yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-06-24 20:21:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Deprecate mbedtls_cipher_auth_xxcrypt()

Browse source 
This temporarily breaks all.sh '*deprecated*' (deprecated functions still used
in the library), which will be fix in the next commit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-12-01 10:34:57 +01:00
parent f2ffbc4387
commit 513c243317
3 changed files with 49 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
include/mbedtls/cipher.h
View file

@ -857,9 +857,17 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen );
#if defined(MBEDTLS_CIPHER_MODE_AEAD) #if defined(MBEDTLS_CIPHER_MODE_AEAD)
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif /* MBEDTLS_DEPRECATED_WARNING */
/** /**
* \brief The generic authenticated encryption (AEAD) function. * \brief The generic authenticated encryption (AEAD) function.
* *
* \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext().
*
* \note This function only supports AEAD algorithms, not key * \note This function only supports AEAD algorithms, not key
* wrapping algorithms such as NIST_KW; for this, see * wrapping algorithms such as NIST_KW; for this, see
* mbedtls_cipher_auth_encrypt_ext(). * mbedtls_cipher_auth_encrypt_ext().
@ -906,14 +914,17 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len )
MBEDTLS_DEPRECATED;
/** /**
* \brief The generic authenticated decryption (AEAD) function. * \brief The generic authenticated decryption (AEAD) function.
* *
* \deprecated Superseded by mbedtls_cipher_auth_decrypt_ext().
*
* \note This function only supports AEAD algorithms, not key * \note This function only supports AEAD algorithms, not key
* wrapping algorithms such as NIST_KW; for this, see * wrapping algorithms such as NIST_KW; for this, see
* mbedtls_cipher_auth_encrypt_ext(). * mbedtls_cipher_auth_decrypt_ext().
* *
* \note If the data is not authentic, then the output buffer * \note If the data is not authentic, then the output buffer
* is zeroed out to prevent the unauthentic plaintext being * is zeroed out to prevent the unauthentic plaintext being
@ -962,7 +973,10 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len )
MBEDTLS_DEPRECATED;
#undef MBEDTLS_DEPRECATED
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)

2
library/cipher.c
View file

@ -1469,6 +1469,7 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/* /*
* Packet-oriented encryption for AEAD modes: public function. * Packet-oriented encryption for AEAD modes: public function.
*/ */
@ -1536,6 +1537,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
input, ilen, output, olen, input, ilen, output, olen,
tag, tag_len ) ); tag, tag_len ) );
} }
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)

39
tests/suites/test_suite_cipher.function
View file

@ -1022,17 +1022,10 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
int ret; int ret;
int using_nist_kw, using_nist_kw_padding; int using_nist_kw, using_nist_kw_padding;
unsigned char output[300]; /* Temporary buffer for results of
* encryption and decryption. */
unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
* encryption step. */
mbedtls_cipher_context_t ctx; mbedtls_cipher_context_t ctx;
size_t outlen; size_t outlen;
unsigned char *tmp_tag = NULL;
unsigned char *tmp_cipher = NULL;
unsigned char *cipher_plus_tag = NULL; unsigned char *cipher_plus_tag = NULL;
size_t cipher_plus_tag_len; size_t cipher_plus_tag_len;
unsigned char *decrypt_buf = NULL; unsigned char *decrypt_buf = NULL;
@ -1040,8 +1033,19 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
unsigned char *encrypt_buf = NULL; unsigned char *encrypt_buf = NULL;
size_t encrypt_buf_len = 0; size_t encrypt_buf_len = 0;
mbedtls_cipher_init( &ctx ); #if !defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(MBEDTLS_DEPRECATED_REMOVED)
unsigned char output[300]; /* Temporary buffer for results of
* encryption and decryption. */
unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
* encryption step. */
unsigned char *tmp_tag = NULL;
unsigned char *tmp_cipher = NULL;
memset( output, 0xFF, sizeof( output ) ); memset( output, 0xFF, sizeof( output ) );
#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
mbedtls_cipher_init( &ctx );
/* Initialize PSA Crypto */ /* Initialize PSA Crypto */
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -1062,6 +1066,12 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
cipher_id == MBEDTLS_CIPHER_AES_256_KW || cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
using_nist_kw_padding; using_nist_kw_padding;
/****************************************************************
* *
* Part 1: non-deprecated API *
* *
****************************************************************/
/* /*
* Prepare context for decryption * Prepare context for decryption
*/ */
@ -1126,7 +1136,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 ); TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 );
} }
/* Free this, but keep cipher_plus_tag for legacy function with PSA */ /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
mbedtls_free( decrypt_buf ); mbedtls_free( decrypt_buf );
decrypt_buf = NULL; decrypt_buf = NULL;
@ -1187,6 +1197,15 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
encrypt_buf = NULL; encrypt_buf = NULL;
} }
/****************************************************************
* *
* Part 2: deprecated API *
* *
****************************************************************/
#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(MBEDTLS_DEPRECATED_REMOVED)
/* /*
* Prepare context for decryption * Prepare context for decryption
*/ */
@ -1278,6 +1297,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
} }
} }
#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
exit: exit:
mbedtls_cipher_free( &ctx ); mbedtls_cipher_free( &ctx );