mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 10:04:24 +01:00
Remove redundant NIST_KW checks in cipher_auth_xxcrypt()
The internal functions mbedtls_cipher_aead_{encrypt,decrypt} reject unsupported algorithms, so there's no need for an additional check in the legacy wrappers. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
8a3d234859
commit
e09aeb4923
@ -1488,17 +1488,6 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
|
|||||||
CIPHER_VALIDATE_RET( olen != NULL );
|
CIPHER_VALIDATE_RET( olen != NULL );
|
||||||
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
|
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
|
||||||
|
|
||||||
#if defined(MBEDTLS_NIST_KW_C)
|
|
||||||
if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
|
|
||||||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
|
|
||||||
{
|
|
||||||
/* NIST_KW is not supported because we used to document the wrong size
|
|
||||||
* of the output buffer, so people should move to the _ext API,
|
|
||||||
* which has an explicit argument for buffer size. */
|
|
||||||
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
|
||||||
}
|
|
||||||
#endif /* MBEDTLS_NIST_KW_C */
|
|
||||||
|
|
||||||
return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
|
return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
|
||||||
input, ilen, output, olen,
|
input, ilen, output, olen,
|
||||||
tag, tag_len ) );
|
tag, tag_len ) );
|
||||||
@ -1522,17 +1511,6 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
|
|||||||
CIPHER_VALIDATE_RET( olen != NULL );
|
CIPHER_VALIDATE_RET( olen != NULL );
|
||||||
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
|
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
|
||||||
|
|
||||||
#if defined(MBEDTLS_NIST_KW_C)
|
|
||||||
if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
|
|
||||||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
|
|
||||||
{
|
|
||||||
/* NIST_KW is not supported because we used to document the wrong size
|
|
||||||
* of the output buffer, so people should move to the _ext API,
|
|
||||||
* which has an explicit argument for buffer size. */
|
|
||||||
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
|
||||||
}
|
|
||||||
#endif /* MBEDTLS_NIST_KW_C */
|
|
||||||
|
|
||||||
return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
|
return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
|
||||||
input, ilen, output, olen,
|
input, ilen, output, olen,
|
||||||
tag, tag_len ) );
|
tag, tag_len ) );
|
||||||
|
Loading…
Reference in New Issue
Block a user