commit 9e930e2887f1945bf9bbecf63be66435679ab144
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Jun 14 17:52:54 2023 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Jun 14 18:00:37 2023 +0200
tree 015a6c10f14953372636be0ea07d2d8d451551e8
parent 7282a9e1a076a06d6216a0c41d6faca56689c2d6

Rename MBEDTLS_CIPHER_BLKSIZE_MAX internally

Replace all occurrences of MBEDTLS_CIPHER_BLKSIZE_MAX by the new name with
the same semantics MBEDTLS_CMAC_MAX_BLOCK_SIZE, except when defining or
testing the old name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

include/mbedtls/cmac.h

diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 5f0a7cd..672aeba 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -68,11 +68,11 @@
  */
 struct mbedtls_cmac_context_t {
     /** The internal state of the CMAC algorithm.  */
-    unsigned char       MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char       MBEDTLS_PRIVATE(state)[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     /** Unprocessed data - either data that was not block aligned and is still
      *  pending processing, or the final block. */
-    unsigned char       MBEDTLS_PRIVATE(unprocessed_block)[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char       MBEDTLS_PRIVATE(unprocessed_block)[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     /** The length of data pending processing. */
     size_t              MBEDTLS_PRIVATE(unprocessed_len);

library/cmac.c

diff --git a/library/cmac.c b/library/cmac.c
index 7d90ad2..e5ac72e 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -114,7 +114,7 @@
                                  unsigned char *K1, unsigned char *K2)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char L[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
     size_t olen, block_size;
 
     mbedtls_platform_zeroize(L, sizeof(L));
@@ -152,7 +152,7 @@
  * We can't use the padding option from the cipher layer, as it only works for
  * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
  */
-static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
+static void cmac_pad(unsigned char padded_block[MBEDTLS_CMAC_MAX_BLOCK_SIZE],
                      size_t padded_block_len,
                      const unsigned char *last_block,
                      size_t last_block_len)
@@ -283,9 +283,9 @@
 {
     mbedtls_cmac_context_t *cmac_ctx;
     unsigned char *state, *last_block;
-    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K1[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
+    unsigned char K2[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
+    unsigned char M_last[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t olen, block_size;
 
@@ -332,7 +332,7 @@
     mbedtls_platform_zeroize(cmac_ctx->unprocessed_block,
                              sizeof(cmac_ctx->unprocessed_block));
 
-    mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX);
+    mbedtls_platform_zeroize(state, MBEDTLS_CMAC_MAX_BLOCK_SIZE);
     return ret;
 }
 
@@ -746,8 +746,8 @@
     int i, ret = 0;
     mbedtls_cipher_context_t ctx;
     const mbedtls_cipher_info_t *cipher_info;
-    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K1[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
+    unsigned char K2[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     cipher_info = mbedtls_cipher_info_from_type(cipher_type);
     if (cipher_info == NULL) {
@@ -841,7 +841,7 @@
 {
     const mbedtls_cipher_info_t *cipher_info;
     int i, ret = 0;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     cipher_info = mbedtls_cipher_info_from_type(cipher_type);
     if (cipher_info == NULL) {

tests/suites/test_suite_cmac.function

diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function
index 71b5f00..1b6fed0 100644
--- a/tests/suites/test_suite_cmac.function
+++ b/tests/suites/test_suite_cmac.function
@@ -20,9 +20,9 @@
 {
     mbedtls_cipher_context_t ctx;
     const mbedtls_cipher_info_t *cipher_info;
-    unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char test_key[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
+    unsigned char test_data[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
+    unsigned char test_output[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     mbedtls_cipher_init(&ctx);
 
@@ -133,7 +133,7 @@
 {
     const mbedtls_cipher_info_t *cipher_info;
     mbedtls_cipher_context_t ctx;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     /* Convert the test parameters to binary data */
 
@@ -212,7 +212,7 @@
 {
     const mbedtls_cipher_info_t *cipher_info;
     mbedtls_cipher_context_t ctx;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE];
 
     /* Convert the test parameters to binary data */