1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-24 13:32:59 +03:00

psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065)

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemyslaw Stekiel
2021-10-13 11:12:08 +02:00
parent 1ecfdea002
commit 4cad4fc8a9

View File

@@ -3621,34 +3621,35 @@ static psa_status_t psa_aead_check_nonce_length( psa_algorithm_t alg,
{ {
psa_algorithm_t base_alg = psa_aead_get_base_algorithm( alg ); psa_algorithm_t base_alg = psa_aead_get_base_algorithm( alg );
#if defined(PSA_WANT_ALG_GCM) switch(base_alg)
if( base_alg == PSA_ALG_GCM )
{ {
/* Not checking max nonce size here as GCM spec allows almost #if defined(PSA_WANT_ALG_GCM)
* arbitrarily large nonces. Please note that we do not generally case PSA_ALG_GCM:
* recommend the usage of nonces of greater length than /* Not checking max nonce size here as GCM spec allows almost
* PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter * arbitrarily large nonces. Please note that we do not generally
* size, which can then lead to collisions if you encrypt a very * recommend the usage of nonces of greater length than
* large number of messages.*/ * PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter
if( nonce_length != 0 ) * size, which can then lead to collisions if you encrypt a very
return( PSA_SUCCESS ); * large number of messages.*/
} if( nonce_length != 0 )
return( PSA_SUCCESS );
break;
#endif /* PSA_WANT_ALG_GCM */ #endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM) #if defined(PSA_WANT_ALG_CCM)
if( base_alg == PSA_ALG_CCM ) case PSA_ALG_CCM:
{ if( nonce_length >= 7 && nonce_length <= 13 )
if( nonce_length >= 7 && nonce_length <= 13 ) return( PSA_SUCCESS );
return( PSA_SUCCESS ); break;
}
else
#endif /* PSA_WANT_ALG_CCM */ #endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
if( base_alg == PSA_ALG_CHACHA20_POLY1305 ) case PSA_ALG_CHACHA20_POLY1305:
{ if( nonce_length == 12 )
if( nonce_length == 12 ) return( PSA_SUCCESS );
return( PSA_SUCCESS ); break;
}
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
default:
break;
}
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
} }
@@ -3950,40 +3951,40 @@ psa_status_t psa_aead_set_lengths( psa_aead_operation_t *operation,
goto exit; goto exit;
} }
#if defined(PSA_WANT_ALG_GCM) switch(operation->alg)
if( operation->alg == PSA_ALG_GCM )
{ {
/* Lengths can only be too large for GCM if size_t is bigger than 32 #if defined(PSA_WANT_ALG_GCM)
* bits. Without the guard this code will generate warnings on 32bit case PSA_ALG_GCM:
* builds. */ /* Lengths can only be too large for GCM if size_t is bigger than 32
* bits. Without the guard this code will generate warnings on 32bit
* builds. */
#if SIZE_MAX > UINT32_MAX #if SIZE_MAX > UINT32_MAX
if( (( uint64_t ) ad_length ) >> 61 != 0 || if( (( uint64_t ) ad_length ) >> 61 != 0 ||
(( uint64_t ) plaintext_length ) > 0xFFFFFFFE0ull ) (( uint64_t ) plaintext_length ) > 0xFFFFFFFE0ull )
{ {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
goto exit; goto exit;
} }
#endif #endif
} break;
else
#endif /* PSA_WANT_ALG_GCM */ #endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM) #if defined(PSA_WANT_ALG_CCM)
if( operation->alg == PSA_ALG_CCM ) case PSA_ALG_CCM:
{ if( ad_length > 0xFF00 )
if( ad_length > 0xFF00 ) {
{ status = PSA_ERROR_INVALID_ARGUMENT;
status = PSA_ERROR_INVALID_ARGUMENT; goto exit;
goto exit; }
} break;
}
else
#endif /* PSA_WANT_ALG_CCM */ #endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) case PSA_ALG_CHACHA20_POLY1305:
{ /* No length restrictions for ChaChaPoly. */
/* No length restrictions for ChaChaPoly. */ break;
}
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
default:
break;
}
status = psa_driver_wrapper_aead_set_lengths( operation, ad_length, status = psa_driver_wrapper_aead_set_lengths( operation, ad_length,
plaintext_length ); plaintext_length );