[coreboot] coreboot V2 with crypto library
reuter.rene at googlemail.com
Wed Jul 29 08:08:50 CEST 2009
Thanks again for that advise.
With the help of Carl it's running now and getting a demo running when you
just saw the code for 4 weeks, isn't that easy, but yeah all my fault,
2009/7/29 Peter Stuge <peter at stuge.se>
> René Reuter wrote:
> > - Another library with SHA-2 family is hard too find
> LibTom has the code, I've used it in mysql-sha256 and it works well.
> > and I can't use any untrusted or unmaintained code in my thesis,
> > but thanks for that.
> This is a very surprising statement from an author on the topic of
> What constitutes untrusted for you? Is upstream OpenSSL the only
> trusted code? Or is it debian OpenSSL? (I don't care that the problem
> was in debian in particular, it is just an example.)
> Why is unmaintained code a problem at all? Did you investigate why
> LibTom is unmaintained? I think it matters.
> http://it.slashdot.org/comments.pl?sid=191594&cid=15743508 is a good
> read too. (Yes, same Tom.)
> > Hopefully in future, it will be easier to link foreign packages in
> > Coreboot.
> Don't hold your breath. I do not expect that this will change much
> for reasons described by Carl-Daniel, and in particular any change
> should not happen in coreboot.
> "Foreign packages" are not written with the boot environment in mind,
> thus they do not function well there. This is true also for the very
> foundation of open source "foreign packages" namely gcc. The reason
> is simple; the boot environment is different enough from an operating
> system environment to cause a lot of problems in common assumptions
> made in software.
> I think you could have gotten some good advice in time to make your
> demo run had you gotten in touch earlier during your thesis work. :\
> coreboot mailing list: coreboot at coreboot.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the coreboot