TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0fa65aabf0a6a30f7fa06e847d52d81fe8531625^! / .
commit0fa65aabf0a6a30f7fa06e847d52d81fe8531625[log] [tgz]
authorArto Kinnunen <arto.kinnunen@arm.com>Mon Oct 21 14:43:37 2019 +0300
committerArto Kinnunen <arto.kinnunen@arm.com>Thu Oct 24 12:19:50 2019 +0300
treec20575b1a9a9c162335e75ef3b3ae6858aa4755f
parentc0a8bd40fc7b06bb07d11e116e9248941792beb2 [diff]
Review corrections

-Guard additional static variables with AES_ONLY_ENCRYPT
-Update config.h description about memory savings
-Update test: fix typo in all.sh and adjust compiler flags

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 317ff3b..87012da 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -622,7 +622,10 @@
  *
  * Uncommenting this macro removes support for AES decryption.
  *
- * Tradeoff: Uncommenting this macro reduces ROM footprint by ~2.5 kB.
+ * Tradeoff: Uncommenting this macro reduces the footprint. For
+ * example, when both MBEDTLS_AES_ROM_TABLES and
+ * MBEDTLS_AES_FEWER_TABLES are enabled, enabling this macro
+ * further reduces the ROM footprint by ~2.5kB.
  *
  * Module:  library/aes.c
  *

diff --git a/library/aes.c b/library/aes.c
index 8ce31cf..97d9e25 100644
--- a/library/aes.c
+++ b/library/aes.c

@@ -337,7 +337,6 @@
 #define V(a,b,c,d) 0x##a##b##c##d
 static const uint32_t RT0[256] = { RT };
 #undef V
-#endif /* !MBEDTLS_AES_ONLY_ENCRYPT */
 
 #if !defined(MBEDTLS_AES_FEWER_TABLES)
 
@@ -354,6 +353,7 @@
 #undef V
 
 #endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !MBEDTLS_AES_ONLY_ENCRYPT */
 
 #undef RT
 
@@ -383,6 +383,7 @@
 /*
  * Reverse S-box & tables
  */
+#if !defined(MBEDTLS_AES_ONLY_ENCRYPT)
 static unsigned char RSb[256];
 static uint32_t RT0[256];
 #if !defined(MBEDTLS_AES_FEWER_TABLES)
@@ -390,6 +391,7 @@
 static uint32_t RT2[256];
 static uint32_t RT3[256];
 #endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !MBEDTLS_AES_ONLY_ENCRYPT */
 
 /*
  * Round constants
@@ -434,7 +436,9 @@
      * generate the forward and reverse S-boxes
      */
     FSb[0x00] = 0x63;
+#if !defined(MBEDTLS_AES_ONLY_ENCRYPT)
     RSb[0x63] = 0x00;
+#endif
 
     for( i = 1; i < 256; i++ )
     {
@@ -447,7 +451,9 @@
         x ^= y ^ 0x63;
 
         FSb[i] = (unsigned char) x;
+#if !defined(MBEDTLS_AES_ONLY_ENCRYPT)
         RSb[x] = (unsigned char) i;
+#endif
     }
 
     /*
@@ -470,6 +476,7 @@
         FT3[i] = ROTL8( FT2[i] );
 #endif /* !MBEDTLS_AES_FEWER_TABLES */
 
+#if !defined(MBEDTLS_AES_ONLY_ENCRYPT)
         x = RSb[i];
 
         RT0[i] = ( (uint32_t) MUL( 0x0E, x )       ) ^
@@ -482,6 +489,7 @@
         RT2[i] = ROTL8( RT1[i] );
         RT3[i] = ROTL8( RT2[i] );
 #endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !MBEDTLS_AES_ONLY_ENCRYPT */
     }
 }
 

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 90dfea5..b820115 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh

@@ -1278,9 +1278,9 @@
 component_test_aes_only_encrypt () {
     msg "build: default config with MBEDTLS_AES_ONLY_ENCRYPT enabled"
     scripts/config.pl set MBEDTLS_AES_ONLY_ENCRYPT
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+    make CC=gcc CFLAGS='-Werror -O1'
 
-    msg "test: AES_ONLY_128_BIT_KEY_LENGTH"
+    msg "test: AES_ONLY_ENCRYPT"
     make test
 }