diff --git a/ChangeLog.d/psa_cipher_update_ecp.txt b/ChangeLog.d/psa_cipher_update_ecp.txt new file mode 100644 index 000000000..1c3fbc6b1 --- /dev/null +++ b/ChangeLog.d/psa_cipher_update_ecp.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935. diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index f67b1ffed..5c78c2311 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -268,9 +268,8 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, * This does not need to be aligned to a block boundary. * If there is a partial block at the end of the input, * it is stored in \p ctx for future processing. - * \param output The buffer where the output is written. - * \param output_size The size of \p output in bytes. - * It must be at least `floor((p + input_length) / BS)` + * \param output The buffer where the output is written. Its size + * must be at least `floor((p + input_length) / BS)` * where `p` is the number of bytes in the unprocessed * partial block in \p ctx (`0 <= p <= BS - 1`) and * `BS` is the block size. @@ -284,7 +283,6 @@ static psa_status_t psa_cipher_update_ecb( const uint8_t *input, size_t input_length, uint8_t *output, - size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -324,7 +322,6 @@ static psa_status_t psa_cipher_update_ecb( goto exit; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; ctx->unprocessed_len = 0; } @@ -345,7 +342,6 @@ static psa_status_t psa_cipher_update_ecb( input += block_size; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; } @@ -400,7 +396,6 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, input, input_length, output, - output_size, output_length ); } else