From 5a74e8bf19ae76af6756b143a378d7a07dcfdf40 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 6 May 2015 17:10:55 +0100
Subject: [PATCH] Make struct cipher_base_t opaque

---
 ChangeLog                     |  1 +
 include/mbedtls/cipher.h      | 54 ++--------------------------------
 include/mbedtls/cipher_wrap.h | 55 +++++++++++++++++++++++++++++++++++
 3 files changed, 58 insertions(+), 52 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 053e48000..d81050445 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -65,6 +65,7 @@ New deprecations
 Semi-API changes (technically public, morally private)
    * Changed md_info_t into an opaque structure (use md_get_xxx() accessors).
    * Changed pk_info_t into an opaque structure.
+   * Change cipher_base_t into an opaque structure.
    * Remove sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl.
    * x509_crt.key_usage changed from unsigned char to unsigned int.
    * Remove r and s from ecdsa_context
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 58e40039f..084175d0f 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -175,59 +175,9 @@ enum {
 #define MBEDTLS_MAX_BLOCK_LENGTH   16
 
 /**
- * Base cipher information. The non-mode specific functions and values.
+ * Base cipher information (opaque struct).
  */
-typedef struct {
-
-    /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
-    mbedtls_cipher_id_t cipher;
-
-    /** Encrypt using ECB */
-    int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
-                     const unsigned char *input, unsigned char *output );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    /** Encrypt using CBC */
-    int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    /** Encrypt using CFB (Full length) */
-    int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    /** Encrypt using CTR */
-    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
-                     unsigned char *nonce_counter, unsigned char *stream_block,
-                     const unsigned char *input, unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    /** Encrypt using STREAM */
-    int (*stream_func)( void *ctx, size_t length,
-                        const unsigned char *input, unsigned char *output );
-#endif
-
-    /** Set key for encryption purposes */
-    int (*setkey_enc_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_length );
-
-    /** Set key for decryption purposes */
-    int (*setkey_dec_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_length);
-
-    /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
-
-    /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
-
-} mbedtls_cipher_base_t;
+typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
 
 /**
  * Cipher information. Allows cipher functions to be called in a generic way.
diff --git a/include/mbedtls/cipher_wrap.h b/include/mbedtls/cipher_wrap.h
index c619267e1..8b7fd7fee 100644
--- a/include/mbedtls/cipher_wrap.h
+++ b/include/mbedtls/cipher_wrap.h
@@ -38,6 +38,61 @@
 extern "C" {
 #endif
 
+/**
+ * Base cipher information. The non-mode specific functions and values.
+ */
+struct mbedtls_cipher_base_t
+{
+    /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
+    mbedtls_cipher_id_t cipher;
+
+    /** Encrypt using ECB */
+    int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
+                     const unsigned char *input, unsigned char *output );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /** Encrypt using CBC */
+    int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
+                     unsigned char *iv, const unsigned char *input,
+                     unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    /** Encrypt using CFB (Full length) */
+    int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
+                     unsigned char *iv, const unsigned char *input,
+                     unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /** Encrypt using CTR */
+    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
+                     unsigned char *nonce_counter, unsigned char *stream_block,
+                     const unsigned char *input, unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    /** Encrypt using STREAM */
+    int (*stream_func)( void *ctx, size_t length,
+                        const unsigned char *input, unsigned char *output );
+#endif
+
+    /** Set key for encryption purposes */
+    int (*setkey_enc_func)( void *ctx, const unsigned char *key,
+                            unsigned int key_length );
+
+    /** Set key for decryption purposes */
+    int (*setkey_dec_func)( void *ctx, const unsigned char *key,
+                            unsigned int key_length);
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)( void );
+
+    /** Free the given context */
+    void (*ctx_free_func)( void *ctx );
+
+};
+
 typedef struct
 {
     mbedtls_cipher_type_t type;