1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00

Merge pull request #4585 from mpg/cipher-aead-delayed

Clarify multi-part AEAD calling sequence in Cipher module
This commit is contained in:
Gilles Peskine
2021-06-01 12:04:19 +02:00
committed by GitHub
3 changed files with 60 additions and 7 deletions

View File

@ -0,0 +1,15 @@
Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations
----------------------------------------------------------------------------
This only affects people who use the cipher module to perform AEAD operations
using the multi-part API.
Previously, the documentation didn't state explicitly if it was OK to call
`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after
the last call to `mbedtls_cipher_update()` - that is, without calling
`mbedtls_cipher_finish()` in-between. If you code was missing that call,
please add it and be prepared to get as much as 15 bytes of output.
Currently the output is always 0 bytes, but it may be more when alternative
implementations of the underlying primitives are in use, or with future
versions of the library.