From 6226a12acc6c64c104d64f40878e99a58574f059 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 21 Jan 2021 13:58:31 +0100 Subject: [PATCH] Documentation update for MBEDTLS_ECP_NO_FALLBACK Signed-off-by: Steven Cooreman --- ChangeLog.d/no_ecp_fallback.txt | 6 +++--- include/mbedtls/config.h | 26 +++++++++++++++----------- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/ChangeLog.d/no_ecp_fallback.txt b/ChangeLog.d/no_ecp_fallback.txt index b3b83ce64..f61d3117d 100644 --- a/ChangeLog.d/no_ecp_fallback.txt +++ b/ChangeLog.d/no_ecp_fallback.txt @@ -1,4 +1,4 @@ Features - * Automatic fallback to a software implementation of ECP when ECP_xxx_ALT - accelerator hooks are in use can now be turned off through setting the new - configuration flag MBEDTLS_ECP_NO_FALLBACK. + * Automatic fallback to a software implementation of ECP when + MBEDTLS_ECP_xxx_ALT accelerator hooks are in use can now be turned off + through setting the new configuration flag MBEDTLS_ECP_NO_FALLBACK. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 41f7da873..f1cb2be7f 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -485,7 +485,7 @@ * alternative. * * The original implementation can in addition be removed by setting the - * MBEDTLS_ECP_NO_FALLBACK, in which case any function for which the + * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be * able to fallback to curves not supported by the alternative implementation. * @@ -502,16 +502,20 @@ * called before and after each point operation and provide an opportunity to * implement optimized set up and tear down instructions. * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used, unless disabled by MBEDTLS_ECP_NO_FALLBACK. The - * other functions and the definition of mbedtls_ecp_group and - * mbedtls_ecp_point will not change, so your implementation of - * mbedtls_internal_ecp_double_jac and mbedtls_internal_ecp_grp_capable must be - * compatible with this definition. + * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and + * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() + * function, but will use your mbedtls_internal_ecp_double_jac() if the group + * for the operation is supported by your implementation (i.e. your + * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the + * group is not supported by your implementation, then the original mbed TLS + * implementation of ecp_double_jac() is used instead, unless this fallback + * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case + * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). + * + * The function prototypes and the definition of mbedtls_ecp_group and + * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your + * implementation of mbedtls_internal_ecp__function_name__ must be compatible + * with their definitions. * * Uncomment a macro to enable alternate implementation of the corresponding * function.