mirror of
				https://github.com/Mbed-TLS/mbedtls.git
				synced 2025-10-26 00:37:41 +03:00 
			
		
		
		
	Merge pull request #941 from mpg/buf-overread-use-psa-static-ecdh-dev
Fix potential heap buffer overread with `USE_PSA_CRYPTO`
This commit is contained in:
		
							
								
								
									
										6
									
								
								ChangeLog.d/buf-overread-use-psa-static-ecdh.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								ChangeLog.d/buf-overread-use-psa-static-ecdh.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | ||||
| Security | ||||
|    * Fix a potential heap buffer overread in TLS 1.2 server-side when | ||||
|      MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with | ||||
|      mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite | ||||
|      is selected. This may result in an application crash or potentially an | ||||
|      information leak. | ||||
| @@ -216,32 +216,6 @@ typedef struct | ||||
| typedef void mbedtls_pk_restart_ctx; | ||||
| #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ | ||||
|  | ||||
| #if defined(MBEDTLS_RSA_C) | ||||
| /** | ||||
|  * Quick access to an RSA context inside a PK context. | ||||
|  * | ||||
|  * \warning You must make sure the PK context actually holds an RSA context | ||||
|  * before using this function! | ||||
|  */ | ||||
| static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) | ||||
| { | ||||
|     return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); | ||||
| } | ||||
| #endif /* MBEDTLS_RSA_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_ECP_C) | ||||
| /** | ||||
|  * Quick access to an EC context inside a PK context. | ||||
|  * | ||||
|  * \warning You must make sure the PK context actually holds an EC context | ||||
|  * before using this function! | ||||
|  */ | ||||
| static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) | ||||
| { | ||||
|     return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); | ||||
| } | ||||
| #endif /* MBEDTLS_ECP_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) | ||||
| /** | ||||
|  * \brief           Types for RSA-alt abstraction | ||||
| @@ -735,6 +709,55 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); | ||||
|  */ | ||||
| mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); | ||||
|  | ||||
| #if defined(MBEDTLS_RSA_C) | ||||
| /** | ||||
|  * Quick access to an RSA context inside a PK context. | ||||
|  * | ||||
|  * \warning This function can only be used when the type of the context, as | ||||
|  * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA. | ||||
|  * Ensuring that is the caller's responsibility. | ||||
|  * Alternatively, you can check whether this function returns NULL. | ||||
|  * | ||||
|  * \return The internal RSA context held by the PK context, or NULL. | ||||
|  */ | ||||
| static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) | ||||
| { | ||||
|     switch( mbedtls_pk_get_type( &pk ) ) | ||||
|     { | ||||
|         case MBEDTLS_PK_RSA: | ||||
|             return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); | ||||
|         default: | ||||
|             return( NULL ); | ||||
|     } | ||||
| } | ||||
| #endif /* MBEDTLS_RSA_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_ECP_C) | ||||
| /** | ||||
|  * Quick access to an EC context inside a PK context. | ||||
|  * | ||||
|  * \warning This function can only be used when the type of the context, as | ||||
|  * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY, | ||||
|  * #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA. | ||||
|  * Ensuring that is the caller's responsibility. | ||||
|  * Alternatively, you can check whether this function returns NULL. | ||||
|  * | ||||
|  * \return The internal EC context held by the PK context, or NULL. | ||||
|  */ | ||||
| static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) | ||||
| { | ||||
|     switch( mbedtls_pk_get_type( &pk ) ) | ||||
|     { | ||||
|         case MBEDTLS_PK_ECKEY: | ||||
|         case MBEDTLS_PK_ECKEY_DH: | ||||
|         case MBEDTLS_PK_ECDSA: | ||||
|             return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); | ||||
|         default: | ||||
|             return( NULL ); | ||||
|     } | ||||
| } | ||||
| #endif /* MBEDTLS_ECP_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_PK_PARSE_C) | ||||
| /** \ingroup pk_module */ | ||||
| /** | ||||
|   | ||||
| @@ -50,6 +50,7 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) | ||||
| #endif | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_cache_find_entry( mbedtls_ssl_cache_context *cache, | ||||
|                                  unsigned char const *session_id, | ||||
|                                  size_t session_id_len, | ||||
| @@ -124,6 +125,7 @@ exit: | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, | ||||
|                                         unsigned char const *session_id, | ||||
|                                         size_t session_id_len, | ||||
|   | ||||
| @@ -1778,6 +1778,7 @@ const int *mbedtls_ssl_list_ciphersuites( void ) | ||||
| static int supported_ciphersuites[MAX_CIPHERSUITES]; | ||||
| static int supported_init = 0; | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) | ||||
| { | ||||
|     (void)cs_info; | ||||
|   | ||||
| @@ -46,6 +46,7 @@ | ||||
| #include "ssl_debug_helpers.h" | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, | ||||
|                                    unsigned char *buf, | ||||
|                                    const unsigned char *end, | ||||
| @@ -129,6 +130,7 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, | ||||
|  * } ProtocolNameList; | ||||
|  * | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, | ||||
|                                unsigned char *buf, | ||||
|                                const unsigned char *end, | ||||
