From 15c7b40ab71e49e50a8bb82667b3794c884fcd9c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 May 2021 12:11:19 +0200 Subject: [PATCH] Reorder the text to say who is affected first Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/gcm-multipart.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md index f37f7e8e01..98e9fad2e1 100644 --- a/docs/3.0-migration-guide.d/gcm-multipart.md +++ b/docs/3.0-migration-guide.d/gcm-multipart.md @@ -2,8 +2,8 @@ GCM multipart interface: application changes -------------------------------------------- The GCM module now supports arbitrary chunked input in the multipart interface. - -For applications using GCM for multipart operations, this means the following changes: +This changes the interface for applications using the GCM module directly for multipart operations. +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. * The current implementation has a limitation that `mbedtls_gcm_update_ad()` may only be called once. This limitation will be lifted shortly; watch https://github.com/ARMmbed/mbedtls/issues/4351 for updates. @@ -11,5 +11,3 @@ For applications using GCM for multipart operations, this means the following ch * As long as the input remains block-aligned, the output length is exactly the input length, as before. * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. - -Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes.