cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-03 02:23:32 -04:00
Code Issues Packages Projects Releases Wiki Activity

Remove MBEDTLS_AES_ALT

Browse Source 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2024-06-04 16:37:42 +01:00
parent 3f2d9b6a4d
commit 4137609776
6 changed files with 11 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/mbedtls/mbedtls_config.h
View File

@ -350,32 +350,6 @@
*/ */
//#define MBEDTLS_TIMING_ALT //#define MBEDTLS_TIMING_ALT
/**
* \def MBEDTLS_AES_ALT
*
* MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your
* alternate core implementation of a symmetric crypto, an arithmetic or hash
* module (e.g. platform specific assembly optimized implementations). Keep
* in mind that the function prototypes should remain the same.
*
* This replaces the whole module. If you only want to replace one of the
* functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
*
* Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer
* provide the "struct mbedtls_aes_context" definition and omit the base
* function declarations and implementations. "aes_alt.h" will be included from
* "aes.h" to include the new function definitions.
*
* Uncomment a macro to enable alternate implementation of the corresponding
* module.
*
* \warning MD5, DES and SHA-1 are considered weak and their
* use constitutes a security risk. If possible, we recommend
* avoiding dependencies on them, and considering stronger message
* digests and ciphers instead.
*
*/
//#define MBEDTLS_AES_ALT
//#define MBEDTLS_ARIA_ALT //#define MBEDTLS_ARIA_ALT
//#define MBEDTLS_CAMELLIA_ALT //#define MBEDTLS_CAMELLIA_ALT
//#define MBEDTLS_CCM_ALT //#define MBEDTLS_CCM_ALT

23
tests/include/alt-dummy/aes_alt.h
View File

@ -1,23 +0,0 @@
/* aes_alt.h with dummy types for MBEDTLS_AES_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef AES_ALT_H
#define AES_ALT_H
typedef struct mbedtls_aes_context {
int dummy;
}
mbedtls_aes_context;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
typedef struct mbedtls_aes_xts_context {
int dummy;
} mbedtls_aes_xts_context;
#endif
#endif /* aes_alt.h */

3
tests/include/test/psa_crypto_helpers.h
View File

@ -251,8 +251,7 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string);
* \param key_type Key type * \param key_type Key type
* \param key_bits Key length in number of bits. * \param key_bits Key length in number of bits.
*/ */
#if defined(MBEDTLS_AES_ALT) || \ #if defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#define MBEDTLS_TEST_HAVE_ALT_AES 1 #define MBEDTLS_TEST_HAVE_ALT_AES 1
#else #else

8
tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
View File

@ -53,10 +53,6 @@
extern "C" { extern "C" {
#endif #endif
#if !defined(MBEDTLS_AES_ALT)
// Regular implementation
//
/** /**
* \brief The AES context-type definition. * \brief The AES context-type definition.
*/ */
@ -88,10 +84,6 @@ typedef struct mbedtls_aes_xts_context {
} mbedtls_aes_xts_context; } mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
#else /* MBEDTLS_AES_ALT */
#include "aes_alt.h"
#endif /* MBEDTLS_AES_ALT */
/** /**
* \brief This function initializes the specified AES context. * \brief This function initializes the specified AES context.
* *

24
tf-psa-crypto/drivers/builtin/src/aes.c
View File

@ -50,8 +50,6 @@
#define MBEDTLS_AES_NEED_REVERSE_TABLES #define MBEDTLS_AES_NEED_REVERSE_TABLES
#endif #endif
#if !defined(MBEDTLS_AES_ALT)
#if defined(MBEDTLS_AES_ROM_TABLES) #if defined(MBEDTLS_AES_ROM_TABLES)
/* /*
* Forward S-box * Forward S-box
@ -1436,8 +1434,6 @@ exit:
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !MBEDTLS_AES_ALT */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* AES test vectors from: * AES test vectors from:
@ -1800,9 +1796,6 @@ int mbedtls_aes_self_test(int verbose)
mbedtls_aes_init(&ctx); mbedtls_aes_init(&ctx);
if (verbose != 0) { if (verbose != 0) {
#if defined(MBEDTLS_AES_ALT)
mbedtls_printf(" AES note: alternative implementation.\n");
#else /* MBEDTLS_AES_ALT */
#if defined(MBEDTLS_AESNI_HAVE_CODE) #if defined(MBEDTLS_AESNI_HAVE_CODE)
#if MBEDTLS_AESNI_HAVE_CODE == 1 #if MBEDTLS_AESNI_HAVE_CODE == 1
mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n"); mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n");
@ -1825,7 +1818,6 @@ int mbedtls_aes_self_test(int verbose)
mbedtls_printf(" AES note: built-in implementation.\n"); mbedtls_printf(" AES note: built-in implementation.\n");
#endif #endif
} }
#endif /* MBEDTLS_AES_ALT */
} }
/* /*
@ -1868,8 +1860,8 @@ int mbedtls_aes_self_test(int verbose)
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
* there is an alternative underlying implementation i.e. when * there is an alternative underlying implementation such as a
* MBEDTLS_AES_ALT is defined. * PSA driver.
*/ */
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n"); mbedtls_printf("skipped\n");
@ -1932,8 +1924,8 @@ int mbedtls_aes_self_test(int verbose)
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
* there is an alternative underlying implementation i.e. when * there is an alternative underlying implementation such as a
* MBEDTLS_AES_ALT is defined. * PSA driver.
*/ */
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n"); mbedtls_printf("skipped\n");
@ -1999,8 +1991,8 @@ int mbedtls_aes_self_test(int verbose)
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
* there is an alternative underlying implementation i.e. when * there is an alternative underlying implementation such as a
* MBEDTLS_AES_ALT is defined. * PSA driver.
*/ */
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n"); mbedtls_printf("skipped\n");
@ -2063,8 +2055,8 @@ int mbedtls_aes_self_test(int verbose)
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
* there is an alternative underlying implementation i.e. when * there is an alternative underlying implementation such as a
* MBEDTLS_AES_ALT is defined. * PSA driver.
*/ */
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n"); mbedtls_printf("skipped\n");

4
tf-psa-crypto/drivers/builtin/src/gcm.c
View File

@ -1062,8 +1062,8 @@ int mbedtls_gcm_self_test(int verbose)
key_len); key_len);
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
* there is an alternative underlying implementation i.e. when * there is an alternative underlying implementation such as a
* MBEDTLS_AES_ALT is defined. * PSA driver.
*/ */
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) { if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) {
mbedtls_printf("skipped\n"); mbedtls_printf("skipped\n");