| @@ -226,6 +228,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, | ||||
|  * | ||||
|  * DHE groups are not supported yet. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
|                                            unsigned char *buf, | ||||
|                                            const unsigned char *end, | ||||
| @@ -308,6 +311,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || | ||||
|           MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_client_hello_cipher_suites( | ||||
|             mbedtls_ssl_context *ssl, | ||||
|             unsigned char *buf, | ||||
| @@ -424,6 +428,7 @@ static int ssl_write_client_hello_cipher_suites( | ||||
|  *     }; | ||||
|  * } ClientHello; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl, | ||||
|                                         unsigned char *buf, | ||||
|                                         unsigned char *end, | ||||
| @@ -654,6 +659,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_generate_random( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -691,6 +697,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
|   | ||||
| @@ -28,6 +28,7 @@ | ||||
|  | ||||
| #include <stddef.h> | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_client_hello( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #endif /* MBEDTLS_SSL_CLIENT_H */ | ||||
|   | ||||
| @@ -160,6 +160,7 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, | ||||
| /* | ||||
|  * Generate the HMAC part of a cookie | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, | ||||
|                             const unsigned char time[4], | ||||
|                             unsigned char **p, unsigned char *end, | ||||
|   | ||||
| @@ -1099,6 +1099,7 @@ struct mbedtls_ssl_flight_item | ||||
|  *                      (<> 0) or not ( 0 ). | ||||
|  * \param[out]  out_len Length of the data written into the buffer \p buf | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls12_write_client_hello_exts( mbedtls_ssl_context *ssl, | ||||
|                                                unsigned char *buf, | ||||
|                                                const unsigned char *end, | ||||
| @@ -1150,7 +1151,9 @@ void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl, | ||||
| void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl, | ||||
|                                          mbedtls_ssl_transform *transform ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); | ||||
| void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); | ||||
| static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl, | ||||
| @@ -1159,15 +1162,19 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl, | ||||
|     ssl->state = ( int ) state; | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_TLS1_2) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); | ||||
| #endif /* MBEDTLS_SSL_PROTO_TLS1_2  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); | ||||
| void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| @@ -1247,16 +1254,20 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); | ||||
|  *              following the above definition. | ||||
|  * | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, | ||||
|                              unsigned update_hs_digest ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); | ||||
|  | ||||
| /* | ||||
|  * Write handshake message header | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, | ||||
|                                      unsigned char **buf, size_t *buf_len ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, | ||||
|                                          int update_checksum, | ||||
|                                          int force_flush ); | ||||
| @@ -1268,19 +1279,28 @@ static inline int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Write handshake message tail | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, | ||||
|                                       size_t buf_len, size_t msg_len ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, | ||||
| @@ -1296,10 +1316,12 @@ void mbedtls_ssl_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | ||||
| #if !defined(MBEDTLS_USE_PSA_CRYPTO) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, | ||||
|                                       mbedtls_key_exchange_type_t key_ex ); | ||||
| #endif /* !MBEDTLS_USE_PSA_CRYPTO */ | ||||
| #if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_2) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ); | ||||
| #endif | ||||
|  | ||||
| @@ -1367,11 +1389,14 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); | ||||
| unsigned char mbedtls_ssl_hash_from_md_alg( int md ); | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_TLS1_2) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); | ||||
| #endif | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id ); | ||||
| #if defined(MBEDTLS_ECP_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); | ||||
| #endif | ||||
|  | ||||
| @@ -1426,6 +1451,7 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) | ||||
|  * | ||||
|  * Return 0 if everything is OK, -1 if not. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, | ||||
|                           const mbedtls_ssl_ciphersuite_t *ciphersuite, | ||||
|                           int cert_endpoint, | ||||
| @@ -1474,21 +1500,26 @@ static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
| void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); | ||||
| void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); | ||||
| #endif | ||||
|  | ||||
| /* Visible for testing purposes only */ | ||||
| #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl ); | ||||
| void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); | ||||
| #endif | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, | ||||
