From 4ff9a29686810c3cce3399ecde98264f7ebd7cca Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Wed, 3 Mar 2021 12:07:20 +0100
Subject: [PATCH] Check truncation length explicitly

Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in
cases where algorithm is a wildcard. Wildcard input is not specified in
the documentation of the function, but in order to test the function
using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a112ff41b..13a0835ff 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -583,8 +583,9 @@ MBEDTLS_STATIC_TESTABLE psa_status_t psa_get_mac_output_length(
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     /* Output the expected (potentially truncated) length as long as it can
-     * actually be output by the algorithm */
-    if( PSA_ALG_FULL_LENGTH_MAC( algorithm ) == algorithm )
+     * actually be output by the algorithm. Truncation length of '0' means
+     * default output length of the keytype-algorithm combination. */
+    if( PSA_MAC_TRUNCATED_LENGTH( algorithm ) == 0 )
     {
         *length = default_length;
         return( PSA_SUCCESS );