Change DES and AES functions to MBEDTLS_CHECK_RETURN_TYPICAL
For all of these functions, the only possible failures are a hardware accelerator (not possible unless using an ALT implementation), an internal error or runtime corruption. Exception: the self-tests, which serve little purpose if their status isn't tested. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
463adf4536
commit
e41803af9c
2 changed files with 27 additions and 27 deletions
|
@ -164,7 +164,7 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
|
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
|
||||||
unsigned int keybits );
|
unsigned int keybits );
|
||||||
|
|
||||||
|
@ -183,7 +183,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
|
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
|
||||||
unsigned int keybits );
|
unsigned int keybits );
|
||||||
|
|
||||||
|
@ -204,7 +204,7 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
|
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
|
||||||
const unsigned char *key,
|
const unsigned char *key,
|
||||||
unsigned int keybits );
|
unsigned int keybits );
|
||||||
|
@ -225,7 +225,7 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
|
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
|
||||||
const unsigned char *key,
|
const unsigned char *key,
|
||||||
unsigned int keybits );
|
unsigned int keybits );
|
||||||
|
@ -254,7 +254,7 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
|
||||||
|
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
const unsigned char input[16],
|
const unsigned char input[16],
|
||||||
|
@ -302,7 +302,7 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
||||||
* on failure.
|
* on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -347,7 +347,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
||||||
* smaller than an AES block in size (16 Bytes) or if \p
|
* smaller than an AES block in size (16 Bytes) or if \p
|
||||||
* length is larger than 2^20 blocks (16 MiB).
|
* length is larger than 2^20 blocks (16 MiB).
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -396,7 +396,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -441,7 +441,7 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -496,7 +496,7 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
||||||
size_t length,
|
size_t length,
|
||||||
size_t *iv_off,
|
size_t *iv_off,
|
||||||
|
@ -583,7 +583,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
|
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
|
||||||
size_t length,
|
size_t length,
|
||||||
size_t *nc_off,
|
size_t *nc_off,
|
||||||
|
@ -604,7 +604,7 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
|
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
|
||||||
const unsigned char input[16],
|
const unsigned char input[16],
|
||||||
unsigned char output[16] );
|
unsigned char output[16] );
|
||||||
|
@ -620,7 +620,7 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
|
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
|
||||||
const unsigned char input[16],
|
const unsigned char input[16],
|
||||||
unsigned char output[16] );
|
unsigned char output[16] );
|
||||||
|
@ -632,7 +632,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return \c 1 on failure.
|
* \return \c 1 on failure.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int mbedtls_aes_self_test( int verbose );
|
int mbedtls_aes_self_test( int verbose );
|
||||||
|
|
||||||
#endif /* MBEDTLS_SELF_TEST */
|
#endif /* MBEDTLS_SELF_TEST */
|
||||||
|
|
|
@ -140,7 +140,7 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -154,7 +154,7 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -169,7 +169,7 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -184,7 +184,7 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -195,7 +195,7 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB
|
||||||
*
|
*
|
||||||
* \return 0
|
* \return 0
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
|
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
|
||||||
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
|
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
|
||||||
|
|
||||||
|
@ -207,7 +207,7 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
|
||||||
*
|
*
|
||||||
* \return 0
|
* \return 0
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
|
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
|
||||||
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
|
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
|
||||||
|
|
||||||
|
@ -219,7 +219,7 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
|
||||||
*
|
*
|
||||||
* \return 0
|
* \return 0
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
|
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
|
||||||
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
|
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
|
||||||
|
|
||||||
|
@ -231,7 +231,7 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
|
||||||
*
|
*
|
||||||
* \return 0
|
* \return 0
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
|
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
|
||||||
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
|
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
|
||||||
|
|
||||||
|
@ -248,7 +248,7 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
|
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
|
||||||
const unsigned char input[8],
|
const unsigned char input[8],
|
||||||
unsigned char output[8] );
|
unsigned char output[8] );
|
||||||
|
@ -276,7 +276,7 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
|
||||||
* security risk. We recommend considering stronger ciphers
|
* security risk. We recommend considering stronger ciphers
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
|
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -294,7 +294,7 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
|
||||||
*
|
*
|
||||||
* \return 0 if successful
|
* \return 0 if successful
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
|
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
|
||||||
const unsigned char input[8],
|
const unsigned char input[8],
|
||||||
unsigned char output[8] );
|
unsigned char output[8] );
|
||||||
|
@ -320,7 +320,7 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
|
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_TYPICAL
|
||||||
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
|
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
|
||||||
int mode,
|
int mode,
|
||||||
size_t length,
|
size_t length,
|
||||||
|
@ -351,7 +351,7 @@ void mbedtls_des_setkey( uint32_t SK[32],
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or 1 if the test failed
|
* \return 0 if successful, or 1 if the test failed
|
||||||
*/
|
*/
|
||||||
MBEDTLS_CHECK_RETURN
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
int mbedtls_des_self_test( int verbose );
|
int mbedtls_des_self_test( int verbose );
|
||||||
|
|
||||||
#endif /* MBEDTLS_SELF_TEST */
|
#endif /* MBEDTLS_SELF_TEST */
|
||||||
|
|
Loading…
Reference in a new issue