Add per-function override for AES
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index ffd6d3b..1ddde82 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -246,6 +246,32 @@
unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
+/**
+ * \brief Internal AES block encryption function
+ * (Only exposed to allow overriding it,
+ * see MBEDTLS_AES_ENCRYPT_ALT)
+ *
+ * \param ctx AES context
+ * \param input Plaintext block
+ * \param output Output (ciphertext) block
+ */
+void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
+ const unsigned char input[16],
+ unsigned char output[16] );
+
+/**
+ * \brief Internal AES block decryption function
+ * (Only exposed to allow overriding it,
+ * see MBEDTLS_AES_DECRYPT_ALT)
+ *
+ * \param ctx AES context
+ * \param input Ciphertext block
+ * \param output Output (plaintext) block
+ */
+void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
+ const unsigned char input[16],
+ unsigned char output[16] );
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index db40dbf..fc86056 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -241,6 +241,10 @@
* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
* with this definition.
*
+ * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set
+ * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ * tables.
+ *
* Uncomment a macro to enable alternate implementation of the corresponding
* function.
*/
@@ -254,6 +258,10 @@
//#define MBEDTLS_DES_SETKEY_ALT
//#define MBEDTLS_DES_CRYPT_ECB_ALT
//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
/**
* \def MBEDTLS_AES_ROM_TABLES