Merge pull request #4197 from bensze01/psa_ccm_nonce_length

Correct the maximum generated nonce length for CCM
2024-11-22 22:45:48 +01:00 · 2021-03-16 10:10:41 +01:00 · 2021-03-16 10:10:41 +01:00 · 01a622a1a4
commit 01a622a1a4
parent e483a77c85 0153c9436b
1 changed files with 5 additions and 4 deletions
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@ -351,9 +351,10 @@
 *         or the parameters are incompatible, return 0.
 */
 #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
-    (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 && \
-         (PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CCM || \
-          PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_GCM) ? 12 : \
+    (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
+          PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CCM ? 13 : \
+          PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_GCM ? 12 : \
+          0 : \
     (key_type) == PSA_KEY_TYPE_CHACHA20 && \
          PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \
     0)
@ -369,7 +370,7 @@
 *       just the largest size that may be generated by
 *       #psa_aead_generate_nonce().
 */
-#define PSA_AEAD_NONCE_MAX_SIZE 12
+#define PSA_AEAD_NONCE_MAX_SIZE 13

 /** A sufficient output buffer size for psa_aead_update().
 *