diff --git a/ChangeLog.d/psa-crypto-new-wildcard-policies.txt b/ChangeLog.d/psa-crypto-new-wildcard-policies.txt index d27f48096..56fbbc9b5 100644 --- a/ChangeLog.d/psa-crypto-new-wildcard-policies.txt +++ b/ChangeLog.d/psa-crypto-new-wildcard-policies.txt @@ -1,8 +1,5 @@ Features - * Added PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG and - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC as wildcard algorithms in PSA Crypto. - These algorithm values describe that a key is allowed to be used with any - algorithm that matches the specified base algorithm (e.g PSA_ALG_CCM for - AEAD or PSA_ALG_CMAC for MAC) and has a tag/MAC length which is at least - as long as the one encoded in the AT_LEAST_THIS_LENGTH_MAC/TAG wildcard - algorithm. + * In the PSA API, the policy for a MAC or AEAD algorithm can specify a + minimum MAC or tag length thanks to the new wildcards + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC and + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e04b43b98..0375cca12 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -675,7 +675,7 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( return( alg1 ); } /* If the policies are from the same AEAD family, check whether - * one f them is a minimum-tag-length wildcard. Calculate the most + * one of them is a minimum-tag-length wildcard. Calculate the most * restrictive tag length. */ if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) && ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) == @@ -685,7 +685,7 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 ); size_t max_len = alg1_len > alg2_len ? alg1_len : alg2_len; - /* If both are wildcards, return most restricitve wildcard */ + /* If both are wildcards, return most restrictive wildcard */ if( ( ( alg1 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) && ( ( alg2 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) ) {