aes.c: guard RSb and RTx properly

If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed. This commit extends how we guard RSb and RTx for the combinations of these configurations. Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2025-03-01 13:13:28 +00:00 · 2023-11-09 11:23:17 +08:00 · 2023-11-09 11:23:17 +08:00 · f03b49122c
commit f03b49122c
parent d137da5a93
1 changed files with 6 additions and 3 deletions
--- a/library/aes.c
+++ b/library/aes.c
@ -66,7 +66,12 @@

 #include "mbedtls/platform.h"

-#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \
+/*
+ * This is a convenience shorthand macro to check if we need reverse S-box and
+ * reverse tables. It's private and only defined in this file.
+ */
+#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || \
+    (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))) && \
    !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
 #define MBEDTLS_AES_NEED_REVERSE_TABLES
 #endif
@ -447,7 +452,6 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
 #if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
        x = RSb[i];

-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
        RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
                 ((uint32_t) MUL(0x09, x) <<  8) ^
                 ((uint32_t) MUL(0x0D, x) << 16) ^
@ -458,7 +462,6 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
        RT2[i] = ROTL8(RT1[i]);
        RT3[i] = ROTL8(RT2[i]);
 #endif /* !MBEDTLS_AES_FEWER_TABLES */
-#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 #endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */
    }
 }