For correct tag calculation in AES GCM mode in macOS the function wc_AesGcmSetKey must be used and not wc_AesSetKey

helkoulak · helkoulak · commit bdef49c4a660 · 2025-12-16T16:50:03.000+01:00
diff --git a/rustls-wolfcrypt-provider/src/aead/quic.rs b/rustls-wolfcrypt-provider/src/aead/quic.rs
@@ -590,12 +590,10 @@ impl AesCipher {
 
         // Prepare aes_object for encryption
         ret = unsafe {
-            wc_AesSetKey(
+            wc_AesGcmSetKey(
                 self.aes_object.as_ptr(),
                 self.key.as_ptr(),
                 self.key.len() as word32,
-                ptr::null_mut(),
-                0,
             )
         };
         check_if_zero(ret).unwrap();
@@ -633,12 +631,10 @@ impl AesCipher {
 
         // Prepare aes_object for decryption
         ret = unsafe {
-            wc_AesSetKey(
+            wc_AesGcmSetKey(
                 self.aes_object.as_ptr(),
                 self.key.as_ptr(),
                 self.key.len() as word32,
-                ptr::null_mut(),
-                0,
             )
         };
         check_if_zero(ret).unwrap();
