Merge branch 'mbedtls-1.3' into development
* mbedtls-1.3:
Mark a few additional deprecations
Use proper doxygen markup to mark deprecations
Add -fdata-sections in memory.sh too
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 62c7f5b..d2f1bfa 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -376,7 +376,7 @@
* \brief Free the cipher-specific context of ctx. Freeing ctx
* itself remains the responsibility of the caller.
*
- * \note Deprecated: Redirects to cipher_free()
+ * \deprecated Use cipher_free() instead
*
* \param ctx Free the cipher-specific context
*
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 05b568d..35e181c 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1745,7 +1745,9 @@
/**
* \def POLARSSL_MEMORY_C
- * Deprecated since 1.3.5. Please use POLARSSL_PLATFORM_MEMORY instead.
+ *
+ * \deprecated Use POLARSSL_PLATFORM_MEMORY instead.
+ *
* Depends on: POLARSSL_PLATFORM_C
*/
//#define POLARSSL_MEMORY_C
@@ -1815,6 +1817,24 @@
#define POLARSSL_PADLOCK_C
/**
+<<<<<<< HEAD:include/mbedtls/config.h
+=======
+ * \def POLARSSL_PBKDF2_C
+ *
+ * Enable PKCS#5 PBKDF2 key derivation function.
+ *
+ * \deprecated Use POLARSSL_PKCS5_C instead
+ *
+ * Module: library/pbkdf2.c
+ *
+ * Requires: POLARSSL_PKCS5_C
+ *
+ * This module adds support for the PKCS#5 PBKDF2 key derivation function.
+ */
+#define POLARSSL_PBKDF2_C
+
+/**
+>>>>>>> mbedtls-1.3:include/polarssl/config.h
* \def POLARSSL_PEM_PARSE_C
*
* Enable PEM decoding / parsing.
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 3472f80..95da80b 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -204,7 +204,7 @@
* \brief Free the message-specific context of ctx. Freeing ctx itself
* remains the responsibility of the caller.
*
- * \note Deprecated: Redirects to md_free()
+ * \deprecated Use md_free() instead
*
* \param ctx Free the message-specific context
*
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 76e61bb..32d1c9f 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -30,7 +30,7 @@
#include POLARSSL_CONFIG_FILE
#endif
-/* Temporary compability hack for to keep the deprecated MEMORY_C working */
+/* Temporary compability hack for to keep MEMORY_C working */
#if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_MEMORY)
#define POLARSSL_PLATFORM_MEMORY
#endif
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index d96dd28..8b78e1f 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1544,8 +1544,7 @@
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
- * \warning This backwards-compatibility function is deprecated!
- * Please use \c ssl_set_own_cert() instead.
+ * \deprecated Please use \c ssl_set_own_cert() instead.
*
* \param ssl SSL context
* \param own_cert own public certificate chain
@@ -1569,8 +1568,7 @@
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
- * \warning This backwards-compatibility function is deprecated!
- * Please use \c pk_init_ctx_rsa_alt()
+ * \deprecated Please use \c pk_init_ctx_rsa_alt()
* and \c ssl_set_own_cert() instead.
*
* \param ssl SSL context
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index ffbf976..e387c15 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -227,8 +227,10 @@
/**
* \brief Give an known OID, return its descriptive string.
- * (Deprecated. Use oid_get_extended_key_usage() instead.)
- * Warning: only works for extended_key_usage OIDs!
+ *
+ * \deprecated Use oid_get_extended_key_usage() instead.
+ *
+ * \warning Only works for extended_key_usage OIDs!
*
* \param oid buffer containing the oid
*
@@ -239,7 +241,8 @@
/**
* \brief Give an OID, return a string version of its OID number.
- * (Deprecated. Use oid_get_numeric_string() instead)
+ *
+ * \deprecated Use oid_get_numeric_string() instead.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
diff --git a/library/cipher.c b/library/cipher.c
index e2d1786..e5af2ae 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -165,7 +165,7 @@
return( 0 );
}
-/* Deprecated, redirects to cipher_free() */
+/* compatibility wrapper */
int cipher_free_ctx( cipher_context_t *ctx )
{
cipher_free( ctx );
diff --git a/library/pbkdf2.c b/library/pbkdf2.c
new file mode 100644
index 0000000..b4ef195
--- /dev/null
+++ b/library/pbkdf2.c
@@ -0,0 +1,60 @@
+/**
+ * \file pbkdf2.c
+ *
+ * \brief Compatibility wrappers for pkcs5.c
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ *
+ * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+/*
+ * PBKDF2 is part of PKCS#5
+ *
+ * http://tools.ietf.org/html/rfc2898 (Specification)
+ * http://tools.ietf.org/html/rfc6070 (Test vectors)
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+#if defined(POLARSSL_PBKDF2_C)
+
+#include "polarssl/pbkdf2.h"
+#include "polarssl/pkcs5.h"
+
+int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen,
+ const unsigned char *salt, size_t slen,
+ unsigned int iteration_count,
+ uint32_t key_length, unsigned char *output )
+{
+ return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count,
+ key_length, output );
+}
+
+#if defined(POLARSSL_SELF_TEST)
+int pbkdf2_self_test( int verbose )
+{
+ return pkcs5_self_test( verbose );
+}
+#endif /* POLARSSL_SELF_TEST */
+
+#endif /* POLARSSL_PBKDF2_C */
diff --git a/scripts/memory.sh b/scripts/memory.sh
index 36626b8..c8b1e9d 100755
--- a/scripts/memory.sh
+++ b/scripts/memory.sh
@@ -12,7 +12,7 @@
CLIENT='mini_client'
-CFLAGS_EXEC='-fno-asynchronous-unwind-tables -Wl,--gc-section -ffunction-sections'
+CFLAGS_EXEC='-fno-asynchronous-unwind-tables -Wl,--gc-section -ffunction-sections -fdata-sections'
CFLAGS_MEM=-g3
if [ -r $CONFIG_H ]; then :; else