Remove MBEDTLS_AES_DECRYPT_ALT
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 530bc4f..dd390ff 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -350,7 +350,6 @@
*/
//#define MBEDTLS_TIMING_ALT
-//#define MBEDTLS_AES_DECRYPT_ALT
//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
//#define MBEDTLS_ECDSA_VERIFY_ALT
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 2f4b55b..f4744a8 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -2242,7 +2242,6 @@
msg "build: aes.o for all combinations of relevant config options"
build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \
- "MBEDTLS_AES_DECRYPT_ALT" \
"MBEDTLS_AES_ROM_TABLES" \
"MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
"MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"
@@ -2259,7 +2258,6 @@
scripts/config.py unset MBEDTLS_DES_C
scripts/config.py unset MBEDTLS_NIST_KW_C
build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \
- "MBEDTLS_AES_DECRYPT_ALT" \
"MBEDTLS_AES_ROM_TABLES" \
"MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
"MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
index 09ce873..aa4d99c 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
@@ -566,24 +566,6 @@
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
-/**
- * \brief Internal AES block decryption function. This is only
- * exposed to allow overriding it using see
- * \c MBEDTLS_AES_DECRYPT_ALT.
- *
- * \param ctx The AES context to use for decryption.
- * \param input The ciphertext block.
- * \param output The output (plaintext) block.
- *
- * \return \c 0 on success.
- */
-MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16]);
-#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
-
#if defined(MBEDTLS_SELF_TEST)
/**
* \brief Checkup routine.
diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c
index 4b7a1e9..651282b 100644
--- a/tf-psa-crypto/drivers/builtin/src/aes.c
+++ b/tf-psa-crypto/drivers/builtin/src/aes.c
@@ -44,8 +44,7 @@
* This is a convenience shorthand macro to check if we need reverse S-box and
* reverse tables. It's private and only defined in this file.
*/
-#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) \
- && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#define MBEDTLS_AES_NEED_REVERSE_TABLES
#endif
@@ -903,15 +902,15 @@
return 0;
}
-#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
+#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/*
* AES-ECB block decryption
*/
-#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
-int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16])
+MBEDTLS_CHECK_RETURN_TYPICAL
+static int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
+ const unsigned char input[16],
+ unsigned char output[16])
{
int i;
uint32_t *RK = ctx->buf + ctx->rk_offset;
@@ -965,7 +964,8 @@
return 0;
}
-#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
+#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
/*
* Our intrinsics-based implementation of AESNI requires the round keys to be