|                               const mbedtls_ssl_session *src ); | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_TLS1_2) | ||||
| /* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, | ||||
|                                             unsigned char *hash, size_t *hashlen, | ||||
|                                             unsigned char *data, size_t data_len, | ||||
| @@ -1500,11 +1531,13 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, | ||||
| #endif | ||||
|  | ||||
| void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, | ||||
|                              mbedtls_ssl_transform *transform, | ||||
|                              mbedtls_record *rec, | ||||
|                              int (*f_rng)(void *, unsigned char *, size_t), | ||||
|                              void *p_rng ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, | ||||
|                              mbedtls_ssl_transform *transform, | ||||
|                              mbedtls_record *rec ); | ||||
| @@ -1522,10 +1555,12 @@ static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl ) | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl ); | ||||
| #endif /* MBEDTLS_SSL_PROTO_DTLS */ | ||||
|  | ||||
| void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); | ||||
| @@ -1533,6 +1568,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, | ||||
|                               mbedtls_ssl_transform *transform ); | ||||
| void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); | ||||
| void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl, | ||||
|                                           int partial ); | ||||
| @@ -1540,6 +1576,7 @@ void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl, | ||||
| /* | ||||
|  * Send pending alert | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /* | ||||
| @@ -1560,6 +1597,7 @@ void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); | ||||
| void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_RENEGOTIATION) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl ); | ||||
| #endif /* MBEDTLS_SSL_RENEGOTIATION */ | ||||
|  | ||||
| @@ -1624,7 +1662,9 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf | ||||
| #if defined(MBEDTLS_SSL_PROTO_TLS1_3) | ||||
| extern const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[ | ||||
|                         MBEDTLS_SERVER_HELLO_RANDOM_LEN ]; | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_write_finished_message( mbedtls_ssl_context *ssl ); | ||||
| void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| @@ -1637,6 +1677,7 @@ void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl ); | ||||
|  * \param[in]   end     End address of the buffer where to write the extensions | ||||
|  * \param[out]  out_len Length of the data written into the buffer \p buf | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl, | ||||
|                                                unsigned char *buf, | ||||
|                                                unsigned char *end, | ||||
| @@ -1647,6 +1688,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl, | ||||
|  * | ||||
|  * \param ssl       SSL context | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /** | ||||
| @@ -1654,6 +1696,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); | ||||
|  * | ||||
|  * \param ssl       SSL context | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
|  | ||||
| @@ -1746,6 +1789,7 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Fetch TLS 1.3 handshake message header | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl, | ||||
|                                            unsigned hs_type, | ||||
|                                            unsigned char **buf, | ||||
| @@ -1754,17 +1798,20 @@ int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl, | ||||
| /* | ||||
|  * Handler of TLS 1.3 server certificate message | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) | ||||
| /* | ||||
|  * Handler of TLS 1.3 write Certificate message | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /* | ||||
|  * Handler of TLS 1.3 write Certificate Verify message | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ | ||||
| @@ -1772,16 +1819,20 @@ int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ); | ||||
| /* | ||||
|  * Generic handler of Certificate Verify | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /* | ||||
|  * Write of dummy-CCS's for middlebox compatibility | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_write_change_cipher_spec( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_ECDH_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( | ||||
|                 mbedtls_ssl_context *ssl, | ||||
|                 uint16_t named_group, | ||||
| @@ -1797,12 +1848,14 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( | ||||
| /* | ||||
|  * Parse TLS Signature Algorithm extension | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_parse_sig_alg_ext( mbedtls_ssl_context *ssl, | ||||
|                                    const unsigned char *buf, | ||||
|                                    const unsigned char *end ); | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ | ||||
|  | ||||
| /* Get handshake transcript */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl, | ||||
|                                           const mbedtls_md_type_t md, | ||||
|                                           unsigned char *dst, | ||||
| @@ -2229,6 +2282,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( | ||||
|  | ||||
| #if defined(MBEDTLS_ECDH_C) | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl, | ||||
|                                                const unsigned char *buf, | ||||
|                                                size_t buf_len ); | ||||
| @@ -2261,12 +2315,14 @@ static inline int mbedtls_ssl_tls13_cipher_suite_is_offered( | ||||
|  * | ||||
