Add XXX_PROCESS_ALT mecchanism

ChangeLog

@@ -4,6 +4,9 @@ mbed TLS ChangeLog (Sorted per branch, date)
 
 Features
   * Support for DTLS 1.0 and 1.2 (RFC 6347).
+  * Ability to override xxx_process() function from a md/sha module with
+    custom implementation (eg hardware accelerated), complementing the ability
+    to override the whole module.
 
 API Changes
    * ecdsa_write_signature() gained an addtional md_alg argument and

include/mbedtls/config.h

@@ -231,20 +231,23 @@
 //#define POLARSSL_TIMING_ALT
 
 /**
- * \def POLARSSL_XXX_ALT
+ * \def POLARSSL__MODULE_NAME__ALT
  *
  * Uncomment a macro to let mbed TLS use your alternate core implementation of
- * a symmetric or hash algorithm (e.g. platform specific assembly optimized
+ * a symmetric or hash module (e.g. platform specific assembly optimized
  * implementations). Keep in mind that the function prototypes should remain
  * the same.
  *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the POLARSSL__FUNCTION_NAME__ALT flags.
+ *
  * Example: In case you uncomment POLARSSL_AES_ALT, mbed TLS will no longer
  * provide the "struct aes_context" definition and omit the base function
  * declarations and implementations. "aes_alt.h" will be included from
  * "aes.h" to include the new function definitions.
  *
- * Uncomment a macro to enable alternate implementation for core algorithm
+ * Uncomment a macro to enable alternate implementation of the corresponding
- * functions
+ * module.
  */
 //#define POLARSSL_AES_ALT
 //#define POLARSSL_ARC4_ALT
@@ -260,6 +263,34 @@
 //#define POLARSSL_SHA256_ALT
 //#define POLARSSL_SHA512_ALT
 
+/**
+ * \def POLARSSL__FUNCTION_NAME__ALT
+ *
+ * Uncomment a macro to let mbed TLS use you alternate core implementation of
+ * symmetric of hash function. Keep in mind that function prototypes should
+ * remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the POLARSSL__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment POLARSSL_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the sha1_process() function, but it will still provide
+ * the other function (using your sha1_process() function) and the definition
+ * of sha1_context, so your implementation of sha1_process must be compatible
+ * with this definition.
+ *
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+//#define POLARSSL_MD2_PROCESS_ALT
+//#define POLARSSL_MD4_PROCESS_ALT
+//#define POLARSSL_MD5_PROCESS_ALT
+//#define POLARSSL_RIPEMD160_PROCESS_ALT
+//#define POLARSSL_SHA1_PROCESS_ALT
+//#define POLARSSL_SHA256_PROCESS_ALT
+//#define POLARSSL_SHA512_PROCESS_ALT
+
 /**
  * \def POLARSSL_AES_ROM_TABLES
  *

library/md2.c

@@ -112,6 +112,7 @@ void md2_starts( md2_context *ctx )
     ctx->left = 0;
 }
 
+#if !defined(POLARSSL_MD2_PROCESS_ALT)
 void md2_process( md2_context *ctx )
 {
     int i, j;
@@ -145,6 +146,7 @@ void md2_process( md2_context *ctx )
         t  = ctx->cksum[i];
     }
 }
+#endif /* !POLARSSL_MD2_PROCESS_ALT */
 
 /*
  * MD2 process buffer

library/md4.c

@@ -108,6 +108,7 @@ void md4_starts( md4_context *ctx )
     ctx->state[3] = 0x10325476;
 }
 
+#if !defined(POLARSSL_MD4_PROCESS_ALT)
 void md4_process( md4_context *ctx, const unsigned char data[64] )
 {
     uint32_t X[16], A, B, C, D;
@@ -210,6 +211,7 @@ void md4_process( md4_context *ctx, const unsigned char data[64] )
     ctx->state[2] += C;
     ctx->state[3] += D;
 }
+#endif /* !POLARSSL_MD4_PROCESS_ALT */
 
 /*
  * MD4 process buffer

library/md5.c

@@ -107,6 +107,7 @@ void md5_starts( md5_context *ctx )
     ctx->state[3] = 0x10325476;
 }
 
+#if !defined(POLARSSL_MD5_PROCESS_ALT)
 void md5_process( md5_context *ctx, const unsigned char data[64] )
 {
     uint32_t X[16], A, B, C, D;
@@ -229,6 +230,7 @@ void md5_process( md5_context *ctx, const unsigned char data[64] )
     ctx->state[2] += C;
     ctx->state[3] += D;
 }
+#endif /* !POLARSSL_MD5_PROCESS_ALT */
 
 /*
  * MD5 process buffer

library/ripemd160.c

@@ -107,6 +107,7 @@ void ripemd160_starts( ripemd160_context *ctx )
     ctx->state[4] = 0xC3D2E1F0;
 }
 
+#if !defined(POLARSSL_RIPEMD160_PROCESS_ALT)
 /*
  * Process one block
  */
@@ -286,6 +287,7 @@ void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] )
     ctx->state[4] = ctx->state[0] + B + Cp;
     ctx->state[0] = C;
 }
+#endif /* !POLARSSL_RIPEMD160_PROCESS_ALT */
 
 /*
  * RIPEMD-160 process buffer

library/sha1.c

@@ -108,6 +108,7 @@ void sha1_starts( sha1_context *ctx )
     ctx->state[4] = 0xC3D2E1F0;
 }
 
+#if !defined(POLARSSL_SHA1_PROCESS_ALT)
 void sha1_process( sha1_context *ctx, const unsigned char data[64] )
 {
     uint32_t temp, W[16], A, B, C, D, E;
@@ -263,6 +264,7 @@ void sha1_process( sha1_context *ctx, const unsigned char data[64] )
     ctx->state[3] += D;
     ctx->state[4] += E;
 }
+#endif /* !POLARSSL_SHA1_PROCESS_ALT */
 
 /*
  * SHA-1 process buffer

library/sha256.c

@@ -129,6 +129,7 @@ void sha256_starts( sha256_context *ctx, int is224 )
     ctx->is224 = is224;
 }
 
+#if !defined(POLARSSL_SHA256_PROCESS_ALT)
 void sha256_process( sha256_context *ctx, const unsigned char data[64] )
 {
     uint32_t temp1, temp2, W[64];
@@ -259,6 +260,7 @@ void sha256_process( sha256_context *ctx, const unsigned char data[64] )
     ctx->state[6] += G;
     ctx->state[7] += H;
 }
+#endif /* !POLARSSL_SHA256_PROCESS_ALT */
 
 /*
  * SHA-256 process buffer

library/sha512.c

@@ -190,6 +190,7 @@ void sha512_starts( sha512_context *ctx, int is384 )
     ctx->is384 = is384;
 }
 
+#if !defined(POLARSSL_SHA512_PROCESS_ALT)
 void sha512_process( sha512_context *ctx, const unsigned char data[128] )
 {
     int i;
@@ -258,6 +259,7 @@ void sha512_process( sha512_context *ctx, const unsigned char data[128] )
     ctx->state[6] += G;
     ctx->state[7] += H;
 }
+#endif /* !POLARSSL_SHA512_PROCESS_ALT */
 
 /*
  * SHA-512 process buffer