eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add AEAD tag length to new mbedtls_cipher_setup_psa()

Browse source 
For AEAD ciphers, the information contained in mbedtls_cipher_info
is not enough to deduce a PSA algorithm value of type psa_algorithm_t.
This is because mbedtls_cipher_info doesn't contain the AEAD tag
length, while values of type psa_algorithm_t do.

This commit adds the AEAD tag length as a separate parameter
to mbedtls_cipher_setup_psa(). For Non-AEAD ciphers, the value
must be 0.

This approach is preferred over passing psa_algorithm_t directly
in order to keep the changes in existing code using the cipher layer
small.
This commit is contained in:
Hanno Becker 2018-11-12 16:26:27 +00:00
parent a395d8f1e9
commit 20120b373e
2 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/cipher.c
View file

@ -234,7 +234,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
#if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info )
const mbedtls_cipher_info_t *cipher_info,
size_t taglen )
{
psa_algorithm_t alg;
mbedtls_cipher_context_psa *cipher_psa;
@ -242,7 +243,7 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
if( NULL == cipher_info || NULL == ctx )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode );
alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
if( alg == 0)
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );