Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make legacy declarations private: macro guard, cipher #132

Open
wants to merge 3 commits into
base: development
Choose a base branch
from
Open

Make legacy declarations private: macro guard, cipher #132

wants to merge 3 commits into from

Conversation

gilles-peskine-arm
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm commented Dec 23, 2024
edited
Loading

Make legacy functions private by guarding their declaration with a macro.

As an example, do cipher.h (functions only, I didn't check if some macros and types should become private).

This is up for design review. There is no update to documentation yet. Some open questions:

  • Is this approach ok? It's a quick win for not having legacy functions declared .
  • Whether we want to update documentation at the same time we make things private, or later.
  • Whether we want to add changelog entries, and whether to do it incrementally or all at once at the end.

PR checklist

@gilles-peskine-arm
private_access.h: Improve documentation
276a9e3 
Signed-off-by: Gilles Peskine <[email protected]>
@gilles-peskine-arm
Introduce MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
c49eb7f 
Guard private declarations in public headers with this macro.

Signed-off-by: Gilles Peskine <[email protected]>
@gilles-peskine-arm
Make cipher functions private
e3abfab 
Signed-off-by: Gilles Peskine <[email protected]>
@gilles-peskine-arm gilles-peskine-arm added priority-high High priority - will be reviewed soon size-xs Estimated task size: extra small (a few hours at most) needs-design-approval Needs design discussion / approval needs-ci Needs to pass CI tests labels Dec 23, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this pull request Dec 23, 2024
Open
5 tasks
@gilles-peskine-arm gilles-peskine-arm added needs-review Every commit must be reviewed by at least two team members needs-reviewer This PR needs someone to pick it up for review and removed needs-ci Needs to pass CI tests labels Jan 2, 2025
gilles-peskine-arm
gilles-peskine-arm commented Jan 2, 2025
View reviewed changes
drivers/builtin/include/mbedtls/cipher.h
@@ -1164,6 +1167,9 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len);
#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */

#endif /* MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS */
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be convenient to additionally annotate all function declarations between #if defined(MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS) and the corresponding #endif with MBEDTLS_DECLARE_PRIVATE_FUNCTION which can be defined to expand to something like __attribute__((__deprecated__)). This would allow detecting the uses of private functions through compiler warnings, and gradually eliminating them by eliminating warnings.

We can add these annotations mechanically, once we've manually added the preprocessor guards.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
needs-design-approval Needs design discussion / approval needs-review Every commit must be reviewed by at least two team members needs-reviewer This PR needs someone to pick it up for review priority-high High priority - will be reviewed soon size-xs Estimated task size: extra small (a few hours at most)
Projects
Roadmap Board for Mbed TLS
Status: To Do
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@gilles-peskine-arm