add iv_required field to psa_cipher_operation_s and fix relevant functions
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 2975bdc..639c15e 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -101,6 +101,7 @@
{
psa_algorithm_t alg;
int key_set : 1;
+ int iv_required : 1;
int iv_set : 1;
uint8_t iv_size;
uint8_t block_size;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b29b763..c5a8456 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1309,9 +1309,10 @@
mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE;
operation->alg = alg;
- operation->key_set = 0;
- operation->iv_set = 0;
- operation->iv_size = 0;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_required = 1;
+ operation->iv_size = 0;
operation->block_size = 0;
status = psa_get_key_information( key, &key_type, &key_bits );
@@ -1397,7 +1398,7 @@
size_t *iv_length)
{
int ret = PSA_SUCCESS;
- if( operation->iv_set )
+ if( operation->iv_set || !( operation->iv_required ) )
return( PSA_ERROR_BAD_STATE );
if( iv_size < operation->iv_size )
{
@@ -1425,7 +1426,7 @@
size_t iv_length)
{
int ret = PSA_SUCCESS;
- if( operation->iv_set )
+ if( operation->iv_set || !( operation->iv_required ) )
return( PSA_ERROR_BAD_STATE );
if (iv_length != operation->iv_size)
{
@@ -1442,6 +1443,7 @@
}
operation->iv_set = 1;
+ operation->iv_required = 0;
return ( PSA_SUCCESS );
}
@@ -1480,7 +1482,7 @@
if( ! operation->key_set )
return( PSA_ERROR_BAD_STATE );
- if( ! operation->iv_set )
+ if ( operation->iv_required && ! operation->iv_set )
return( PSA_ERROR_BAD_STATE );
if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
{
@@ -1515,10 +1517,11 @@
mbedtls_cipher_free( &operation->ctx.cipher );
operation->alg = 0;
- operation->key_set = 0;
- operation->iv_set = 0;
- operation->iv_size = 0;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_size = 0;
operation->block_size = 0;
+ operation->iv_required = 0;
return ( PSA_SUCCESS );
}