From 69436818205d4c39eb63d06c9d1e66e557a94f2f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 25 Apr 2023 11:08:30 +0800
Subject: [PATCH] Improve error message and documents

- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 2 +-
 include/mbedtls/mbedtls_config.h             | 4 +++-
 library/aes.c                                | 6 +++---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
index 2461479e6b..a185aff2a2 100644
--- a/ChangeLog.d/add-aes-hardware-only-option.txt
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -2,5 +2,5 @@ Features
    * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When
      using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
      disables the plain C implementation and the run-time detection for the
-     CPU feature, which reduces code size and avoid the vulnerability of the
+     CPU feature, which reduces code size and avoids the vulnerability of the
      plain C implementation.
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 6fcd025613..46d3dc28ca 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,7 +4015,9 @@
  * detection will be used to select between them.
  *
  * If only one implementation is present, runtime detection will not be used.
- * This configuration will crash if running on the CPU without needed features.
+ * This configuration will crash at runtime if running on a CPU without the
+ * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C,
+ * MBEDTLS_AESNI_C and/or MBEDTLS_PADLOCK_C is enabled & present in the build.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 
diff --git a/library/aes.c b/library/aes.c
index d6ecdcca50..00ba40c36b 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -38,7 +38,7 @@
     defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
 #define MBEDTLS_HAVE_ARM64
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -47,7 +47,7 @@
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -56,7 +56,7 @@
 #define MBEDTLS_HAVE_X86
 
 #if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif