Bind functions' availability for config options
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
diff --git a/library/constant_time.c b/library/constant_time.c
index a8d9926..5bd74b6 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -108,6 +108,8 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
+
/** Constant-flow mask generation for "less than" comparison:
* - if \p x < \p y, return all-bits 1, that is (size_t) -1
* - otherwise, return all bits 0, that is 0
@@ -141,6 +143,8 @@
return( ~mbedtls_cf_size_mask_lt( x, y ) );
}
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
+
unsigned mbedtls_cf_size_bool_eq( size_t x,
size_t y )
{
@@ -167,6 +171,8 @@
return( 1 ^ diff1 );
}
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
/** Constant-flow "greater than" comparison:
* return x > y
*
@@ -185,6 +191,8 @@
return( ( y - x ) >> ( sizeof( size_t ) * 8 - 1 ) );
}
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
+
#if defined(MBEDTLS_BIGNUM_C)
unsigned mbedtls_cf_mpi_uint_lt( const mbedtls_mpi_uint x,
@@ -225,6 +233,7 @@
return( ( mask & if1 ) | (~mask & if0 ) );
}
+#if defined(MBEDTLS_BIGNUM_C)
/** Select between two sign values witout branches.
*
@@ -260,8 +269,6 @@
return( (int) ur - 1 );
}
-#if defined(MBEDTLS_BIGNUM_C)
-
void mbedtls_cf_mpi_uint_cond_assign( size_t n,
mbedtls_mpi_uint *dest,
const mbedtls_mpi_uint *src,
@@ -289,6 +296,8 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
/** Shift some data towards the left inside a buffer.
*
* `mbedtls_cf_mem_move_to_left(start, total, offset)` is functionally
@@ -329,6 +338,10 @@
}
}
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
+
void mbedtls_cf_memcpy_if_eq( unsigned char *dest,
const unsigned char *src,
size_t len,
@@ -360,8 +373,6 @@
}
}
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
-
int mbedtls_cf_hmac( mbedtls_md_context_t *ctx,
const unsigned char *add_data,
size_t add_data_len,
diff --git a/library/constant_time.h b/library/constant_time.h
index 6dfac8b..a055c6a 100644
--- a/library/constant_time.h
+++ b/library/constant_time.h
@@ -92,6 +92,8 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
+
/** Constant-flow mask generation for "greater or equal" comparison:
* - if \p x >= \p y, return all-bits 1, that is (size_t) -1
* - otherwise, return all bits 0, that is 0
@@ -108,6 +110,8 @@
size_t mbedtls_cf_size_mask_ge( size_t x,
size_t y );
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
+
/** Constant-flow boolean "equal" comparison:
* return x == y
*
@@ -122,7 +126,6 @@
unsigned mbedtls_cf_size_bool_eq( size_t x,
size_t y );
-
#if defined(MBEDTLS_BIGNUM_C)
/** Decide if an integer is less than the other, without branches.
@@ -176,6 +179,7 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
/** Conditional memcpy without branches.
*
@@ -219,8 +223,6 @@
size_t offset_max,
size_t len );
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
-
/** Compute the HMAC of variable-length data with constant flow.
*
* This function computes the HMAC of the concatenation of \p add_data and \p