The GCM multipart interface has changed as described in “GCM multipart interface: application changes”. The consequences for an alternative implementation of GCM (
MBEDTLS_GCM_ALT) are as follows:
mbedtls_gcm_starts()now only sets the mode and the nonce (IV). The new function
mbedtls_gcm_update_ad()receives the associated data. It may be called multiple times.
mbedtls_gcm_update()now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes:
mbedtls_gcm_finish()now takes an extra output buffer for the last partial block if needed.