Add AEAD tag length to new mbedtls_cipher_setup_psa()
For AEAD ciphers, the information contained in mbedtls_cipher_info
is not enough to deduce a PSA algorithm value of type psa_algorithm_t.
This is because mbedtls_cipher_info doesn't contain the AEAD tag
length, while values of type psa_algorithm_t do.
This commit adds the AEAD tag length as a separate parameter
to mbedtls_cipher_setup_psa(). For Non-AEAD ciphers, the value
must be 0.
This approach is preferred over passing psa_algorithm_t directly
in order to keep the changes in existing code using the cipher layer
small.
diff --git a/library/cipher.c b/library/cipher.c
index 243c739..0b7c887 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -234,7 +234,8 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
- const mbedtls_cipher_info_t *cipher_info )
+ const mbedtls_cipher_info_t *cipher_info,
+ size_t taglen )
{
psa_algorithm_t alg;
mbedtls_cipher_context_psa *cipher_psa;
@@ -242,7 +243,7 @@
if( NULL == cipher_info || NULL == ctx )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode );
+ alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
if( alg == 0)
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
