[coreboot] coreboot V2 with crypto library
Peter Stuge
peter at stuge.se
Wed Jul 29 05:08:16 CEST 2009
René Reuter wrote:
> - Another library with SHA-2 family is hard too find
LibTom has the code, I've used it in mysql-sha256 and it works well.
http://git.stuge.se/?p=mysql-sha256.git
> and I can't use any untrusted or unmaintained code in my thesis,
> but thanks for that.
This is a very surprising statement from an author on the topic of
trust.
What constitutes untrusted for you? Is upstream OpenSSL the only
trusted code? Or is it debian OpenSSL? (I don't care that the problem
was in debian in particular, it is just an example.)
Why is unmaintained code a problem at all? Did you investigate why
LibTom is unmaintained? I think it matters.
http://it.slashdot.org/comments.pl?sid=191594&cid=15743508 is a good
read too. (Yes, same Tom.)
> Hopefully in future, it will be easier to link foreign packages in
> Coreboot.
Don't hold your breath. I do not expect that this will change much
for reasons described by Carl-Daniel, and in particular any change
should not happen in coreboot.
"Foreign packages" are not written with the boot environment in mind,
thus they do not function well there. This is true also for the very
foundation of open source "foreign packages" namely gcc. The reason
is simple; the boot environment is different enough from an operating
system environment to cause a lot of problems in common assumptions
made in software.
I think you could have gotten some good advice in time to make your
demo run had you gotten in touch earlier during your thesis work. :\
//Peter
More information about the coreboot
mailing list