eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065)

Browse source 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemyslaw Stekiel 2021-10-13 11:12:08 +02:00
parent 1ecfdea002
commit 4cad4fc8a9
1 changed files with 49 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

43
library/psa_crypto.c
View file

@ -3621,9 +3621,10 @@ static psa_status_t psa_aead_check_nonce_length( psa_algorithm_t alg,
{ {
psa_algorithm_t base_alg = psa_aead_get_base_algorithm( alg ); psa_algorithm_t base_alg = psa_aead_get_base_algorithm( alg );
#if defined(PSA_WANT_ALG_GCM) switch(base_alg)
if( base_alg == PSA_ALG_GCM )
{ {
#if defined(PSA_WANT_ALG_GCM)
case PSA_ALG_GCM:
/* Not checking max nonce size here as GCM spec allows almost /* Not checking max nonce size here as GCM spec allows almost
* arbitrarily large nonces. Please note that we do not generally * arbitrarily large nonces. Please note that we do not generally
* recommend the usage of nonces of greater length than * recommend the usage of nonces of greater length than
@ -3632,23 +3633,23 @@ static psa_status_t psa_aead_check_nonce_length( psa_algorithm_t alg,
* large number of messages.*/ * large number of messages.*/
if( nonce_length != 0 ) if( nonce_length != 0 )
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} break;
#endif /* PSA_WANT_ALG_GCM */ #endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM) #if defined(PSA_WANT_ALG_CCM)
if( base_alg == PSA_ALG_CCM ) case PSA_ALG_CCM:
{
if( nonce_length >= 7 && nonce_length <= 13 ) if( nonce_length >= 7 && nonce_length <= 13 )
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} break;
else
#endif /* PSA_WANT_ALG_CCM */ #endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
if( base_alg == PSA_ALG_CHACHA20_POLY1305 ) case PSA_ALG_CHACHA20_POLY1305:
{
if( nonce_length == 12 ) if( nonce_length == 12 )
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} break;
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
default:
break;
}
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
} }
@ -3950,9 +3951,10 @@ psa_status_t psa_aead_set_lengths( psa_aead_operation_t *operation,
goto exit; goto exit;
} }
#if defined(PSA_WANT_ALG_GCM) switch(operation->alg)
if( operation->alg == PSA_ALG_GCM )
{ {
#if defined(PSA_WANT_ALG_GCM)
case PSA_ALG_GCM:
/* Lengths can only be too large for GCM if size_t is bigger than 32 /* Lengths can only be too large for GCM if size_t is bigger than 32
* bits. Without the guard this code will generate warnings on 32bit * bits. Without the guard this code will generate warnings on 32bit
* builds. */ * builds. */
@ -3964,26 +3966,25 @@ psa_status_t psa_aead_set_lengths( psa_aead_operation_t *operation,
goto exit; goto exit;
} }
#endif #endif
} break;
else
#endif /* PSA_WANT_ALG_GCM */ #endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM) #if defined(PSA_WANT_ALG_CCM)
if( operation->alg == PSA_ALG_CCM ) case PSA_ALG_CCM:
{
if( ad_length > 0xFF00 ) if( ad_length > 0xFF00 )
{ {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
goto exit; goto exit;
} }
} break;
else
#endif /* PSA_WANT_ALG_CCM */ #endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) case PSA_ALG_CHACHA20_POLY1305:
{
/* No length restrictions for ChaChaPoly. */ /* No length restrictions for ChaChaPoly. */
} break;
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
default:
break;
}
status = psa_driver_wrapper_aead_set_lengths( operation, ad_length, status = psa_driver_wrapper_aead_set_lengths( operation, ad_length,
plaintext_length ); plaintext_length );