mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 22:20:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Invert logic on nonce length tests

Browse Source 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-09-29 14:19:11 +01:00
parent 355f59edbe
commit 60116aee9e
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
library/psa_crypto.c
View File

@ -3630,27 +3630,27 @@ static psa_status_t psa_aead_check_nonce_length( psa_algorithm_t alg,
* PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter * PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter
* size, which can then lead to collisions if you encrypt a very * size, which can then lead to collisions if you encrypt a very
* large number of messages.*/ * large number of messages.*/
if( nonce_length == 0 ) if( nonce_length != 0 )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_SUCCESS );
} }
#endif /* PSA_WANT_ALG_GCM */ #endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM) #if defined(PSA_WANT_ALG_CCM)
if( base_alg == PSA_ALG_CCM ) if( base_alg == PSA_ALG_CCM )
{ {
if( nonce_length < 7 || nonce_length > 13 ) if( nonce_length >= 7 && nonce_length <= 13 )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_SUCCESS );
} }
else else
#endif /* PSA_WANT_ALG_CCM */ #endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
if( base_alg == PSA_ALG_CHACHA20_POLY1305 ) if( base_alg == PSA_ALG_CHACHA20_POLY1305 )
{ {
if( nonce_length != 12 ) if( nonce_length == 12 )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_SUCCESS );
} }
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
return PSA_SUCCESS; return( PSA_ERROR_NOT_SUPPORTED );
} }
psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,