Remove redundant NIST_KW checks in cipher_auth_xxcrypt()

The internal functions mbedtls_cipher_aead_{encrypt,decrypt} reject
unsupported algorithms, so there's no need for an additional check in
the legacy wrappers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2020-12-04 00:31:09 +01:00 committed by Manuel Pégourié-Gonnard
parent 8a3d234859
commit e09aeb4923

View File

@ -1488,17 +1488,6 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
CIPHER_VALIDATE_RET( olen != NULL ); CIPHER_VALIDATE_RET( olen != NULL );
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
#if defined(MBEDTLS_NIST_KW_C)
if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
{
/* NIST_KW is not supported because we used to document the wrong size
* of the output buffer, so people should move to the _ext API,
* which has an explicit argument for buffer size. */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_NIST_KW_C */
return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
input, ilen, output, olen, input, ilen, output, olen,
tag, tag_len ) ); tag, tag_len ) );
@ -1522,17 +1511,6 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
CIPHER_VALIDATE_RET( olen != NULL ); CIPHER_VALIDATE_RET( olen != NULL );
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
#if defined(MBEDTLS_NIST_KW_C)
if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
{
/* NIST_KW is not supported because we used to document the wrong size
* of the output buffer, so people should move to the _ext API,
* which has an explicit argument for buffer size. */
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_NIST_KW_C */
return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
input, ilen, output, olen, input, ilen, output, olen,
tag, tag_len ) ); tag, tag_len ) );