[...]
On Tue, 3 Sept 2024 at 18:28, Raymond Mao raymond.mao@linaro.org wrote
+void sha256_starts(sha256_context *ctx) +{
mbedtls_sha256_init(ctx);mbedtls_sha256_starts(ctx, 0);+}
+void +sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length) +{
mbedtls_sha256_update(ctx, input, length);+}
+void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN]) +{
mbedtls_sha256_finish(ctx, digest);mbedtls_sha256_free(ctx);Patch #7 treats this differently and looks at the mbedtls_sha256_finish() result (for all hashing algos). I think this one is correct and the other one needs fixing
The difference is just due to different API prototypes to be ported - one returns void while the other returns int. According to this difference I decided to check the result of mbedtls_sha256_finish() or not.
You have to call free regardless of the result of the finish function though. So patch #7 might leak some contents
/Ilias
[snip]
Regards, Raymond