Resolve compiler and linker issues in MD APIs

The features/mbedtls/targets/TARGET_STM/* files include constant needed
for the error codes returned from the MD functions.

The features/mbedtls/targets/hash_wrappers.c provides thin redirection
layer for the hardware accelerated MD implementations that rely on the
old API.

The TESTS/mbedtls/multi/main.cpp has been changed to use the new API
as its build environment does not rely on the translation unit
containing the necessary wrappers.

TESTS/mbedtls/multi/main.cpp

@@ -23,7 +23,6 @@
 
 #include "mbedtls/sha256.h"
 
-
 using namespace utest::v1;
 
 #if defined(MBEDTLS_SHA256_C)
@@ -42,18 +41,18 @@ void test_case_sha256_split() {
   mbedtls_sha256_context ctx;
   printf("test sha256\n");
   mbedtls_sha256_init( &ctx );
-  mbedtls_sha256_starts( &ctx, 0);
+  mbedtls_sha256_starts_ret( &ctx, 0);
   #if 0
     printf("test not splitted\n");
     mbedtls_sha256_update( &ctx, test_buf, 168 );
   #else
     printf("test splitted into 3 pieces\n");
-    mbedtls_sha256_update( &ctx, test_buf, 2 );
-    mbedtls_sha256_update( &ctx, test_buf+2, 66 );
-    mbedtls_sha256_update( &ctx, test_buf+68, 100 );
+    mbedtls_sha256_update_ret( &ctx, test_buf, 2 );
+    mbedtls_sha256_update_ret( &ctx, test_buf+2, 66 );
+    mbedtls_sha256_update_ret( &ctx, test_buf+68, 100 );
   #endif
   
-    mbedtls_sha256_finish( &ctx, outsum );
+    mbedtls_sha256_finish_ret( &ctx, outsum );
     mbedtls_sha256_free( &ctx );
   
     printf("\nreceived result : ");
@@ -99,29 +98,29 @@ void test_case_sha256_multi() {
     mbedtls_sha256_init( &ctx2);
     mbedtls_sha256_init( &ctx3);
     //Start both contexts
-    mbedtls_sha256_starts( &ctx1, 0);
-    mbedtls_sha256_starts( &ctx2, 0);
+    mbedtls_sha256_starts_ret( &ctx1, 0);
+    mbedtls_sha256_starts_ret( &ctx2, 0);
 
     printf("upd ctx1\n");
-    mbedtls_sha256_update( &ctx1, test_buf, 56 );
+    mbedtls_sha256_update_ret( &ctx1, test_buf, 56 );
     printf("upd ctx2\n");
-    mbedtls_sha256_update( &ctx2, test_buf, 66 );
+    mbedtls_sha256_update_ret( &ctx2, test_buf, 66 );
     printf("finish ctx1\n");
-    mbedtls_sha256_finish( &ctx1, outsum1 );
+    mbedtls_sha256_finish_ret( &ctx1, outsum1 );
     printf("upd ctx2\n");
-    mbedtls_sha256_update( &ctx2, test_buf+66, 46 );
+    mbedtls_sha256_update_ret( &ctx2, test_buf+66, 46 );
     printf("clone ctx2 in ctx3\n");
     mbedtls_sha256_clone(&ctx3, (const mbedtls_sha256_context *)&ctx2);
     printf("free ctx1\n");
     mbedtls_sha256_free( &ctx1 );
     printf("upd ctx2\n");
-    mbedtls_sha256_update( &ctx2, test_buf+112, 56 );
+    mbedtls_sha256_update_ret( &ctx2, test_buf+112, 56 );
     printf("upd ctx3 with different values than ctx2\n");
-    mbedtls_sha256_update( &ctx3, test_buf2, 56 );
+    mbedtls_sha256_update_ret( &ctx3, test_buf2, 56 );
     printf("finish ctx2\n");
-    mbedtls_sha256_finish( &ctx2, outsum2 );
+    mbedtls_sha256_finish_ret( &ctx2, outsum2 );
     printf("finish ctx3\n");
-    mbedtls_sha256_finish( &ctx3, outsum3 );
+    mbedtls_sha256_finish_ret( &ctx3, outsum3 );
     printf("free ctx2\n");
     mbedtls_sha256_free( &ctx2 );
     printf("free ctx3\n");

features/mbedtls/targets/TARGET_STM/md5_alt.h

@@ -27,6 +27,19 @@
 #include "cmsis.h"
 #include <string.h>
 
+/**
+ * \name SECTION: Temporary compatibility code
+ *
+ * This section contains code to be added up stream in Mbed TLS. Once that
+ * has been provided, this section should be removed as the code will be
+ * provided elsewhere.
+ * \{
+ */
+
+#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */
+
+/* \} name SECTION:  Temporary compatibility code */
+
 #ifdef __cplusplus
 extern "C" {
 #endif

features/mbedtls/targets/TARGET_STM/sha1_alt.h

@@ -24,6 +24,18 @@
 
 #if defined (MBEDTLS_SHA1_ALT)
 
+/**
+ * \name SECTION: Temporary compatibility code
+ *
+ * This section contains code to be added up stream in Mbed TLS. Once that
+ * has been provided, this section should be removed as the code will be
+ * provided elsewhere.
+ * \{
+ */
+
+#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
+
+/* \} name SECTION:  Temporary compatibility code */
 
