Mark static int SSL functions CHECK_RETURN_CRITICAL
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
Manuel Pégourié-Gonnard
parent
66b0d61718
commit
a3115dc0e6
13 changed files with 243 additions and 0 deletions
|
|
@ -50,6 +50,7 @@
|
|||
* ProtocolVersion versions<2..254>;
|
||||
* } SupportedVersions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
|
@ -106,6 +107,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
* NamedGroup named_group_list<2..2^16-1>;
|
||||
* } NamedGroupList;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
|
@ -168,6 +170,7 @@ static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
* be needed.
|
||||
* - A negative value for fatal errors.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
|
@ -306,6 +309,7 @@ static void ssl_tls13_debug_print_client_hello_exts( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl,
|
||||
int exts_mask )
|
||||
{
|
||||
|
|
@ -313,6 +317,7 @@ static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl,
|
|||
return( masked == exts_mask );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
|
@ -322,6 +327,7 @@ static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
|
|||
MBEDTLS_SSL_EXT_SIG_ALG ) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( !mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) )
|
||||
|
|
@ -379,6 +385,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
|||
#define SSL_CLIENT_HELLO_OK 0
|
||||
#define SSL_CLIENT_HELLO_HRR_REQUIRED 1
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
|
@ -704,6 +711,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
|
||||
/* Update the handshake state machine */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -724,6 +732,7 @@ static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
|
|||
* Main entry point from the state machine; orchestrates the otherfunctions.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_client_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
||||
|
|
@ -762,6 +771,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_HELLO
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -797,6 +807,7 @@ static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl )
|
|||
* ProtocolVersion selected_version;
|
||||
* } SupportedVersions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello_supported_versions_ext(
|
||||
mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
|
|
@ -834,6 +845,7 @@ static int ssl_tls13_write_server_hello_supported_versions_ext(
|
|||
|
||||
/* Generate and export a single key share. For hybrid KEMs, this can
|
||||
* be called multiple times with the different components of the hybrid. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl,
|
||||
uint16_t named_group,
|
||||
unsigned char *buf,
|
||||
|
|
@ -887,6 +899,7 @@ static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl,
|
|||
* KeyShareEntry server_share;
|
||||
* } KeyShareServerHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
|
@ -930,6 +943,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
|
@ -1005,6 +1019,7 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
* Extension extensions<6..2^16-1>;
|
||||
* } ServerHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
|
@ -1131,6 +1146,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1151,6 +1167,7 @@ static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl )
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1189,6 +1206,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HELLO_RETRY_REQUEST
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_hello_retry_request_coordinate(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
|
@ -1216,6 +1234,7 @@ static int ssl_tls13_write_hello_retry_request_coordinate(
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_hello_retry_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1260,6 +1279,7 @@ cleanup:
|
|||
* } EncryptedExtensions;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
|
@ -1287,6 +1307,7 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1333,6 +1354,7 @@ cleanup:
|
|||
* indicating if the writing of the CertificateRequest
|
||||
* should be skipped or not.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int authmode;
|
||||
|
|
@ -1354,6 +1376,7 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
|||
* } CertificateRequest;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
|
@ -1400,6 +1423,7 @@ static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1447,6 +1471,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1468,6 +1493,7 @@ static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl );
|
||||
|
|
@ -1481,6 +1507,7 @@ static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1513,6 +1540,7 @@ static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -1541,6 +1569,7 @@ static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue