commit d179dc80a5b13189c79fe4531eacb28698a7a0e9
author Gilles Peskine <Gilles.Peskine@arm.com> Sun Jul 27 18:57:04 2025 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Mon Sep 08 12:22:39 2025 +0200
tree c1bc78e7f01235941f6306c7eb81974d8e55ec9a
parent d3e182e7dac9619b3efd7fa3de3452a160e7d971

Use mbedtls_psa_cipher_finish() in PSA

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/psa_crypto_cipher.c

diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index efc5813..4443d73 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -552,6 +552,7 @@
 {
     psa_status_t status = PSA_ERROR_GENERIC_ERROR;
     uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
+    size_t invalid_padding = 0;
 
     if (operation->ctx.cipher.unprocessed_len != 0) {
         if (operation->alg == PSA_ALG_ECB_NO_PADDING ||
@@ -562,9 +563,10 @@
     }
 
     status = mbedtls_to_psa_error(
-        mbedtls_cipher_finish(&operation->ctx.cipher,
-                              temp_output_buffer,
-                              output_length));
+        mbedtls_cipher_finish_padded(&operation->ctx.cipher,
+                                     temp_output_buffer,
+                                     output_length,
+                                     &invalid_padding));
     if (status != PSA_SUCCESS) {
         goto exit;
     }
@@ -581,6 +583,9 @@
     mbedtls_platform_zeroize(temp_output_buffer,
                              sizeof(temp_output_buffer));
 
+    if (status == PSA_SUCCESS && invalid_padding) {
+        status = PSA_ERROR_INVALID_PADDING;
+    }
     return status;
 }