|  * \return 0 if valid, negative value otherwise. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_validate_ciphersuite( | ||||
|     const mbedtls_ssl_context *ssl, | ||||
|     const mbedtls_ssl_ciphersuite_t *suite_info, | ||||
|     mbedtls_ssl_protocol_version min_tls_version, | ||||
|     mbedtls_ssl_protocol_version max_tls_version ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf, | ||||
|                                    const unsigned char *end, size_t *out_len ); | ||||
|  | ||||
|   | ||||
| @@ -86,6 +86,7 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, | ||||
|                                     unsigned char *buf, | ||||
|                                     size_t len, | ||||
| @@ -157,11 +158,16 @@ exit: | ||||
| static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, | ||||
|                                      uint8_t slot ); | ||||
| static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_buffer_message( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, | ||||
|                                      mbedtls_record const *rec ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) | ||||
| @@ -179,6 +185,7 @@ static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) | ||||
|     return( out_buf_len ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) | ||||
| { | ||||
|     size_t const bytes_written = ssl->out_left; | ||||
| @@ -195,6 +202,7 @@ static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) | ||||
|     return( (int) ( mtu - bytes_written ) ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -246,6 +254,7 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl | ||||
|  * Double the retransmit timeout value, within the allowed range, | ||||
|  * returning -1 if the maximum value has already been reached. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     uint32_t new_timeout; | ||||
| @@ -329,6 +338,7 @@ static size_t ssl_compute_padding_length( size_t len, | ||||
|  *  - A negative error code if `max_len` didn't offer enough space | ||||
|  *    for the expansion. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_build_inner_plaintext( unsigned char *content, | ||||
|                                       size_t *content_size, | ||||
|                                       size_t remaining, | ||||
| @@ -356,6 +366,7 @@ static int ssl_build_inner_plaintext( unsigned char *content, | ||||
|  | ||||
| /* This function parses a (D)TLSInnerPlaintext structure. | ||||
|  * See ssl_build_inner_plaintext() for details. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_inner_plaintext( unsigned char const *content, | ||||
|                                           size_t *content_size, | ||||
|                                           uint8_t *rec_type ) | ||||
| @@ -469,6 +480,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, | ||||
| #if defined(MBEDTLS_GCM_C) || \ | ||||
|     defined(MBEDTLS_CCM_C) || \ | ||||
|     defined(MBEDTLS_CHACHAPOLY_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_transform_aead_dynamic_iv_is_explicit( | ||||
|                                 mbedtls_ssl_transform const *transform ) | ||||
| { | ||||
| @@ -2066,6 +2078,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Append current handshake message to current outgoing flight | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_flight_append( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     mbedtls_ssl_flight_item *msg; | ||||
| @@ -2132,6 +2145,7 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ) | ||||
| /* | ||||
|  * Swap transform_out and out_ctr with the alternative ones | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_swap_epochs( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     mbedtls_ssl_transform *tmp_transform; | ||||
| @@ -2767,6 +2781,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush ) | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     if( ssl->in_msglen < ssl->in_hslen || | ||||
| @@ -2792,6 +2807,7 @@ static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) | ||||
|               ssl->in_msg[8] ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) | ||||
| { | ||||
|     uint32_t msg_len, frag_off, frag_len; | ||||
| @@ -2858,6 +2874,7 @@ static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) | ||||
| /* | ||||
|  * Check that bitmask is full | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_bitmask_check( unsigned char *mask, size_t len ) | ||||
| { | ||||
|     size_t i; | ||||
| @@ -3057,6 +3074,7 @@ static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) | ||||
|             ( (uint64_t) buf[5]       ) ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3149,6 +3167,7 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) | ||||
|  *   return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED | ||||
|  * - otherwise return a specific error code | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| MBEDTLS_STATIC_TESTABLE | ||||
| int mbedtls_ssl_check_dtls_clihlo_cookie( | ||||
|                            mbedtls_ssl_context *ssl, | ||||
| @@ -3309,6 +3328,7 @@ int mbedtls_ssl_check_dtls_clihlo_cookie( | ||||
|  * includes the case of MBEDTLS_ERR_SSL_CLIENT_RECONNECT and of unexpected | ||||
|  * errors, and is the right thing to do in both cases). | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3364,6 +3384,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) | ||||
| } | ||||
| #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_record_type( uint8_t record_type ) | ||||
| { | ||||
|     if( record_type != MBEDTLS_SSL_MSG_HANDSHAKE && | ||||
| @@ -3396,6 +3417,7 @@ static int ssl_check_record_type( uint8_t record_type ) | ||||
|  * Point 2 is needed when the peer is resending, and we have already received | ||||
|  * the first record from a datagram but are still waiting for the others. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, | ||||
