mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-04 13:13:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Replacement for MBEDTLS_CIPHER_BLKSIZE_MAX

Browse Source 
Prepare to rename this constant by MBEDTLS_CMAC_MAX_BLOCK_SIZE. The old name
was misleading since it looked like it covered all cipher support, not just
CMAC support, but CMAC doesn't support Camellia or ARIA so the two are
different.

This commit introduces the new constant. Subsequent commits will replace
internal uses of MBEDTLS_CIPHER_BLKSIZE_MAX and deprecate it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-06-14 17:49:02 +02:00
parent 16bb83cb57
commit 7282a9e1a0
2 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
include/mbedtls/cmac.h
View File

@ -41,11 +41,26 @@ extern "C" {
/* We don't support Camellia or ARIA in this module */ /* We don't support Camellia or ARIA in this module */
#if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_AES_C)
#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ #define MBEDTLS_CMAC_MAX_BLOCK_SIZE 16 /**< The longest block used by CMAC is that of AES. */
#else #else
#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */ #define MBEDTLS_CMAC_MAX_BLOCK_SIZE 8 /**< The longest block used by CMAC is that of 3DES. */
#endif #endif
/** The longest block supported by the cipher module.
*
* \deprecated
* For the maximum block size of a cipher supported by the CMAC module,
* use #MBEDTLS_CMAC_MAX_BLOCK_SIZE.
* For the maximum block size of a cipher supported by the cipher module,
* use #MBEDTLS_MAX_BLOCK_LENGTH.
*/
/* Before Mbed TLS 3.5, this was the maximum block size supported by the CMAC
* module, so it didn't take Camellia or ARIA into account. Since the name
* of the macro doesn't even convey "CMAC", this was misleading. Now the size
* is sufficient for any cipher, but the name is defined in cmac.h for
* backward compatibility. */
#define MBEDTLS_CIPHER_BLKSIZE_MAX MBEDTLS_MAX_BLOCK_LENGTH
#if !defined(MBEDTLS_CMAC_ALT) #if !defined(MBEDTLS_CMAC_ALT)
/** /**

2
tests/suites/test_suite_cmac.function
View File

@ -113,6 +113,8 @@ void mbedtls_cmac_setkey(int cipher_type, int key_size, int result)
!= NULL); != NULL);
TEST_LE_U(mbedtls_cipher_info_get_block_size(cipher_info), TEST_LE_U(mbedtls_cipher_info_get_block_size(cipher_info),
MBEDTLS_CIPHER_BLKSIZE_MAX); MBEDTLS_CIPHER_BLKSIZE_MAX);
TEST_LE_U(mbedtls_cipher_info_get_block_size(cipher_info),
MBEDTLS_CMAC_MAX_BLOCK_SIZE);
memset(buf, 0x2A, sizeof(buf)); memset(buf, 0x2A, sizeof(buf));
TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size, TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size,