Don't directly access key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/library/cipher.c b/library/cipher.c
index 81e855d..7dc09ee 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -129,7 +129,7 @@
for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
if (def->info->base->cipher == cipher_id &&
- def->info->key_bitlen == (unsigned) key_bitlen &&
+ mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen &&
def->info->mode == mode) {
return def->info;
}
@@ -323,7 +323,7 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
- (int) ctx->cipher_info->key_bitlen != key_bitlen) {
+ (int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
diff --git a/library/pkcs12.c b/library/pkcs12.c
index ce2dcf2..a0966f6 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -151,7 +151,7 @@
return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
}
- keylen = cipher_info->key_bitlen / 8;
+ keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
key, keylen,
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 94da981..6cbb520 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -176,7 +176,7 @@
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
* since it is optional and we don't know if it was set or not
*/
- keylen = cipher_info->key_bitlen / 8;
+ keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
enc_scheme_params.len != cipher_info->iv_size) {
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index e8bbc78..6027671 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -1143,10 +1143,10 @@
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
CHK(cipher_info != NULL);
CHK(cipher_info->iv_size <= 16);
- CHK(cipher_info->key_bitlen % 8 == 0);
+ CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0);
/* Pick keys */
- keylen = cipher_info->key_bitlen / 8;
+ keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
/* Allocate `keylen + 1` bytes to ensure that we get
* a non-NULL pointers from `mbedtls_calloc` even if
* `keylen == 0` in the case of the NULL cipher. */
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index f842045..aa2849b 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -586,12 +586,12 @@
ASSERT_ALLOC(iv, iv_len);
memset(iv, 0, iv_len);
- TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen);
+ TEST_ASSERT(sizeof(key) * 8 >= mbedtls_cipher_info_get_key_bitlen(cipher_info));
TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec,
- key, cipher_info->key_bitlen,
+ key, mbedtls_cipher_info_get_key_bitlen(cipher_info),
MBEDTLS_DECRYPT));
TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));