1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00

Add output parameter to mbedtls_gcm_finish

Alternative implementations of GCM may delay the output of partial
blocks from mbedtls_gcm_update(). Add an output parameter to
mbedtls_gcm_finish() to allow such implementations to pass the final
partial block back to the caller. With the software implementation,
this final output is always empty.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2021-04-15 16:48:32 +02:00
parent 441907ec30
commit 9461e45a17
5 changed files with 37 additions and 10 deletions

View File

@ -282,13 +282,23 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
* buffer of at least \p tag_len Bytes.
* \param tag_len The length of the tag to generate. This must be at least
* four.
* \param output The buffer for the final output.
* This must be a writable buffer of at least \p output_len
* bytes.
* With the built-in implementation, there is no final
* output and this can be \p NULL.
* Alternative implementations may return a partial block
* of output.
* \param output_len The size of the \p output buffer in bytes.
* With the built-in implementation, this can be \c 0.
* Alternative implementations may require a 15-byte buffer.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
*/
int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag,
size_t tag_len );
unsigned char *output, size_t output_len,
unsigned char *tag, size_t tag_len );
/**
* \brief This function clears a GCM context and the underlying