From 7822fa806547d1e93c844137ad44c7bd83fba18f Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 15 Nov 2018 10:50:32 +0200 Subject: [PATCH 1/2] Style fixes 1. Change camelcase variables to Mbed OS style. 2. Remove functions declarations from the `_alt` header, since they are now added from the module header regardless whether an alternative implementation exists. 3. Remove the `extern "c"` declaration from the `_alt` headers. 4. Remove redundant extra lines. --- .../FEATURE_CRYPTOCELL310/sha1_alt.c | 7 +- .../FEATURE_CRYPTOCELL310/sha1_alt.h | 112 ------------------ .../FEATURE_CRYPTOCELL310/sha256_alt.c | 7 +- .../FEATURE_CRYPTOCELL310/sha256_alt.h | 84 ------------- 4 files changed, 6 insertions(+), 204 deletions(-) diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c index c721fb7b9f2..ee388622899 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c @@ -25,7 +25,6 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); - } void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) @@ -64,10 +63,10 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) { - CRYSError_t CrysErr = CRYS_OK; + CRYSError_t crys_err = CRYS_OK; CRYS_HASH_Result_t crys_result = {0}; - CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); - if( CrysErr == CRYS_OK ) + crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); + if( crys_err == CRYS_OK ) { memcpy( output, crys_result, 20 ); return ( 0 ); diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h index d9a74f2410f..245910b330e 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h @@ -22,10 +22,6 @@ #define __SHA1_ALT__ #if defined(MBEDTLS_SHA1_ALT) #include "crys_hash.h" -#ifdef __cplusplus -extern "C" { -#endif - /** * \brief SHA-1 context structure @@ -35,114 +31,6 @@ typedef struct CRYS_HASHUserContext_t crys_hash_ctx; } mbedtls_sha1_context; -/** - * \brief This function initializes a SHA-1 context. - * - * \param ctx The SHA-1 context to initialize. - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); - -/** - * \brief This function clears a SHA-1 context. - * - * \param ctx The SHA-1 context to clear. - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); - -/** - * \brief This function clones the state of a SHA-1 context. - * - * \param dst The destination context. - * \param src The context to clone. - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ); - -/** - * \brief This function starts a SHA-1 checksum calculation. - * - * \param ctx The context to initialize. - * - * \return \c 0 if successful - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); - -/** - * \brief This function feeds an input buffer into an ongoing SHA-1 - * checksum calculation. - * - * \param ctx The SHA-1 context. - * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * - * \return \c 0 if successful - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); - -/** - * \brief This function finishes the SHA-1 operation, and writes - * the result to the output buffer. - * - * \param ctx The SHA-1 context. - * \param output The SHA-1 checksum result. - * - * \return \c 0 if successful - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ); - -/** - * \brief SHA-1 process data block (internal use only) - * - * \param ctx SHA-1 context - * \param data The data block being processed. - * - * \return \c 0 if successful - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - #endif //MBEDTLS_SHA1_ALT #endif //__SHA1_ALT__ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c index b2a7942512e..4c30edd61e9 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c @@ -25,7 +25,6 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); - } void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) @@ -71,10 +70,10 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) { - CRYSError_t CrysErr = CRYS_OK; + CRYSError_t crys_err = CRYS_OK; CRYS_HASH_Result_t crys_result = {0}; - CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); - if( CrysErr == CRYS_OK ) + crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); + if( crys_err == CRYS_OK ) { memcpy( output, crys_result, 32 ); return ( 0 ); diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h index bdb7c45e80c..6be25f9b405 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h @@ -24,10 +24,6 @@ #if defined(MBEDTLS_SHA256_ALT) #include "crys_hash.h" -#ifdef __cplusplus -extern "C" { -#endif - /** * \brief SHA-256 context structure @@ -37,85 +33,5 @@ typedef struct CRYS_HASHUserContext_t crys_hash_ctx; } mbedtls_sha256_context; - -/** - * \brief This function initializes a SHA-256 context. - * - * \param ctx The SHA-256 context to initialize. - */ -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); - -/** - * \brief This function clears a SHA-256 context. - * - * \param ctx The SHA-256 context to clear. - */ -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); - -/** - * \brief This function clones the state of a SHA-256 context. - * - * \param dst The destination context. - * \param src The context to clone. - */ -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ); - -/** - * \brief This function starts a SHA-224 or SHA-256 checksum - * calculation. - * - * \param ctx The context to initialize. - * \param is224 Determines which function to use. - * - * - * \return \c 0 on success. - */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); - -/** - * \brief This function feeds an input buffer into an ongoing - * SHA-256 checksum calculation. - * - * \param ctx SHA-256 context - * \param input buffer holding the data - * \param ilen length of the input data - * - * \return \c 0 on success. - */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); - -/** - * \brief This function finishes the SHA-256 operation, and writes - * the result to the output buffer. - * - * \param ctx The SHA-256 context. - * \param output The SHA-224 or SHA-256 checksum result. - * - * \return \c 0 on success. - */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ); - -/** - * \brief This function processes a single data block within - * the ongoing SHA-256 computation. This function is for - * internal use only. - * - * \param ctx The SHA-256 context. - * \param data The buffer holding one block of data. - * - * \return \c 0 on success. - */ -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - #endif // MBEDTLS_SHA256_ALT__ #endif //__SHA256_ALT__ From bcbda3e621f5ff21b4f82ed8eaf858b99c90893b Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 28 Nov 2018 11:15:05 +0200 Subject: [PATCH 2/2] Return not supported for internal process function Return the `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` for the internal process function, as it is not public. --- features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c | 5 ++--- features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c index ee388622899..f750485413e 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c @@ -21,6 +21,7 @@ #include "mbedtls/sha1.h" #if defined(MBEDTLS_SHA1_ALT) #include +#include "mbedtls/platform.h" void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { @@ -78,8 +79,6 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) { - if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK ) - return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); - return ( 0 ); + return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); } #endif //MBEDTLS_SHA1_ALT diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c index 4c30edd61e9..71c42013e95 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c @@ -21,6 +21,7 @@ #include "mbedtls/sha256.h" #if defined(MBEDTLS_SHA256_ALT) #include +#include "mbedtls/platform.h" void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { @@ -53,9 +54,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) { - if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK ) - return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); - return ( 0 ); + return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); } int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,