Integrate Wolf SSL with U-Boot
Description
100% Done
is a dependency for
Ilias Apalodimas
Activity
Ilias Apalodimas May 23, 2023 at 7:41 AM
Ilias Apalodimas
May 23, 2023 at 7:41 AM
WolfSSL business model is to sell a non-GPL version of the code. Although the library is on github under GPL2.0 there’s no clear definition of the contribution license agreement.
It’s possible that they have a special CLA to make sure that they always will
have the ability to control how the end result is licensed.
As a result we’ll drop wolfSSL and look for alternatives with better compatibility.
Won't Do
Details
Details
Assignee
Ilias ApalodimasReporter
Julianus LarsonComponents
Due date
Nov 01, 2023
Priority
UndecidedEpic Name
Integrate Wolf SSL with U-Boot
Checklist
Open Checklist
Checklist
Open Checklist
Sentry
Linked Issues
Sentry
Linked Issues
Created March 27, 2023 at 8:10 AM
Updated May 23, 2023 at 7:41 AM
Resolved May 23, 2023 at 7:41 AM
Description
U-Boot SSL-related code was ported from the Linux kernel implementation a few years ago. That part of the code is critical since it is used in UEFI secure boot amongst other things.
Unfortunately, it has received a minimal amount of patches and updates in the past and no security audits. On top of that we are investigating integrating LWIP code into u-boot which works with wolfSSL out of the box.
Try and replace U-Boot SSL code with wolfSSL, since it’s a healthy project that has security audits, CVEs as well as additional functionality to our current implementation
Limitations
wolfSSL might need UNIX sockets to operate properly which u-boot doesn’t provide
NEed to make sure the Contribution Licence agreement and licenses are compatible with U-Boot
Deliverables
Replace U-Boot SSL code with wolfSSL