|                                     unsigned char *buf, | ||||
|                                     size_t len, | ||||
| @@ -3622,6 +3644,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, | ||||
|  | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; | ||||
| @@ -3651,6 +3674,7 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * If applicable, decrypt record content | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, | ||||
|                                        mbedtls_record *rec ) | ||||
| { | ||||
| @@ -3803,8 +3827,11 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, | ||||
|  */ | ||||
|  | ||||
| /* Helper functions for mbedtls_ssl_read_record(). */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_next_record( mbedtls_ssl_context *ssl ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, | ||||
| @@ -3892,6 +3919,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     if( ssl->in_left > ssl->next_record_offset ) | ||||
| @@ -3900,6 +3928,7 @@ static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     mbedtls_ssl_handshake_params * const hs = ssl->handshake; | ||||
| @@ -3997,6 +4026,7 @@ exit: | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, | ||||
|                                   size_t desired ) | ||||
| { | ||||
| @@ -4039,6 +4069,7 @@ static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, | ||||
|     return( -1 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_buffer_message( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = 0; | ||||
| @@ -4243,6 +4274,7 @@ exit: | ||||
| } | ||||
| #endif /* MBEDTLS_SSL_PROTO_DTLS */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     /* | ||||
| @@ -4330,6 +4362,7 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     if( ssl->in_msglen > 0 ) | ||||
| @@ -4356,6 +4389,7 @@ static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) | ||||
|     } | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     mbedtls_ssl_handshake_params * const hs = ssl->handshake; | ||||
| @@ -4413,6 +4447,7 @@ exit: | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, | ||||
|                                      mbedtls_record const *rec ) | ||||
| { | ||||
| @@ -4471,6 +4506,7 @@ static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| #endif /* MBEDTLS_SSL_PROTO_DTLS */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_next_record( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -5221,6 +5257,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Check record counters and renegotiate if they're above the limit. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     size_t ep_len = mbedtls_ssl_ep_len( ssl ); | ||||
| @@ -5260,6 +5297,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) | ||||
|  * and having a helper function allows to distinguish between TLS <= 1.2 and | ||||
|  * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read(). | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -5577,6 +5615,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) | ||||
|  * Therefore, it is possible that the input message length is 0 and the | ||||
|  * corresponding return code is 0 on success. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_real( mbedtls_ssl_context *ssl, | ||||
|                            const unsigned char *buf, size_t len ) | ||||
| { | ||||
|   | ||||
| @@ -66,6 +66,7 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) | ||||
| /* | ||||
|  * Generate/update a key | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, | ||||
|                                unsigned char index ) | ||||
| { | ||||
| @@ -113,6 +114,7 @@ static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, | ||||
| /* | ||||
|  * Rotate/generate keys if necessary | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) | ||||
| { | ||||
| #if !defined(MBEDTLS_HAVE_TIME) | ||||
|   | ||||
| @@ -275,6 +275,7 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_old ) | ||||
| { | ||||
|     unsigned char* resized_buffer = mbedtls_calloc( 1, len_new ); | ||||
| @@ -380,6 +381,7 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, | ||||
|                           const unsigned char *, size_t, | ||||
|                           unsigned char *, size_t); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, | ||||
|                                    int ciphersuite, | ||||
|                                    const unsigned char master[48], | ||||
| @@ -393,6 +395,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, | ||||
|                                    const mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_SHA256_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_sha256( const unsigned char *secret, size_t slen, | ||||
|                            const char *label, | ||||
|                            const unsigned char *random, size_t rlen, | ||||
| @@ -403,6 +406,7 @@ static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, | ||||
| #endif /* MBEDTLS_SHA256_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_SHA384_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_sha384( const unsigned char *secret, size_t slen, | ||||
|                            const char *label, | ||||
|                            const unsigned char *random, size_t rlen, | ||||
| @@ -415,6 +419,7 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char * | ||||
| static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, | ||||
|                                       unsigned char *buf, | ||||
|                                       size_t buf_len ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_session_load_tls12( mbedtls_ssl_session *session, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ); | ||||
| @@ -672,6 +677,7 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) | ||||
