commit ed68d7464d3444f6627b5a8137f708abe197256d
author Paul Elliott <paul.elliott@arm.com> Thu Jun 24 20:37:32 2021 +0100
committer Paul Elliott <paul.elliott@arm.com> Thu Jun 24 20:40:47 2021 +0100
tree 66524d400f6bde259b0d377500b7f10335d74aa5
parent c2b7144da0f807e2ae1b2c64ab2b5184cd41ac53

Move buffer size checks up to psa_crypto layer

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

library/psa_crypto_aead.c

diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index 1a515a1..f2096ce 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -603,21 +603,11 @@
    mbedtls_psa_aead_verify() */
 static psa_status_t mbedtls_psa_aead_finish_checks(
     mbedtls_psa_aead_operation_t *operation,
-    size_t output_size,
     size_t tag_size )
 {
-    size_t finish_output_size;
-
     if( tag_size < operation->tag_length )
         return ( PSA_ERROR_BUFFER_TOO_SMALL );
 
-    finish_output_size = operation->is_encrypt ?
-        PSA_AEAD_FINISH_OUTPUT_SIZE( operation->key_type, operation->alg ) :
-        PSA_AEAD_VERIFY_OUTPUT_SIZE( operation->key_type, operation->alg );
-
-    if( output_size < finish_output_size )
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
-
     return ( PSA_SUCCESS );
 }
 
@@ -634,8 +624,7 @@
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     size_t finish_output_size = 0;
 
-    status = mbedtls_psa_aead_finish_checks( operation, ciphertext_size,
-                                             tag_size );
+    status = mbedtls_psa_aead_finish_checks( operation, tag_size );
 
     if( status != PSA_SUCCESS )
         return status;
@@ -690,8 +679,7 @@
     int do_tag_check = 1;
     uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
 
-    status = mbedtls_psa_aead_finish_checks( operation, plaintext_size,
-                                             tag_length );
+    status = mbedtls_psa_aead_finish_checks( operation, tag_length );
 
     if( status != PSA_SUCCESS )
         return status;