On Fri, 15 May 2020 at 04:40, Tzung-Bi Shih tzungbi@google.com wrote:
On Fri, May 15, 2020 at 12:26 AM Benson Leung bleung@google.com wrote:
On Thu, May 14, 2020 at 06:18:47PM +0200, Ard Biesheuvel wrote:
The CrOS EC codec driver uses SHA-256 explicitly, and not in a performance critical manner, so there is really no point in using the dynamic SHASH crypto API here. Let's switch to the library API instead.
Pardon me if I don't understand it precisely. What is the difference between the two APIs? Suppose it should calculate the same SHA256 hash with the same binary blob after switching to library API?
Yes.
Looking at the code, I was wondering if the SHA-256 is really required here? It looks like it is using it as some kind of fingerprint to decide whether the provided file is identical to the one that has already been loaded. If this is the case, we should probably just use CRC32 instead.
No, the binary blob carries data and possibly code. We are not only using the hash as a fingerprint but also an integrity check.
But does it have to be cryptographically strong? Why is CRC32 not sufficient?
Also, do we really need to wipe the context struct? Is there any security sensitive data in there?
No, not necessary as far as I know.
OK