TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9282d4f13ad1a513a2f539ff0bed0e1925a6921d^! / . / library
commit9282d4f13ad1a513a2f539ff0bed0e1925a6921d[log] [tgz]
authorDave Rodgman <dave.rodgman@arm.com>Sat Jun 24 11:03:04 2023 +0100
committerDave Rodgman <dave.rodgman@arm.com>Sat Jun 24 11:07:40 2023 +0100
tree7e82b1dc22587c8ff977ce4133313b7e87779826
parent3319ae96798926b8f83a7cacf64d03c0db1c9531 [diff]
Don't directly access key_bitlen

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

diff --git a/library/cipher.c b/library/cipher.c
index 81e855d..7dc09ee 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -129,7 +129,7 @@
 
     for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
         if (def->info->base->cipher == cipher_id &&
-            def->info->key_bitlen == (unsigned) key_bitlen &&
+            mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen &&
             def->info->mode == mode) {
             return def->info;
         }
@@ -323,7 +323,7 @@
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
     if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
-        (int) ctx->cipher_info->key_bitlen != key_bitlen) {
+        (int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) {
         return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }
 

diff --git a/library/pkcs12.c b/library/pkcs12.c
index ce2dcf2..a0966f6 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c

@@ -151,7 +151,7 @@
         return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
     }
 
-    keylen = cipher_info->key_bitlen / 8;
+    keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
 
     if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
                                         key, keylen,

diff --git a/library/pkcs5.c b/library/pkcs5.c
index 94da981..6cbb520 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c

@@ -176,7 +176,7 @@
      * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
      * since it is optional and we don't know if it was set or not
      */
-    keylen = cipher_info->key_bitlen / 8;
+    keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
 
     if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
         enc_scheme_params.len != cipher_info->iv_size) {