From af3962491d1af1b9767b6d6f778f88c943a2c128 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 8 Oct 2024 10:31:03 +0100 Subject: [PATCH] Update GCM buffer overlap documentation This commit updates the GCM buffer overlap documentation to explicity state that alternative implementations may not support input/output buffer overlap for GCM encrypt/decrypt functions. Signed-off-by: Harry Ramsey --- tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h index e620be7ba..741c814fd 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h @@ -174,7 +174,9 @@ int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, * * \note The output buffer \p output can be the same as the input * buffer \p input. If \p output is greater than \p input, they - * cannot overlap. + * cannot overlap. Implementations which require + * MBEDTLS_GCM_ALT to be enabled may not provide support + * overlapping buffers. * * \param ctx The GCM context. This must be initialized. * \param length The length of the ciphertext to decrypt, which is also @@ -282,7 +284,9 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx, * * \note The output buffer \p output can be the same as the input * buffer \p input. If \p output is greater than \p input, they - * cannot overlap. + * cannot overlap. Implementations which require + * MBEDTLS_GCM_ALT to be enabled may not provide support + * overlapping buffers. * * \param ctx The GCM context. This must be initialized. * \param input The buffer holding the input data. If \p input_length