Don't directly access iv_size

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

library/cipher.c

@@ -375,7 +375,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
     if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) {
         actual_iv_size = iv_len;
     } else {
-        actual_iv_size = ctx->cipher_info->iv_size;
+        actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info);
 
         /* avoid reading past the end of input buffer */
         if (actual_iv_size > iv_len) {
@@ -1363,7 +1363,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
 #if defined(MBEDTLS_CHACHAPOLY_C)
     if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
         /* ChachaPoly has fixed length nonce and MAC (tag) */
-        if ((iv_len != ctx->cipher_info->iv_size) ||
+        if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
             (tag_len != 16U)) {
             return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
         }
@@ -1459,7 +1459,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
         int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
         /* ChachaPoly has fixed length nonce and MAC (tag) */
-        if ((iv_len != ctx->cipher_info->iv_size) ||
+        if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
             (tag_len != 16U)) {
             return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
         }

library/pkcs12.c

@@ -155,7 +155,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
 
     if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
                                         key, keylen,
-                                        iv, cipher_info->iv_size)) != 0) {
+                                        iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
         return ret;
     }
 
@@ -171,7 +171,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
         goto exit;
     }
 
-    if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) {
+    if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
         goto exit;
     }
 

library/pkcs5.c

@@ -179,7 +179,7 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
     keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
 
     if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
-        enc_scheme_params.len != cipher_info->iv_size) {
+        enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) {
         return MBEDTLS_ERR_PKCS5_INVALID_FORMAT;
     }
 

library/ssl_tls.c

@@ -8420,7 +8420,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
         transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg);
 #else
-        transform->ivlen = cipher_info->iv_size;
+        transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
         /* Minimum length */

tests/src/test_helpers/ssl_helpers.c

@@ -1142,7 +1142,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
     /* Pick cipher */
     cipher_info = mbedtls_cipher_info_from_type(cipher_type);
     CHK(cipher_info != NULL);
-    CHK(cipher_info->iv_size <= 16);
+    CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16);
     CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0);
 
     /* Pick keys */
@@ -1273,7 +1273,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
 
     /* Pick IV's (regardless of whether they
      * are being used by the transform). */
-    ivlen = cipher_info->iv_size;
+    ivlen = mbedtls_cipher_info_get_iv_size(cipher_info);
     memset(iv_enc, 0x3, sizeof(iv_enc));
     memset(iv_dec, 0x4, sizeof(iv_dec));