TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / dfc7f4a68433ca58306f7e53fc2571775a2b1bb3^! / . / include / mbedtls / sha256.h
commitdfc7f4a68433ca58306f7e53fc2571775a2b1bb3[log] [tgz]
authorJaeden Amero <jaeden.amero@arm.com>Wed Jul 10 11:33:37 2019 +0100
committerJaeden Amero <jaeden.amero@arm.com>Fri Jul 12 13:43:02 2019 +0100
tree88327feac827c2744c8c56a08875388abe267303
parent59ebddff68a11af3328e43a44854887902977e31 [diff] [blame]
Deprecate Mbed TLS cryptography API

The PSA Crypto API should be used instead. The Mbed TLS cryptography API
will still remain available under MBEDTLS_DEPRECATED_REMOVED, as Mbed
Crypto (which implements the PSA Crypto API) continues to rely on this
now internal API.

Functions in that are already considered internal and are not deprecated
by this commit. We already have the freedom to change or remove these
internal APIs.

Document the relationship between Mbed Crypto and Mbed TLS, describing
Mbed Crypto's dual purpose of providing both deprecated Mbed TLS
cryptography APIs and the PSA Crypto API.

diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 4a97e45..6305f8c 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h

@@ -76,6 +76,7 @@
  *
  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
  */
+MBEDTLS_DEPRECATED
 void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
 
 /**
@@ -85,6 +86,7 @@
  *                 case this function returns immediately. If it is not \c NULL,
  *                 it must point to an initialized SHA-256 context.
  */
+MBEDTLS_DEPRECATED
 void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
 
 /**
@@ -93,6 +95,7 @@
  * \param dst      The destination context. This must be initialized.
  * \param src      The context to clone. This must be initialized.
  */
+MBEDTLS_DEPRECATED
 void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
                            const mbedtls_sha256_context *src );
 
@@ -107,6 +110,7 @@
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
 
 /**
@@ -122,6 +126,7 @@
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
                                const unsigned char *input,
                                size_t ilen );
@@ -138,6 +143,7 @@
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
                                unsigned char output[32] );
 
@@ -233,6 +239,7 @@
  * \param is224    Determines which function to use. This must be
  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_sha256_ret( const unsigned char *input,
                         size_t ilen,
                         unsigned char output[32],
@@ -273,6 +280,7 @@
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
+MBEDTLS_DEPRECATED
 int mbedtls_sha256_self_test( int verbose );
 
 #endif /* MBEDTLS_SELF_TEST */