Fix mbed TLS ChaCha20 and Poly1305 usage and use constant time comparison for authentication tags
Previously the implementation of chacha20-poly1305 using ChaCha20 and Poly1305 from mbed TLS wasn't used, being the internal implementation always used instead.
With this, the chacha20-poly1305 will use the mbed TLS implementation when provided.
This also changes the authentication tag check to use a constant time comparison instead of memcmp in all back-ends.
Checklist
-
Commits have Signed-off-by:
with name/author being identical to the commit author -
Code modified for feature -
Test suite updated with functionality tests -
Test suite updated with negative tests -
Documentation updated
Reviewer's checklist:
-
Any issues marked for closing are addressed -
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTING.md -
This feature/change has adequate documentation added -
No obvious mistakes in the code
Edited by Anderson Sasaki