Remove MBEDTLS_AES_ALT
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index c1f08f9..c217cf7 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -350,32 +350,6 @@
*/
//#define MBEDTLS_TIMING_ALT
-/**
- * \def MBEDTLS_AES_ALT
- *
- * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your
- * alternate core implementation of a symmetric crypto, an arithmetic or hash
- * module (e.g. platform specific assembly optimized implementations). Keep
- * in mind that the function prototypes should remain the same.
- *
- * This replaces the whole module. If you only want to replace one of the
- * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer
- * provide the "struct mbedtls_aes_context" definition and omit the base
- * function declarations and implementations. "aes_alt.h" will be included from
- * "aes.h" to include the new function definitions.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * module.
- *
- * \warning MD5, DES and SHA-1 are considered weak and their
- * use constitutes a security risk. If possible, we recommend
- * avoiding dependencies on them, and considering stronger message
- * digests and ciphers instead.
- *
- */
-//#define MBEDTLS_AES_ALT
//#define MBEDTLS_ARIA_ALT
//#define MBEDTLS_CAMELLIA_ALT
//#define MBEDTLS_CCM_ALT
diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h
deleted file mode 100644
index dc47dd1..0000000
--- a/tests/include/alt-dummy/aes_alt.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* aes_alt.h with dummy types for MBEDTLS_AES_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#ifndef AES_ALT_H
-#define AES_ALT_H
-
-typedef struct mbedtls_aes_context {
- int dummy;
-}
-mbedtls_aes_context;
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-
-typedef struct mbedtls_aes_xts_context {
- int dummy;
-} mbedtls_aes_xts_context;
-#endif
-
-
-#endif /* aes_alt.h */
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 7393d81..5bab8e4 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -251,8 +251,7 @@
* \param key_type Key type
* \param key_bits Key length in number of bits.
*/
-#if defined(MBEDTLS_AES_ALT) || \
- defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#define MBEDTLS_TEST_HAVE_ALT_AES 1
#else
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
index a07c8a5..559e1d8 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
@@ -53,10 +53,6 @@
extern "C" {
#endif
-#if !defined(MBEDTLS_AES_ALT)
-// Regular implementation
-//
-
/**
* \brief The AES context-type definition.
*/
@@ -88,10 +84,6 @@
} mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */
-#else /* MBEDTLS_AES_ALT */
-#include "aes_alt.h"
-#endif /* MBEDTLS_AES_ALT */
-
/**
* \brief This function initializes the specified AES context.
*
diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c
index 72e2c57..eef55e6 100644
--- a/tf-psa-crypto/drivers/builtin/src/aes.c
+++ b/tf-psa-crypto/drivers/builtin/src/aes.c
@@ -50,8 +50,6 @@
#define MBEDTLS_AES_NEED_REVERSE_TABLES
#endif
-#if !defined(MBEDTLS_AES_ALT)
-
#if defined(MBEDTLS_AES_ROM_TABLES)
/*
* Forward S-box
@@ -1436,8 +1434,6 @@
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* !MBEDTLS_AES_ALT */
-
#if defined(MBEDTLS_SELF_TEST)
/*
* AES test vectors from:
@@ -1800,9 +1796,6 @@
mbedtls_aes_init(&ctx);
if (verbose != 0) {
-#if defined(MBEDTLS_AES_ALT)
- mbedtls_printf(" AES note: alternative implementation.\n");
-#else /* MBEDTLS_AES_ALT */
#if defined(MBEDTLS_AESNI_HAVE_CODE)
#if MBEDTLS_AESNI_HAVE_CODE == 1
mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n");
@@ -1825,7 +1818,6 @@
mbedtls_printf(" AES note: built-in implementation.\n");
#endif
}
-#endif /* MBEDTLS_AES_ALT */
}
/*
@@ -1868,8 +1860,8 @@
/*
* AES-192 is an optional feature that may be unavailable when
- * there is an alternative underlying implementation i.e. when
- * MBEDTLS_AES_ALT is defined.
+ * there is an alternative underlying implementation such as a
+ * PSA driver.
*/
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n");
@@ -1932,8 +1924,8 @@
/*
* AES-192 is an optional feature that may be unavailable when
- * there is an alternative underlying implementation i.e. when
- * MBEDTLS_AES_ALT is defined.
+ * there is an alternative underlying implementation such as a
+ * PSA driver.
*/
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n");
@@ -1999,8 +1991,8 @@
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
/*
* AES-192 is an optional feature that may be unavailable when
- * there is an alternative underlying implementation i.e. when
- * MBEDTLS_AES_ALT is defined.
+ * there is an alternative underlying implementation such as a
+ * PSA driver.
*/
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n");
@@ -2063,8 +2055,8 @@
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
/*
* AES-192 is an optional feature that may be unavailable when
- * there is an alternative underlying implementation i.e. when
- * MBEDTLS_AES_ALT is defined.
+ * there is an alternative underlying implementation such as a
+ * PSA driver.
*/
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
mbedtls_printf("skipped\n");
diff --git a/tf-psa-crypto/drivers/builtin/src/gcm.c b/tf-psa-crypto/drivers/builtin/src/gcm.c
index 5dfac23..bf21943 100644
--- a/tf-psa-crypto/drivers/builtin/src/gcm.c
+++ b/tf-psa-crypto/drivers/builtin/src/gcm.c
@@ -1062,8 +1062,8 @@
key_len);
/*
* AES-192 is an optional feature that may be unavailable when
- * there is an alternative underlying implementation i.e. when
- * MBEDTLS_AES_ALT is defined.
+ * there is an alternative underlying implementation such as a
+ * PSA driver.
*/
if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) {
mbedtls_printf("skipped\n");