diff --git a/library/cipher.c b/library/cipher.c index 7dc09ee94..dfbbbfd2d 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -375,7 +375,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) { actual_iv_size = iv_len; } else { - actual_iv_size = ctx->cipher_info->iv_size; + actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info); /* avoid reading past the end of input buffer */ if (actual_iv_size > iv_len) { @@ -1363,7 +1363,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CHACHAPOLY_C) if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -1459,7 +1459,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } diff --git a/library/pkcs12.c b/library/pkcs12.c index a0966f648..8540de22d 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -155,7 +155,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, key, keylen, - iv, cipher_info->iv_size)) != 0) { + iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { return ret; } @@ -171,7 +171,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, goto exit; } - if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) { + if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { goto exit; } diff --git a/library/pkcs5.c b/library/pkcs5.c index 6cbb5208a..8d39eab18 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -179,7 +179,7 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || - enc_scheme_params.len != cipher_info->iv_size) { + enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) { return MBEDTLS_ERR_PKCS5_INVALID_FORMAT; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f0067f4b2..36c96f26d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8420,7 +8420,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #if defined(MBEDTLS_USE_PSA_CRYPTO) transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg); #else - transform->ivlen = cipher_info->iv_size; + transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Minimum length */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 6027671d6..8e6735266 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1142,7 +1142,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, /* Pick cipher */ cipher_info = mbedtls_cipher_info_from_type(cipher_type); CHK(cipher_info != NULL); - CHK(cipher_info->iv_size <= 16); + CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); /* Pick keys */ @@ -1273,7 +1273,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, /* Pick IV's (regardless of whether they * are being used by the transform). */ - ivlen = cipher_info->iv_size; + ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); memset(iv_enc, 0x3, sizeof(iv_enc)); memset(iv_dec, 0x4, sizeof(iv_dec));