or updated) with the origin? Who maintains that? and how? Thanks, -Takahiro Akashi > -- > Tom > _______________________________________________ > U-Boot mailing list > U-Boot at lists.denx.de > https://lists.denx.de/listinfo/u-boot