Fllow-up of the review: ChangeLog expansion, mmigration guides added and comments fixed
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
diff --git a/ChangeLog.d/issue4282.txt b/ChangeLog.d/issue4282.txt
index 27d9a28..685f64d 100644
--- a/ChangeLog.d/issue4282.txt
+++ b/ChangeLog.d/issue4282.txt
@@ -1,2 +1,13 @@
Removals
- * Remove deprecated functions and constants. Fix #4282
+ * Remove the following deprecated functions and constants of hex-encoded
+ primes based on RFC 5114 and RFC 3526 from library code and tests:
+ mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(),
+ mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(),
+ mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(),
+ mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(),
+ mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(),
+ MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G,
+ MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G,
+ MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G,
+ MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G.
+ Remove the deprecated file: include/mbedtls/net.h. Fixes #4282.
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 28292d4..f6314ae 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -397,12 +397,6 @@
* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
* with this definition.
*
- * \note Because of a signature change, the core AES encryption and decryption routines are
- * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- * respectively. When setting up alternative implementations, these functions should
- * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and
- * mbedtls_internal_aes_encrypt must stay untouched.
- *
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
* tables.
diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md
new file mode 100644
index 0000000..8791649
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md
@@ -0,0 +1,64 @@
+Deprecated functions were removed from AES
+------------------------------------------
+
+The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed.
+Please use `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()`
+respectively.
+
+Deprecated functions were removed from bignum
+---------------------------------------------
+
+The function `mbedtls_mpi_is_prime()` was removed. Please use
+`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the
+number of Miller-Rabin rounds.
+
+Deprecated functions were removed from cipher
+---------------------------------------------
+
+The functions `mbedtls_cipher_auth_encrypt()` and
+`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by
+`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()`
+respectively which additionally support key wrapping algorithms such as
+NIST_KW.
+
+Deprecated functions were removed from DRBGs
+--------------------------------------------
+
+The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()`
+were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and
+`mbedtls_hmac_drbg_update_ret()` respectively.
+
+Deprecated functions were removed from ECDSA
+--------------------------------------------
+
+The functions `mbedtls_ecdsa_write_signature_det()` and
+`mbedtls_ecdsa_sign_det()` were removed. They were superseded by
+`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()`
+respectively.
+
+Deprecated functions were removed from SSL
+------------------------------------------
+
+The functions `mbedtls_ssl_conf_dh_param()` and
+`mbedtls_ssl_get_max_frag_len()` were removed. Please use
+`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` and
+`mbedtls_ssl_get_output_max_frag_len()` instead.
+
+
+Deprecated hex-encoded primes were removed from DHM
+---------------------------------------------------
+
+The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`,
+`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`,
+`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`,
+`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were
+removed. The hex-encoded primes from RFC 5114 are deprecated because their
+derivation is not documented and therefore their usage constitutes a security
+risk. They are removed from the library without replacement.
+
+Deprecated net.h file was removed
+---------------------------------
+
+The file `include/mbedtls/net.h` was removed because its only function was to
+include `mbedtls/net_sockets.h` which now should be included directly.
+
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 53497b3..e2b6b70 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -421,12 +421,6 @@
* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
* with this definition.
*
- * \note Because of a signature change, the core AES encryption and decryption routines are
- * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- * respectively. When setting up alternative implementations, these functions should
- * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and
- * mbedtls_internal_aes_encrypt must stay untouched.
- *
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
* tables.
@@ -445,9 +439,7 @@
* alternative implementations should use the RNG only for generating
* the ephemeral key and nothing else. If this is not possible, then
* MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
- * implementation should be provided for mbedtls_ecdsa_sign_det_ext()
- * (and for mbedtls_ecdsa_sign_det_ext() too if backward compatibility
- * is desirable).
+ * implementation should be provided for mbedtls_ecdsa_sign_det_ext().
*
*/
//#define MBEDTLS_MD2_PROCESS_ALT
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 630d5bd..18f4379 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -685,7 +685,9 @@
ECDSA_VALIDATE_RET( hash != NULL );
ECDSA_VALIDATE_RET( sig != NULL );
ECDSA_VALIDATE_RET( slen != NULL );
- ECDSA_VALIDATE_RET( f_rng != NULL );
+
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
mbedtls_mpi_init( &r );
mbedtls_mpi_init( &s );
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 463f58d..3d3f6a3 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -1008,11 +1008,6 @@
* of AEAD decryption and AEAD encryption. Check that
* this results in the expected plaintext, and that
* decryption and encryption are inverse to one another.
- *
- * Do that twice:
- * - once with legacy functions auth_decrypt/auth_encrypt
- * - once with new functions auth_decrypt_ext/auth_encrypt_ext
- * This allows testing both without duplicating test cases.
*/
int ret;