Don't directly access iv_size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/library/cipher.c b/library/cipher.c
index 7dc09ee..dfbbbfd 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -375,7 +375,7 @@
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) {
actual_iv_size = iv_len;
} else {
- actual_iv_size = ctx->cipher_info->iv_size;
+ actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info);
/* avoid reading past the end of input buffer */
if (actual_iv_size > iv_len) {
@@ -1363,7 +1363,7 @@
#if defined(MBEDTLS_CHACHAPOLY_C)
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
/* ChachaPoly has fixed length nonce and MAC (tag) */
- if ((iv_len != ctx->cipher_info->iv_size) ||
+ if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
(tag_len != 16U)) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
@@ -1459,7 +1459,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* ChachaPoly has fixed length nonce and MAC (tag) */
- if ((iv_len != ctx->cipher_info->iv_size) ||
+ if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
(tag_len != 16U)) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
diff --git a/library/pkcs12.c b/library/pkcs12.c
index a0966f6..8540de2 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -155,7 +155,7 @@
if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
key, keylen,
- iv, cipher_info->iv_size)) != 0) {
+ iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
return ret;
}
@@ -171,7 +171,7 @@
goto exit;
}
- if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) {
+ if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
goto exit;
}
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 6cbb520..8d39eab 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -179,7 +179,7 @@
keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
- enc_scheme_params.len != cipher_info->iv_size) {
+ enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) {
return MBEDTLS_ERR_PKCS5_INVALID_FORMAT;
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f0067f4..36c96f2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8420,7 +8420,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg);
#else
- transform->ivlen = cipher_info->iv_size;
+ transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Minimum length */