TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 441907ec30a837e20bdd4cd7d6f4ec9e0b3928f0^! / .
commit441907ec30a837e20bdd4cd7d6f4ec9e0b3928f0[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Tue Apr 13 16:09:32 2021 +0200
committerGilles Peskine <Gilles.Peskine@arm.com>Thu Apr 15 18:41:38 2021 +0200
tree0b5fe92dc64769d0375a2f37bc38c49aa4bf1acd
parent58fc272af9359a171e6a9549ab6385feedc9a2dd [diff]
Remove alignment requirement for mbedtls_gcm_update: documentation

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt
new file mode 100644
index 0000000..4511fec
--- /dev/null
+++ b/ChangeLog.d/gcm-update.txt

@@ -0,0 +1,4 @@
+Features
+   * The multi-part GCM interface (mbedtls_gcm_update() or
+     mbedtls_cipher_update()) no longer requires the size of partial inputs to
+     be a multiple of 16.

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index bfc911f..eaa49b1 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h

@@ -727,11 +727,6 @@
  *                      Exception: For MBEDTLS_MODE_ECB, expects a single block
  *                      in size. For example, 16 Bytes for AES.
  *
- * \note                If the underlying cipher is used in GCM mode, all calls
- *                      to this function, except for the last one before
- *                      mbedtls_cipher_finish(), must have \p ilen as a
- *                      multiple of the block size of the cipher.
- *
  * \param ctx           The generic cipher context. This must be initialized and
  *                      bound to a key.
  * \param input         The buffer holding the input data. This must be a

diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 6b67361..8a26ebb 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h

@@ -249,17 +249,12 @@
  * \brief           This function feeds an input buffer into an ongoing GCM
  *                  encryption or decryption operation.
  *
- *    `             The function expects input to be a multiple of 16
- *                  Bytes. Only the last call before calling
- *                  mbedtls_gcm_finish() can be less than 16 Bytes.
- *
  * \note            For decryption, the output buffer cannot be the same as
  *                  input buffer. If the buffers overlap, the output buffer
  *                  must trail at least 8 Bytes behind the input buffer.
  *
  * \param ctx       The GCM context. This must be initialized.
- * \param length    The length of the input data. This must be a multiple of
- *                  16 except in the last call before mbedtls_gcm_finish().
+ * \param length    The length of the input data.
  * \param input     The buffer holding the input data. If \p length is greater
  *                  than zero, this must be a readable buffer of at least that
  *                  size in Bytes.