From 633427732047dd1e0a3f76cd7d066362698c6692 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Tue, 4 Apr 2017 11:47:16 +0200
Subject: [PATCH 1/3] Allow alternate core implementation of CMAC

---
 include/mbedtls/cmac.h   | 14 ++++++++++++++
 include/mbedtls/config.h |  1 +
 library/cmac.c           |  4 ++++
 3 files changed, 19 insertions(+)

diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 9a2b96bc9..4d3f2d2f4 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -39,6 +39,8 @@ extern "C" {
 #define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /* longest used by CMAC is 3DES */
 #endif
 
+#if !defined(MBEDTLS_CMAC_ALT)
+
 /**
  * CMAC context structure - Contains internal state information only
  */
@@ -154,6 +156,18 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
                               unsigned char output[16] );
 #endif /* MBEDTLS_AES_C */
 
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* !MBEDTLS_CMAC_ALT */
+#include "cmac_alt.h"
+#endif /* !MBEDTLS_CMAC_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
 /**
  * \brief          Checkup routine
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 0f7e29bcf..2ef052b1e 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -237,6 +237,7 @@
 //#define MBEDTLS_ARC4_ALT
 //#define MBEDTLS_BLOWFISH_ALT
 //#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CMAC_ALT
 //#define MBEDTLS_DES_ALT
 //#define MBEDTLS_XTEA_ALT
 //#define MBEDTLS_MD2_ALT
diff --git a/library/cmac.c b/library/cmac.c
index b2fe713a0..5575d5c8d 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -65,6 +65,8 @@
 #endif /* MBEDTLS_SELF_TEST */
 #endif /* MBEDTLS_PLATFORM_C */
 
+#if !defined(MBEDTLS_CMAC_ALT)
+
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n ) {
     volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
@@ -468,6 +470,8 @@ exit:
 }
 #endif /* MBEDTLS_AES_C */
 
+#endif /* !MBEDTLS_CMAC_ALT */
+
 #if defined(MBEDTLS_SELF_TEST)
 /*
  * CMAC test data for SP800-38B

From 12d9f3c84d14cf1f01d8e8c1f18a430b9d764765 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Tue, 4 Apr 2017 12:01:42 +0200
Subject: [PATCH 2/3] Forgot version-features update for new config flag

---
 library/version_features.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/version_features.c b/library/version_features.c
index e866e67a2..6d2e53f77 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -90,6 +90,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_CAMELLIA_ALT)
     "MBEDTLS_CAMELLIA_ALT",
 #endif /* MBEDTLS_CAMELLIA_ALT */
+#if defined(MBEDTLS_CMAC_ALT)
+    "MBEDTLS_CMAC_ALT",
+#endif /* MBEDTLS_CMAC_ALT */
 #if defined(MBEDTLS_DES_ALT)
     "MBEDTLS_DES_ALT",
 #endif /* MBEDTLS_DES_ALT */

From 621080d7c68370dca67cfe387508abe685304e3e Mon Sep 17 00:00:00 2001
From: Ron Eldor <Ron.Eldor@arm.com>
Date: Thu, 21 Dec 2017 10:57:43 +0200
Subject: [PATCH 3/3] Fix compilation issue weh self test defined

1. Surround the generate keys with
`#if ! defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)`
to resolve build issue when `MBEDTLS_SELF_TEST` is defined for
alternative CMAC as well
2. Update ChangeLog
---
 ChangeLog      | 6 ++++++
 library/cmac.c | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 13de8672c..5d43296db 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS x.x.x branch released xxxx-xx-xx
+
+Changes
+   * Add hardware acceleration support for cmac, with the configuration definition
+     of `MBEDTLS_CMAC_ALT`. Submitted by stevew817
+
 = mbed TLS 2.4.2 branch released 2017-03-08
 
 Security
diff --git a/library/cmac.c b/library/cmac.c
index 5575d5c8d..d3581d589 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -65,7 +65,7 @@
 #endif /* MBEDTLS_SELF_TEST */
 #endif /* MBEDTLS_PLATFORM_C */
 
-#if !defined(MBEDTLS_CMAC_ALT)
+#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
 
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n ) {
@@ -166,7 +166,9 @@ exit:
 
     return( ret );
 }
+#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
 
+#if !defined(MBEDTLS_CMAC_ALT)
 static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
                             const unsigned char *input2,
                             const size_t block_size )