From a3e4e229ef8f52e4f62a11f40935a55c6252653e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 13 Jul 2023 15:31:00 +0100 Subject: [PATCH] Change value of MBEDTLS_CIPHER_BLKSIZE_MAX if ARIA or Camellia present Signed-off-by: Dave Rodgman --- ChangeLog.d/MBEDTLS_CIPHER_BLKSIZE_MAX.txt | 7 +++++++ include/mbedtls/cmac.h | 6 +++++- 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/MBEDTLS_CIPHER_BLKSIZE_MAX.txt diff --git a/ChangeLog.d/MBEDTLS_CIPHER_BLKSIZE_MAX.txt b/ChangeLog.d/MBEDTLS_CIPHER_BLKSIZE_MAX.txt new file mode 100644 index 000000000..fb0e8cc7a --- /dev/null +++ b/ChangeLog.d/MBEDTLS_CIPHER_BLKSIZE_MAX.txt @@ -0,0 +1,7 @@ +Changes + * In configurations with ARIA or Camellia but not AES, the value of + MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might + suggest. This did not affect any library code, because this macro was + only used in relation with CMAC which does not support these ciphers. + Its value is now 16 if ARIA or Camellia are present. This may affect + application code that uses this macro. diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 254995ca1..5c3bcbaec 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -45,7 +45,11 @@ extern "C" { #define MBEDTLS_AES_BLOCK_SIZE 16 #define MBEDTLS_DES3_BLOCK_SIZE 8 -#if defined(MBEDTLS_AES_C) + +/* Although the CMAC module does not support ARIA or CAMELLIA, we adjust the value of + * MBEDTLS_CIPHER_BLKSIZE_MAX to reflect these ciphers. + * This is done to avoid confusion, given the general-purpose name of the macro. */ +#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ #else #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */