Add option to disable built-in aes implementation.
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/aesce.c b/library/aesce.c
index ed3cca1..baa01db 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,6 +99,7 @@
#include <sys/auxv.h>
#endif
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
/*
* AES instruction support detection routine
*/
@@ -113,6 +114,7 @@
return 1;
#endif
}
+#endif
/* Single round of AESCE encryption */
#define AESCE_ENCRYPT_ROUND \
diff --git a/library/aesce.h b/library/aesce.h
index b12bf76..b166e15 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -47,7 +47,12 @@
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
int mbedtls_aesce_has_support(void);
+#else
+#define /* no-check-names */ mbedtls_aesce_has_support() 1
+#endif
+
/**
* \brief Internal AES-ECB block encryption and decryption
diff --git a/library/aesni.c b/library/aesni.c
index 9d1c0f1..b6d1191 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,6 +39,7 @@
#include <immintrin.h>
#endif
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
/*
* AES-NI support detection routine
*/
@@ -68,6 +69,7 @@
return (c & what) != 0;
}
+#endif /* !MBEDTLS_AES_HAS_NO_BUILTIN */
#if MBEDTLS_AESNI_HAVE_CODE == 2
diff --git a/library/aesni.h b/library/aesni.h
index 82947e4..fa1f369 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -88,7 +88,11 @@
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
int mbedtls_aesni_has_support(unsigned int what);
+#else
+#define /* no-check-names */ mbedtls_aesni_has_support(what) 1
+#endif
/**
* \brief Internal AES-NI AES-ECB block encryption and decryption
diff --git a/library/padlock.c b/library/padlock.c
index f42c40f..111b28c 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,6 +33,7 @@
#if defined(MBEDTLS_HAVE_X86)
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
/*
* PadLock detection routine
*/
@@ -62,6 +63,7 @@
return flags & feature;
}
+#endif
/*
* PadLock AES-ECB block en(de)cryption
diff --git a/library/padlock.h b/library/padlock.h
index b5f0d7d..10c1c69 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -41,7 +41,6 @@
/* Some versions of ASan result in errors about not enough registers */
#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
!defined(MBEDTLS_HAVE_ASAN)
-
#ifndef MBEDTLS_HAVE_X86
#define MBEDTLS_HAVE_X86
#endif
@@ -69,7 +68,11 @@
*
* \return non-zero if CPU has support for the feature, 0 otherwise
*/
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
int mbedtls_padlock_has_support(int feature);
+#else
+#define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
+#endif
/**
* \brief Internal PadLock AES-ECB block en(de)cryption