chachapoly: force correct mode for integrated API Allowing DECRYPT with crypt_and_tag is a risk as people might fail to check the tag correctly (or at all). So force them to use auth_decrypt() instead. See also https://github.com/ARMmbed/mbedtls/pull/1668

commit: 3dc62a0a9b6776ca1f58724c5be01c77012edf94 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 04 12:18:19 2018 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 04 12:18:19 2018 +0200
tree: b3a4a9b824aecc4f1abeb68cab305b61eb379a39
parent: 26c3b0a4b18fc7c24a00499d3f5a909509ce2bbe [diff] [blame]
diff --git a/library/cipher.c b/library/cipher.c
index cf10094..5a96e2b 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -992,8 +992,7 @@
         }
 
         *olen = ilen;
-        return( mbedtls_chachapoly_crypt_and_tag( ctx->cipher_ctx,
-                                MBEDTLS_CHACHAPOLY_ENCRYPT,
+        return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx,
                                 ilen, iv, ad, ad_len, input, output, tag ) );
     }
 #endif /* MBEDTLS_CHACHAPOLY_C */
commit	3dc62a0a9b6776ca1f58724c5be01c77012edf94	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jun 04 12:18:19 2018 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jun 04 12:18:19 2018 +0200
tree	b3a4a9b824aecc4f1abeb68cab305b61eb379a39
parent	26c3b0a4b18fc7c24a00499d3f5a909509ce2bbe [diff] [blame]