-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix use of AES_ALT on STM32F439 for example-tls-client #5018
Changes from all commits
458b0ec
c1fcae6
cd1a18f
e6fa5f0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
/* | ||
* aes_alt.h AES block cipher | ||
******************************************************************************* | ||
* Copyright (c) 2016, STMicroelectronics | ||
* Copyright (c) 2017, STMicroelectronics | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); you may | ||
|
@@ -30,6 +30,9 @@ | |
#ifdef __cplusplus | ||
extern "C" { | ||
#endif | ||
|
||
#define ST_AES_TIMEOUT ((uint32_t) 0xFF) /* 255 ms timeout for the crypto processor */ | ||
#define ST_ERR_AES_BUSY (-0x0023) /* Crypto processor is busy, timeout occured */ | ||
/** | ||
* \brief AES context structure | ||
* | ||
|
@@ -236,10 +239,12 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, | |
* \param ctx AES context | ||
* \param input Plaintext block | ||
* \param output Output (ciphertext) block | ||
* | ||
* \return 0 if successful | ||
*/ | ||
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, | ||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, | ||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
|
||
/** | ||
* \brief Internal AES block decryption function | ||
|
@@ -249,10 +254,49 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, | |
* \param ctx AES context | ||
* \param input Ciphertext block | ||
* \param output Output (plaintext) block | ||
* | ||
* \return 0 if successful | ||
*/ | ||
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, | ||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, | ||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
|
||
#if !defined(MBEDTLS_DEPRECATED_REMOVED) | ||
#if defined(MBEDTLS_DEPRECATED_WARNING) | ||
#define MBEDTLS_DEPRECATED __attribute__((deprecated)) | ||
#else | ||
#define MBEDTLS_DEPRECATED | ||
#endif | ||
/** | ||
* \brief Deprecated internal AES block encryption function | ||
* without return value. | ||
* | ||
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0 | ||
* | ||
* \param ctx AES context | ||
* \param input Plaintext block | ||
* \param output Output (ciphertext) block | ||
*/ | ||
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, | ||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
|
||
/** | ||
* \brief Deprecated internal AES block decryption function | ||
* without return value. | ||
* | ||
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0 | ||
* | ||
* \param ctx AES context | ||
* \param input Ciphertext block | ||
* \param output Output (plaintext) block | ||
*/ | ||
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. since it's deprecated and you don't call this API, you don't need to declare it There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What if it is called by users ? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think that both @adustm and @RonEld have a point: @RonEld: @adustm: In the unlikely case that I am not sure what the right course of action is in these cases. @yanesca what do you think? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I haven't noticed you implemented these functions. But at least you should surround the implementation of these functions with There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The options of giving deprecated warnings for deprecated functions and for removing them is an mbed TLS feature, and as far as I know mbed OS doesn't have it and even if it does, it is unlikely to be integrated. (@0xc0170 Do you know something about a feature like this in mbed OS?) Therefore I think that we should implement the deprecated functions and enable the applications to call them (even if they were never supposed to do so). Although I think that the current solution is acceptable, @RonEld is right that it would be prettier if the implementations would be surrounded by There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thank you all for these answers. I'll add the #if !defined(MBEDTLS_DEPRECATED_REMOVED) |
||
const unsigned char input[16], | ||
unsigned char output[16] ); | ||
|
||
#undef MBEDTLS_DEPRECATED | ||
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ | ||
|
||
#ifdef __cplusplus | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since it's deprecated and you don't call this API, you don't need to declare it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if it is called by users ?