Clarify documentation for alternative AES implementations

The functions mbedtls_aes_decrypt and mbedtls_aes_encrypt have been
superseded by mbedtls_aes_internal_decrypt and
mbedtls_aes_internal_encrypt, respectively. Alternative
implementations should now only replace the latter, and leave the
maintenance wrapper definitions of the former untouched.

This commit clarifies this in the documentation of the respective
configuration options MBEDTLS_AES_DECRYPT_ALT and
MBEDTLS_AES_ENCRYPT_ALT.
This commit is contained in:
Hanno Becker 2017-06-26 12:46:19 +01:00 committed by Simon Butcher
parent 639ce56b6a
commit 6d84ae7e57
2 changed files with 11 additions and 9 deletions

View File

@ -287,9 +287,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
#define MBEDTLS_DEPRECATED #define MBEDTLS_DEPRECATED
#endif #endif
/** /**
* \brief Internal AES block encryption function * \brief Old AES block encryption function without return value.
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_ENCRYPT_ALT)
* *
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0 * \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0
* *
@ -306,9 +304,7 @@ MBEDTLS_DEPRECATED static inline void mbedtls_aes_encrypt(
} }
/** /**
* \brief Internal AES block decryption function * \brief Old AES block decryption function without return value.
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_DECRYPT_ALT)
* *
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0 * \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0
* *

View File

@ -273,9 +273,15 @@
* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
* with this definition. * with this definition.
* *
* Note: if you use the AES_xxx_ALT macros, then is is recommended to also set * \note Because of a signature change, the core AES encryption and decryption routines are
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
* tables. * respectively. When setting up alternative implementations, these functions should
* be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
* have to stay untouched.
*
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
* tables.
* *
* Uncomment a macro to enable alternate implementation of the corresponding * Uncomment a macro to enable alternate implementation of the corresponding
* function. * function.