commit 358e0ea464881cbffc6322942803ff2a7d7e9d23
author Bence Szépkúti <bence.szepkuti@arm.com> Wed Nov 17 14:03:08 2021 +0100
committer Bence Szépkúti <bence.szepkuti@arm.com> Wed Nov 17 14:03:08 2021 +0100
tree f744b322642219ce4c9147df102d2f93c78868e0
parent 1a3201a7b93e640d312673ce745cc3d882a04e47

Indicate nonce sizes invalid for ChaCha20-Poly1305

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>

library/psa_crypto_aead.c

diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index 356679c..99f2e4d 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -224,7 +224,16 @@
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
     if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
     {
-        if( nonce_length != 12 || operation.tag_length != 16 )
+        if( nonce_length != 12 )
+        {
+            if( nonce_length == 8 )
+                status = PSA_ERROR_NOT_SUPPORTED;
+            else
+                status = PSA_ERROR_INVALID_ARGUMENT;
+            goto exit;
+        }
+
+        if( operation.tag_length != 16 )
         {
             status = PSA_ERROR_NOT_SUPPORTED;
             goto exit;
@@ -331,7 +340,16 @@
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
     if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
     {
-        if( nonce_length != 12 || operation.tag_length != 16 )
+        if( nonce_length != 12 )
+        {
+            if( nonce_length == 8 )
+                status = PSA_ERROR_NOT_SUPPORTED;
+            else
+                status = PSA_ERROR_INVALID_ARGUMENT;
+            goto exit;
+        }
+
+        if( operation.tag_length != 16 )
         {
             status = PSA_ERROR_NOT_SUPPORTED;
             goto exit;