| Manuel Pégourié-Gonnard | ee57ebe | 2021-05-31 12:25:01 +0200 | [diff] [blame] | 1 | Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations |
| 2 | ---------------------------------------------------------------------------- |
| 3 | |
| Manuel Pégourié-Gonnard | c01b87b | 2021-06-01 09:40:53 +0200 | [diff] [blame] | 4 | This only affects people who use the cipher module to perform AEAD operations |
| Manuel Pégourié-Gonnard | ee57ebe | 2021-05-31 12:25:01 +0200 | [diff] [blame] | 5 | using the multi-part API. |
| 6 | |
| 7 | Previously, the documentation didn't state explicitly if it was OK to call |
| 8 | `mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after |
| 9 | the last call to `mbedtls_cipher_update()` - that is, without calling |
| 10 | `mbedtls_cipher_finish()` in-between. If you code was missing that call, |
| 11 | please add it and be prepared to get as much as 15 bytes of output. |
| 12 | |
| 13 | Currently the output is always 0 bytes, but it may be more when alternative |
| 14 | implementations of the underlying primitives are in use, or with future |
| 15 | versions of the library. |