 #include "cmsis.h"
 #include <string.h>

features/mbedtls/targets/TARGET_STM/sha256_alt.h

@@ -27,6 +27,19 @@
 #include "cmsis.h"
 #include <string.h>
 
+/**
+ * \name SECTION: Temporary compatibility code
+ *
+ * This section contains code to be added up stream in Mbed TLS. Once that
+ * has been provided, this section should be removed as the code will be
+ * provided elsewhere.
+ * \{
+ */
+
+#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
+
+/* \} name SECTION:  Temporary compatibility code */
+
 #ifdef __cplusplus
 extern "C" {
 #endif

features/mbedtls/targets/hash_wrappers.c

@@ -0,0 +1,356 @@
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#if defined(MBEDTLS_MD2_ALT)
+
+/**
+ * \brief          MD2 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md2_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_starts( mbedtls_md2_context *ctx )
+{
+    mbedtls_md2_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD2 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md2_update_ret() in 2.7.0
+ *
+ * \param ctx      MD2 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_update( mbedtls_md2_context *ctx,
+                         const unsigned char *input,
+                         size_t ilen )
+{
+    mbedtls_md2_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD2 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md2_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD2 context
+ * \param output   MD2 checksum result
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_finish( mbedtls_md2_context *ctx,
+                         unsigned char output[16] )
+{
+    mbedtls_md2_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_MD2_ALT) */
+
+#if defined(MBEDTLS_MD4_ALT)
+
+/**
+ * \brief          MD4 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md4_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_starts( mbedtls_md4_context *ctx )
+{
+    mbedtls_md4_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD4 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md4_update_ret() in 2.7.0
+ *
+ * \param ctx      MD4 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_update( mbedtls_md4_context *ctx,
+                         const unsigned char *input,
+                         size_t ilen )
+{
+    mbedtls_md4_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD4 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md4_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD4 context
+ * \param output   MD4 checksum result
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_finish( mbedtls_md4_context *ctx,
+                         unsigned char output[16] )
+{
+    mbedtls_md4_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_MD4_ALT) */
+
+#if defined(MBEDTLS_MD5_ALT)
+
+/**
+ * \brief          MD5 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md5_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_starts( mbedtls_md5_context *ctx )
+{
+    mbedtls_md5_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD5 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md5_update_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_update( mbedtls_md5_context *ctx,
+                         const unsigned char *input,
+                         size_t ilen )
+{
+    mbedtls_md5_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD5 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md5_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param output   MD5 checksum result
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_finish( mbedtls_md5_context *ctx,
+                         unsigned char output[16] )
+{
+    mbedtls_md5_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_MD5_ALT) */
+
+#if defined(MBEDTLS_SHA1_ALT)
+
+/**
+ * \brief          SHA-1 context setup
+ *
+ * \deprecated     Superseded by mbedtls_sha1_starts_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context to be initialized.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
+{
+    mbedtls_sha1_starts_ret( ctx );
+}
+
+/**
+ * \brief          SHA-1 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_sha1_update_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context.
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
+                          const unsigned char *input,
+                          size_t ilen )
+{
+    mbedtls_sha1_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          SHA-1 final digest
+ *
+ * \deprecated     Superseded by mbedtls_sha1_finish_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context.
+ * \param output   The SHA-1 checksum result.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
+                          unsigned char output[20] )
+{
+    mbedtls_sha1_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_SHA1_ALT) */
+
+#if defined(MBEDTLS_SHA256_ALT)
+
+/**
+ * \brief          This function starts a SHA-256 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_starts_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context to initialize.
+ * \param is224    Determines which function to use.
+ *                 <ul><li>0: Use SHA-256.</li>
+ *                 <li>1: Use SHA-224.</li></ul>
+ */
+void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
+                            int is224 )
+{
+    mbedtls_sha256_starts_ret( ctx, is224 );
+}
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-256 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_update_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context to initialize.
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ */
+void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen )
+{
+    mbedtls_sha256_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          This function finishes the SHA-256 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_finish_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context.
+ * \param output   The SHA-224or SHA-256 checksum result.
+ */
+void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
+                            unsigned char output[32] )
+{
+    mbedtls_sha256_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_SHA256_ALT) */
+
+#if defined(MBEDTLS_SHA512_ALT)
+
+/**
+ * \brief          This function starts a SHA-384 or SHA-512 checksum
+ *                 calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_starts_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context to initialize.
+ * \param is384    Determines which function to use.
+ *                 <ul><li>0: Use SHA-512.</li>
+ *                 <li>1: Use SHA-384.</li></ul>
+ */
+void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
+                            int is384 )
+{
+    mbedtls_sha512_starts_ret( ctx, is384 );
+}
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-512 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_update_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context.
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ */
+void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen )
+{
+    mbedtls_sha512_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          This function finishes the SHA-512 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_finish_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context.
+ * \param output   The SHA-384 or SHA-512 checksum result.
+ */
+void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
+                            unsigned char output[64] )
+{
+    mbedtls_sha512_finish_ret( ctx, output );
+}
+
+#endif /* defined(MBEDTLS_SHA512_ALT) */
+