NIST_KW in cipher: credit the reporter
This issue was found by Guido Vranken's Cryptofuzz running on the
OSS-Fuzz platform.
Fix #3665
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/ChangeLog.d/cipher-auth-crypt-nist-kw.txt b/ChangeLog.d/cipher-auth-crypt-nist-kw.txt
index 63519a1..fd18e85 100644
--- a/ChangeLog.d/cipher-auth-crypt-nist-kw.txt
+++ b/ChangeLog.d/cipher-auth-crypt-nist-kw.txt
@@ -3,7 +3,8 @@
mbedtls_cipher_auth_decrypt() no longer accept NIST_KW contexts,
as they have no way to check if the output buffer is large enough.
Please use mbedtls_cipher_auth_encrypt_ext() and
- mbedtls_cipher_auth_decrypt_ext() instead.
+ mbedtls_cipher_auth_decrypt_ext() instead. Credit to OSS-Fuzz and
+ Cryptofuzz. Fixes #3665.
Security
* The functions mbedtls_cipher_auth_encrypt() and
