Move subsection

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2021-06-30 18:57:37 +01:00
parent 8128b69ffe
commit b4d15b1556

View file

@ -317,6 +317,45 @@ The functions `mbedtls_ecdsa_write_signature_det()` and
`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` `mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()`
respectively. respectively.
### Rename `mbedtls_*_ret()` cryptography functions whose deprecated variants have been removed
This change affects users who were using the `mbedtls_*_ret()` cryptography
functions.
Those functions were created based on now-deprecated functions according to a
requirement that a function needs to return a value. This change brings back the
original names of those functions. The renamed functions are:
| name before this change | after the change |
|--------------------------------|----------------------------|
| `mbedtls_ctr_drbg_update_ret` | `mbedtls_ctr_drbg_update` |
| `mbedtls_hmac_drbg_update_ret` | `mbedtls_hmac_drbg_update` |
| `mbedtls_md5_starts_ret` | `mbedtls_md5_starts` |
| `mbedtls_md5_update_ret` | `mbedtls_md5_update` |
| `mbedtls_md5_finish_ret` | `mbedtls_md5_finish` |
| `mbedtls_md5_ret` | `mbedtls_md5` |
| `mbedtls_ripemd160_starts_ret` | `mbedtls_ripemd160_starts` |
| `mbedtls_ripemd160_update_ret` | `mbedtls_ripemd160_update` |
| `mbedtls_ripemd160_finish_ret` | `mbedtls_ripemd160_finish` |
| `mbedtls_ripemd160_ret` | `mbedtls_ripemd160` |
| `mbedtls_sha1_starts_ret` | `mbedtls_sha1_starts` |
| `mbedtls_sha1_update_ret` | `mbedtls_sha1_update` |
| `mbedtls_sha1_finish_ret` | `mbedtls_sha1_finish` |
| `mbedtls_sha1_ret` | `mbedtls_sha1` |
| `mbedtls_sha256_starts_ret` | `mbedtls_sha256_starts` |
| `mbedtls_sha256_update_ret` | `mbedtls_sha256_update` |
| `mbedtls_sha256_finish_ret` | `mbedtls_sha256_finish` |
| `mbedtls_sha256_ret` | `mbedtls_sha256` |
| `mbedtls_sha512_starts_ret` | `mbedtls_sha512_starts` |
| `mbedtls_sha512_update_ret` | `mbedtls_sha512_update` |
| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` |
| `mbedtls_sha512_ret` | `mbedtls_sha512` |
To migrate to the this change the user can keep the `*_ret` names in their code
and include the `compat_2.x.h` header file which holds macros with proper
renaming or to rename those functions in their code according to the list from
mentioned header file.
## High-level crypto ## High-level crypto
@ -369,45 +408,6 @@ The following functions now take an extra parameter indicating the size of the o
The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer.
### Rename `mbedtls_*_ret()` cryptography functions whose deprecated variants have been removed
This change affects users who were using the `mbedtls_*_ret()` cryptography
functions.
Those functions were created based on now-deprecated functions according to a
requirement that a function needs to return a value. This change brings back the
original names of those functions. The renamed functions are:
| name before this change | after the change |
|--------------------------------|----------------------------|
| `mbedtls_ctr_drbg_update_ret` | `mbedtls_ctr_drbg_update` |
| `mbedtls_hmac_drbg_update_ret` | `mbedtls_hmac_drbg_update` |
| `mbedtls_md5_starts_ret` | `mbedtls_md5_starts` |
| `mbedtls_md5_update_ret` | `mbedtls_md5_update` |
| `mbedtls_md5_finish_ret` | `mbedtls_md5_finish` |
| `mbedtls_md5_ret` | `mbedtls_md5` |
| `mbedtls_ripemd160_starts_ret` | `mbedtls_ripemd160_starts` |
| `mbedtls_ripemd160_update_ret` | `mbedtls_ripemd160_update` |
| `mbedtls_ripemd160_finish_ret` | `mbedtls_ripemd160_finish` |
| `mbedtls_ripemd160_ret` | `mbedtls_ripemd160` |
| `mbedtls_sha1_starts_ret` | `mbedtls_sha1_starts` |
| `mbedtls_sha1_update_ret` | `mbedtls_sha1_update` |
| `mbedtls_sha1_finish_ret` | `mbedtls_sha1_finish` |
| `mbedtls_sha1_ret` | `mbedtls_sha1` |
| `mbedtls_sha256_starts_ret` | `mbedtls_sha256_starts` |
| `mbedtls_sha256_update_ret` | `mbedtls_sha256_update` |
| `mbedtls_sha256_finish_ret` | `mbedtls_sha256_finish` |
| `mbedtls_sha256_ret` | `mbedtls_sha256` |
| `mbedtls_sha512_starts_ret` | `mbedtls_sha512_starts` |
| `mbedtls_sha512_update_ret` | `mbedtls_sha512_update` |
| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` |
| `mbedtls_sha512_ret` | `mbedtls_sha512` |
To migrate to the this change the user can keep the `*_ret` names in their code
and include the `compat_2.x.h` header file which holds macros with proper
renaming or to rename those functions in their code according to the list from
mentioned header file.
### Signature functions now require the hash length to match the expected value ### Signature functions now require the hash length to match the expected value
This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected.