psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065)
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ece64b1..2299da3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3621,34 +3621,35 @@
{
psa_algorithm_t base_alg = psa_aead_get_base_algorithm( alg );
-#if defined(PSA_WANT_ALG_GCM)
- if( base_alg == PSA_ALG_GCM )
+ switch(base_alg)
{
- /* Not checking max nonce size here as GCM spec allows almost
- * arbitrarily large nonces. Please note that we do not generally
- * recommend the usage of nonces of greater length than
- * PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter
- * size, which can then lead to collisions if you encrypt a very
- * large number of messages.*/
- if( nonce_length != 0 )
- return( PSA_SUCCESS );
- }
+#if defined(PSA_WANT_ALG_GCM)
+ case PSA_ALG_GCM:
+ /* Not checking max nonce size here as GCM spec allows almost
+ * arbitrarily large nonces. Please note that we do not generally
+ * recommend the usage of nonces of greater length than
+ * PSA_AEAD_NONCE_MAX_SIZE, as large nonces are hashed to a shorter
+ * size, which can then lead to collisions if you encrypt a very
+ * large number of messages.*/
+ if( nonce_length != 0 )
+ return( PSA_SUCCESS );
+ break;
#endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM)
- if( base_alg == PSA_ALG_CCM )
- {
- if( nonce_length >= 7 && nonce_length <= 13 )
- return( PSA_SUCCESS );
- }
- else
+ case PSA_ALG_CCM:
+ if( nonce_length >= 7 && nonce_length <= 13 )
+ return( PSA_SUCCESS );
+ break;
#endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
- if( base_alg == PSA_ALG_CHACHA20_POLY1305 )
- {
- if( nonce_length == 12 )
- return( PSA_SUCCESS );
- }
+ case PSA_ALG_CHACHA20_POLY1305:
+ if( nonce_length == 12 )
+ return( PSA_SUCCESS );
+ break;
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
+ default:
+ break;
+ }
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -3950,40 +3951,40 @@
goto exit;
}
-#if defined(PSA_WANT_ALG_GCM)
- if( operation->alg == PSA_ALG_GCM )
+ switch(operation->alg)
{
- /* Lengths can only be too large for GCM if size_t is bigger than 32
- * bits. Without the guard this code will generate warnings on 32bit
- * builds. */
+#if defined(PSA_WANT_ALG_GCM)
+ case PSA_ALG_GCM:
+ /* Lengths can only be too large for GCM if size_t is bigger than 32
+ * bits. Without the guard this code will generate warnings on 32bit
+ * builds. */
#if SIZE_MAX > UINT32_MAX
- if( (( uint64_t ) ad_length ) >> 61 != 0 ||
- (( uint64_t ) plaintext_length ) > 0xFFFFFFFE0ull )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
+ if( (( uint64_t ) ad_length ) >> 61 != 0 ||
+ (( uint64_t ) plaintext_length ) > 0xFFFFFFFE0ull )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
#endif
- }
- else
+ break;
#endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CCM)
- if( operation->alg == PSA_ALG_CCM )
- {
- if( ad_length > 0xFF00 )
- {
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
- }
- else
+ case PSA_ALG_CCM:
+ if( ad_length > 0xFF00 )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+ break;
#endif /* PSA_WANT_ALG_CCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
- if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
- {
- /* No length restrictions for ChaChaPoly. */
- }
+ case PSA_ALG_CHACHA20_POLY1305:
+ /* No length restrictions for ChaChaPoly. */
+ break;
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
+ default:
+ break;
+ }
status = psa_driver_wrapper_aead_set_lengths( operation, ad_length,
plaintext_length );