New macro PSA_AEAD_TAG_SIZE, use it for PSA_AEAD_xxx_OUTPUT_SIZE
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 7286ef9..9806c95 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1073,6 +1073,25 @@
* @{
*/
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(alg) is true).
+ *
+ * \return The tag size for the specified algorithm.
+ * If the AEAD algorithm does not have an identified
+ * tag that can be distinguished from the rest of
+ * the ciphertext, return 0.
+ * If the AEAD algorithm is not recognized, return 0.
+ * An implementation may return either 0 or a
+ * correct size for an AEAD algorithm that it
+ * recognizes, but does not support.
+ */
+#define PSA_AEAD_TAG_SIZE(alg) \
+ ((alg) == PSA_ALG_GCM ? 16 : \
+ (alg) == PSA_ALG_CCM ? 16 : \
+ 0)
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
*
@@ -1094,8 +1113,8 @@
* recognizes, but does not support.
*/
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \
- ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \
- (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 : \
+ (PSA_AEAD_TAG_SIZE(alg) != 0 ? \
+ (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) : \
0)
/** Process an authenticated encryption operation.
@@ -1170,9 +1189,9 @@
* correct size for an AEAD algorithm that it
* recognizes, but does not support.
*/
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \
- ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \
- (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 : \
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \
+ (PSA_AEAD_TAG_SIZE(alg) != 0 ? \
+ (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) : \
0)
/** Process an authenticated decryption operation.