@@ -7995,63 +7995,6 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
79957995
79967996#endif
79977997
7998- #if !defined(NO_INLINE) && defined(__GNUC__)
7999- /* Inline for callers here in aes.c, but a callable local function for outside
8000- * callers. Don't use WC_INLINE unconditionally, because we can't count on
8001- * correct behavior beyond gcc/clang, and we don't want the the WC_MAYBE_UNUSED
8002- * attribute in NO_INLINE builds.
8003- */
8004- WC_INLINE
8005- #endif
8006- int wc_local_AesGcmCheckTagSz(word32 authTagSz) {
8007- #ifdef WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH
8008- #ifdef HAVE_FIPS
8009- #error WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH not allowed with FIPS 140.
8010- #endif
8011- wc_static_assert(WOLFSSL_MIN_AUTH_TAG_SZ >= 4);
8012- if ((authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) ||
8013- (authTagSz > WC_AES_BLOCK_SIZE))
8014- {
8015- WOLFSSL_MSG("AES-GCM unsupported authTagSz");
8016- return BAD_FUNC_ARG;
8017- }
8018- else
8019- return 0;
8020- #else
8021- /* A switch is actually better for the optimizer than most hand-rolled
8022- * equivalents, because it hands the compiler the exact value set and lets
8023- * it pick the best lowering per WOLFSSL_MIN_AUTH_TAG_SZ configuration.
8024- */
8025- switch (authTagSz) {
8026- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 4
8027- case 4:
8028- #endif
8029- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 8
8030- case 8:
8031- #endif
8032- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 12
8033- case 12:
8034- #endif
8035- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 13
8036- case 13:
8037- #endif
8038- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 14
8039- case 14:
8040- #endif
8041- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 15
8042- case 15:
8043- #endif
8044- #if WOLFSSL_MIN_AUTH_TAG_SZ <= 16
8045- case 16:
8046- #endif
8047- return 0;
8048- default:
8049- WOLFSSL_MSG("AES-GCM unsupported authTagSz");
8050- return BAD_FUNC_ARG;
8051- }
8052- #endif
8053- }
8054-
80557998#if defined(WOLFSSL_RISCV_ASM)
80567999 /* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
80578000
0 commit comments