TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / dfc7f4a68433ca58306f7e53fc2571775a2b1bb3^! / . / include / mbedtls / ccm.h
commitdfc7f4a68433ca58306f7e53fc2571775a2b1bb3[log] [tgz]
authorJaeden Amero <jaeden.amero@arm.com>Wed Jul 10 11:33:37 2019 +0100
committerJaeden Amero <jaeden.amero@arm.com>Fri Jul 12 13:43:02 2019 +0100
tree88327feac827c2744c8c56a08875388abe267303
parent59ebddff68a11af3328e43a44854887902977e31 [diff] [blame]
Deprecate Mbed TLS cryptography API

The PSA Crypto API should be used instead. The Mbed TLS cryptography API
will still remain available under MBEDTLS_DEPRECATED_REMOVED, as Mbed
Crypto (which implements the PSA Crypto API) continues to rely on this
now internal API.

Functions in that are already considered internal and are not deprecated
by this commit. We already have the freedom to change or remove these
internal APIs.

Document the relationship between Mbed Crypto and Mbed TLS, describing
Mbed Crypto's dual purpose of providing both deprecated Mbed TLS
cryptography APIs and the PSA Crypto API.

diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index ceac36c..5f427ab 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h

@@ -92,6 +92,7 @@
  *
  * \param ctx       The CCM context to initialize. This must not be \c NULL.
  */
+MBEDTLS_DEPRECATED
 void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
 
 /**
@@ -107,6 +108,7 @@
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
                         mbedtls_cipher_id_t cipher,
                         const unsigned char *key,
@@ -119,6 +121,7 @@
  * \param ctx       The CCM context to clear. If this is \c NULL, the function
  *                  has no effect. Otherwise, this must be initialized.
  */
+MBEDTLS_DEPRECATED
 void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
 
 /**
@@ -157,6 +160,7 @@
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
                          const unsigned char *iv, size_t iv_len,
                          const unsigned char *add, size_t add_len,
@@ -205,6 +209,7 @@
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
                          const unsigned char *iv, size_t iv_len,
                          const unsigned char *add, size_t add_len,
@@ -242,6 +247,7 @@
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
                       const unsigned char *iv, size_t iv_len,
                       const unsigned char *add, size_t add_len,
@@ -287,6 +293,7 @@
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
                       const unsigned char *iv, size_t iv_len,
                       const unsigned char *add, size_t add_len,
@@ -300,6 +307,7 @@
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_ccm_self_test( int verbose );
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */