cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Check truncation length explicitly

Browse Source 
Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in
cases where algorithm is a wildcard. Wildcard input is not specified in
the documentation of the function, but in order to test the function
using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman 2021-03-03 12:07:20 +01:00
parent 58c94d39ae
commit 4ff9a29686
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/psa_crypto.c
View File

@ -583,8 +583,9 @@ MBEDTLS_STATIC_TESTABLE psa_status_t psa_get_mac_output_length(
return( PSA_ERROR_INVALID_ARGUMENT );
/* Output the expected (potentially truncated) length as long as it can
* actually be output by the algorithm */
if( PSA_ALG_FULL_LENGTH_MAC( algorithm ) == algorithm )
* actually be output by the algorithm. Truncation length of '0' means
* default output length of the keytype-algorithm combination. */
if( PSA_MAC_TRUNCATED_LENGTH( algorithm ) == 0 )
{
*length = default_length;
return( PSA_SUCCESS );