Add XXX_PROCESS_ALT mecchanism
diff --git a/ChangeLog b/ChangeLog
index a71b4a7..a6dca89 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,9 @@
Features
* Support for DTLS 1.0 and 1.2 (RFC 6347).
+ * Ability to override xxx_process() function from a md/sha module with
+ custom implementation (eg hardware accelerated), complementing the ability
+ to override the whole module.
API Changes
* ecdsa_write_signature() gained an addtional md_alg argument and
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 52cec1d..a5740ac 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -231,20 +231,23 @@
//#define POLARSSL_TIMING_ALT
/**
- * \def POLARSSL_XXX_ALT
+ * \def POLARSSL__MODULE_NAME__ALT
*
* Uncomment a macro to let mbed TLS use your alternate core implementation of
- * a symmetric or hash algorithm (e.g. platform specific assembly optimized
+ * a symmetric or hash module (e.g. platform specific assembly optimized
* implementations). Keep in mind that the function prototypes should remain
* the same.
*
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the POLARSSL__FUNCTION_NAME__ALT flags.
+ *
* Example: In case you uncomment POLARSSL_AES_ALT, mbed TLS will no longer
* provide the "struct aes_context" definition and omit the base function
* declarations and implementations. "aes_alt.h" will be included from
* "aes.h" to include the new function definitions.
*
- * Uncomment a macro to enable alternate implementation for core algorithm
- * functions
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
*/
//#define POLARSSL_AES_ALT
//#define POLARSSL_ARC4_ALT
@@ -261,6 +264,34 @@
//#define POLARSSL_SHA512_ALT
/**
+ * \def POLARSSL__FUNCTION_NAME__ALT
+ *
+ * Uncomment a macro to let mbed TLS use you alternate core implementation of
+ * symmetric of hash function. Keep in mind that function prototypes should
+ * remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the POLARSSL__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment POLARSSL_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the sha1_process() function, but it will still provide
+ * the other function (using your sha1_process() function) and the definition
+ * of sha1_context, so your implementation of sha1_process must be compatible
+ * with this definition.
+ *
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+//#define POLARSSL_MD2_PROCESS_ALT
+//#define POLARSSL_MD4_PROCESS_ALT
+//#define POLARSSL_MD5_PROCESS_ALT
+//#define POLARSSL_RIPEMD160_PROCESS_ALT
+//#define POLARSSL_SHA1_PROCESS_ALT
+//#define POLARSSL_SHA256_PROCESS_ALT
+//#define POLARSSL_SHA512_PROCESS_ALT
+
+/**
* \def POLARSSL_AES_ROM_TABLES
*
* Store the AES tables in ROM.
diff --git a/library/md2.c b/library/md2.c
index 9510843..fb8acdd 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -112,6 +112,7 @@
ctx->left = 0;
}
+#if !defined(POLARSSL_MD2_PROCESS_ALT)
void md2_process( md2_context *ctx )
{
int i, j;
@@ -145,6 +146,7 @@
t = ctx->cksum[i];
}
}
+#endif /* !POLARSSL_MD2_PROCESS_ALT */
/*
* MD2 process buffer
diff --git a/library/md4.c b/library/md4.c
index 47f762d..2de259d 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -108,6 +108,7 @@
ctx->state[3] = 0x10325476;
}
+#if !defined(POLARSSL_MD4_PROCESS_ALT)
void md4_process( md4_context *ctx, const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@@ -210,6 +211,7 @@
ctx->state[2] += C;
ctx->state[3] += D;
}
+#endif /* !POLARSSL_MD4_PROCESS_ALT */
/*
* MD4 process buffer
diff --git a/library/md5.c b/library/md5.c
index 62f619b..5eef65d 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -107,6 +107,7 @@
ctx->state[3] = 0x10325476;
}
+#if !defined(POLARSSL_MD5_PROCESS_ALT)
void md5_process( md5_context *ctx, const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@@ -229,6 +230,7 @@
ctx->state[2] += C;
ctx->state[3] += D;
}
+#endif /* !POLARSSL_MD5_PROCESS_ALT */
/*
* MD5 process buffer
diff --git a/library/ripemd160.c b/library/ripemd160.c
index 97ab530..5e55ff5 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -107,6 +107,7 @@
ctx->state[4] = 0xC3D2E1F0;
}
+#if !defined(POLARSSL_RIPEMD160_PROCESS_ALT)
/*
* Process one block
*/
@@ -286,6 +287,7 @@
ctx->state[4] = ctx->state[0] + B + Cp;
ctx->state[0] = C;
}
+#endif /* !POLARSSL_RIPEMD160_PROCESS_ALT */
/*
* RIPEMD-160 process buffer
diff --git a/library/sha1.c b/library/sha1.c
index 086fd7f..bf25f6d 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -108,6 +108,7 @@
ctx->state[4] = 0xC3D2E1F0;
}
+#if !defined(POLARSSL_SHA1_PROCESS_ALT)
void sha1_process( sha1_context *ctx, const unsigned char data[64] )
{
uint32_t temp, W[16], A, B, C, D, E;
@@ -263,6 +264,7 @@
ctx->state[3] += D;
ctx->state[4] += E;
}
+#endif /* !POLARSSL_SHA1_PROCESS_ALT */
/*
* SHA-1 process buffer
diff --git a/library/sha256.c b/library/sha256.c
index 7d4c32c..f6f6556 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -129,6 +129,7 @@
ctx->is224 = is224;
}
+#if !defined(POLARSSL_SHA256_PROCESS_ALT)
void sha256_process( sha256_context *ctx, const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
@@ -259,6 +260,7 @@
ctx->state[6] += G;
ctx->state[7] += H;
}
+#endif /* !POLARSSL_SHA256_PROCESS_ALT */
/*
* SHA-256 process buffer
diff --git a/library/sha512.c b/library/sha512.c
index 86e28a9..aeb4187 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -190,6 +190,7 @@
ctx->is384 = is384;
}
+#if !defined(POLARSSL_SHA512_PROCESS_ALT)
void sha512_process( sha512_context *ctx, const unsigned char data[128] )
{
int i;
@@ -258,6 +259,7 @@
ctx->state[6] += G;
ctx->state[7] += H;
}
+#endif /* !POLARSSL_SHA512_PROCESS_ALT */
/*
* SHA-512 process buffer