lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Fix PSA AEAD GCM's update output buffer length verification.

Browse Source 
Move GCM's update output buffer length verification
from PSA AEAD to the built-in implementation of the GCM.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk
2021-10-04 13:46:38 +02:00
parent f28261fc14
commit c48f43b44d
6 changed files with 37 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog.d/psa_gcm_buffer_limitation.txt
View File

@@ -3,6 +3,11 @@ Bugfix
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply to the built-in
implementation of GCM.
* Move GCM's update output buffer length verification from PSA AEAD to
the built-in implementation of the GCM.
The requirement for output buffer size to be equal or greater then
input buffer size is valid only for the built-in implementation of GCM.
Alternative GCM implementations can process whole blocks only.
API changes
* New error code for GCM: MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL.