yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use consistent guards for deprecated feature

Browse source 
Fixes an "unused static function" warning in builds with
DEPRECATED_REMOVED.

While at it, remove an include that's now useless.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-06-21 10:37:30 +02:00
parent 57fa72fdf8
commit 5c731b0afb
2 changed files with 34 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
include/mbedtls/cipher.h
View file

@ -366,7 +366,7 @@ typedef struct mbedtls_cipher_context_t {
mbedtls_cmac_context_t *MBEDTLS_PRIVATE(cmac_ctx);
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
/** Indicates whether the cipher operations should be performed
* by Mbed TLS' own crypto library or an external implementation
* of the PSA Crypto API.
@ -375,7 +375,7 @@ typedef struct mbedtls_cipher_context_t {
* mbedtls_cipher_setup_psa().
*/
unsigned char MBEDTLS_PRIVATE(psa_enabled);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
} mbedtls_cipher_context_t;

67
library/cipher.c
View file

@ -54,10 +54,9 @@
#include "mbedtls/cmac.h"
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
#include "psa/crypto.h"
#include "psa_util_internal.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_NIST_KW_C)
#include "mbedtls/nist_kw.h"
@ -221,7 +220,7 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
return;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
if (ctx->cipher_ctx != NULL) {
mbedtls_cipher_context_psa * const cipher_psa =
@ -239,7 +238,7 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t));
return;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_CMAC_C)
if (ctx->cmac_ctx) {
@ -285,8 +284,7 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
return 0;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info,
size_t taglen)
@ -320,8 +318,7 @@ int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
ctx->psa_enabled = 1;
return 0;
}
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
const unsigned char *key,
@ -335,7 +332,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
mbedtls_cipher_context_psa * const cipher_psa =
(mbedtls_cipher_context_psa *) ctx->cipher_ctx;
@ -391,7 +388,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
ctx->operation = operation;
return 0;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
(int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) {
@ -429,14 +426,14 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
if (ctx->cipher_info == NULL) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
/* avoid buffer overflow in ctx->iv */
if (iv_len > MBEDTLS_MAX_IV_LENGTH) {
@ -525,13 +522,13 @@ int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* We don't support resetting PSA-based
* cipher contexts, yet. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
ctx->unprocessed_len = 0;
@ -546,14 +543,14 @@ int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_GCM_C)
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
@ -597,14 +594,14 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
*olen = 0;
block_size = mbedtls_cipher_get_block_size(ctx);
@ -1021,14 +1018,14 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
*olen = 0;
@ -1120,7 +1117,7 @@ int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto knows about CBC padding
* schemes, we currently don't make them
@ -1131,7 +1128,7 @@ int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
return 0;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
switch (mode) {
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
@ -1183,14 +1180,14 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_GCM_C)
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
@ -1232,14 +1229,14 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* While PSA Crypto has an API for multipart
* operations, we currently don't make it
* accessible through the cipher layer. */
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
/* Status to return on a non-authenticated algorithm. */
ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
@ -1307,7 +1304,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t finish_olen;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* As in the non-PSA case, we don't check that
* a key has been set. If not, the key slot will
@ -1365,7 +1362,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
*olen += part_len;
return 0;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
if ((ret = mbedtls_cipher_set_iv(ctx, iv, iv_len)) != 0) {
return ret;
@ -1402,7 +1399,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* As in the non-PSA case, we don't check that
* a key has been set. If not, the key slot will
@ -1433,7 +1430,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
*olen -= tag_len;
return 0;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_GCM_C)
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
@ -1479,7 +1476,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
/* As in the non-PSA case, we don't check that
* a key has been set. If not, the key slot will
@ -1511,7 +1508,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
return 0;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_GCM_C)
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
@ -1584,7 +1581,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
{
#if defined(MBEDTLS_NIST_KW_C)
if (
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
ctx->psa_enabled == 0 &&
#endif
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
@ -1635,7 +1632,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
{
#if defined(MBEDTLS_NIST_KW_C)
if (
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
ctx->psa_enabled == 0 &&
#endif
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||