commit dfc7f4a68433ca58306f7e53fc2571775a2b1bb3
author Jaeden Amero <jaeden.amero@arm.com> Wed Jul 10 11:33:37 2019 +0100
committer Jaeden Amero <jaeden.amero@arm.com> Fri Jul 12 13:43:02 2019 +0100
tree 88327feac827c2744c8c56a08875388abe267303
parent 59ebddff68a11af3328e43a44854887902977e31

Deprecate Mbed TLS cryptography API

The PSA Crypto API should be used instead. The Mbed TLS cryptography API
will still remain available under MBEDTLS_DEPRECATED_REMOVED, as Mbed
Crypto (which implements the PSA Crypto API) continues to rely on this
now internal API.

Functions in that are already considered internal and are not deprecated
by this commit. We already have the freedom to change or remove these
internal APIs.

Document the relationship between Mbed Crypto and Mbed TLS, describing
Mbed Crypto's dual purpose of providing both deprecated Mbed TLS
cryptography APIs and the PSA Crypto API.

include/mbedtls/entropy.h

diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 06aaffa..a733bde 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -30,6 +30,7 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#include "mbedtls/platform_util.h"
 #include <stddef.h>
 
 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
@@ -147,6 +148,7 @@
  *
  * \param ctx       Entropy context to initialize
  */
+MBEDTLS_DEPRECATED
 void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
 
 /**
@@ -154,6 +156,7 @@
  *
  * \param ctx       Entropy context to free
  */
+MBEDTLS_DEPRECATED
 void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
 
 /**
@@ -173,6 +176,7 @@
  *
  * \return          0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
                         mbedtls_entropy_f_source_ptr f_source, void *p_source,
                         size_t threshold, int strong );
@@ -185,6 +189,7 @@
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
 
 /**
@@ -198,6 +203,7 @@
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
 
 /**
@@ -210,6 +216,7 @@
  *
  * \return          0 if successful
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
                            const unsigned char *data, size_t len );
 
@@ -222,6 +229,7 @@
  *
  * \return          0 if successful
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
 #endif /* MBEDTLS_ENTROPY_NV_SEED */
 
@@ -236,6 +244,7 @@
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
 
 /**
@@ -250,6 +259,7 @@
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
 #endif /* MBEDTLS_FS_IO */
 
@@ -262,6 +272,7 @@
  *
  * \return         0 if successful, or 1 if a test failed
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_self_test( int verbose );
 
 #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
@@ -278,6 +289,7 @@
  *
  * \return         0 if successful, or 1 if a test failed
  */
+MBEDTLS_DEPRECATED
 int mbedtls_entropy_source_self_test( int verbose );
 #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
 #endif /* MBEDTLS_SELF_TEST */