|     memset( session, 0, sizeof(mbedtls_ssl_session) ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_handshake_init( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     /* Clear old handshake information if present */ | ||||
| @@ -863,6 +869,7 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl ) | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) | ||||
| /* Dummy cookie callbacks for defaults */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_cookie_write_dummy( void *ctx, | ||||
|                       unsigned char **p, unsigned char *end, | ||||
|                       const unsigned char *cli_id, size_t cli_id_len ) | ||||
| @@ -876,6 +883,7 @@ static int ssl_cookie_write_dummy( void *ctx, | ||||
|     return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_cookie_check_dummy( void *ctx, | ||||
|                       const unsigned char *cookie, size_t cookie_len, | ||||
|                       const unsigned char *cli_id, size_t cli_id_len ) | ||||
| @@ -898,6 +906,7 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) | ||||
|     memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_conf_version_check( const mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ssl_config *conf = ssl->conf; | ||||
| @@ -949,6 +958,7 @@ static int ssl_conf_version_check( const mbedtls_ssl_context *ssl ) | ||||
|     return( MBEDTLS_ERR_SSL_BAD_CONFIG ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_conf_check(const mbedtls_ssl_context *ssl) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1372,6 +1382,7 @@ static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) | ||||
| } | ||||
|  | ||||
| /* Append a new keycert entry to a (possibly empty) list */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, | ||||
|                                 mbedtls_x509_crt *cert, | ||||
|                                 mbedtls_pk_context *key ) | ||||
| @@ -1517,6 +1528,7 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf ) | ||||
| { | ||||
| #if defined(MBEDTLS_USE_PSA_CRYPTO) | ||||
| @@ -1562,6 +1574,7 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) | ||||
|  * It checks that the provided identity is well-formed and attempts | ||||
|  * to make a copy of it in the SSL config. | ||||
|  * On failure, the PSK identity in the config remains unset. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, | ||||
|                                       unsigned char const *psk_identity, | ||||
|                                       size_t psk_identity_len ) | ||||
| @@ -2756,6 +2769,7 @@ static unsigned char ssl_serialized_session_header[] = { | ||||
|  * | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_session_save( const mbedtls_ssl_session *session, | ||||
|                              unsigned char omit_header, | ||||
|                              unsigned char *buf, | ||||
| @@ -2830,6 +2844,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, | ||||
|  * This internal version is wrapped by a public function that cleans up in | ||||
|  * case of error, and has an extra option omit_header. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_session_load( mbedtls_ssl_session *session, | ||||
|                              unsigned char omit_header, | ||||
|                              const unsigned char *buf, | ||||
| @@ -2896,6 +2911,7 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, | ||||
| /* | ||||
|  * Perform a single step of the SSL handshake | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3054,6 +3070,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Write HelloRequest to request renegotiation on server | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3652,6 +3669,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, | ||||
|  * This internal version is wrapped by a public function that cleans up in | ||||
|  * case of error. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_context_load( mbedtls_ssl_context *ssl, | ||||
|                              const unsigned char *buf, | ||||
|                              size_t len ) | ||||
| @@ -4235,6 +4253,7 @@ static uint16_t ssl_preset_suiteb_groups[] = { | ||||
| #if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) | ||||
| /* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs` | ||||
|  * to make sure there are no duplicated signature algorithm entries. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_no_sig_alg_duplication( uint16_t * sig_algs ) | ||||
| { | ||||
|     size_t i, j; | ||||
| @@ -4786,6 +4805,7 @@ exit: | ||||
| #else /* MBEDTLS_USE_PSA_CRYPTO */ | ||||
|  | ||||
| #if defined(MBEDTLS_SHA384_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_handshake_transcript_sha384( mbedtls_ssl_context *ssl, | ||||
|                                                 unsigned char *dst, | ||||
|                                                 size_t dst_len, | ||||
| @@ -4816,6 +4836,7 @@ exit: | ||||
| #endif /* MBEDTLS_SHA384_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_SHA256_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_handshake_transcript_sha256( mbedtls_ssl_context *ssl, | ||||
|                                                 unsigned char *dst, | ||||
|                                                 size_t dst_len, | ||||
| @@ -5044,6 +5065,7 @@ static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* de | ||||
|     return( PSA_SUCCESS ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_generic( mbedtls_md_type_t md_type, | ||||
|                             const unsigned char *secret, size_t slen, | ||||
|                             const char *label, | ||||
| @@ -5120,6 +5142,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, | ||||
|  | ||||
| #else /* MBEDTLS_USE_PSA_CRYPTO */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_generic( mbedtls_md_type_t md_type, | ||||
|                             const unsigned char *secret, size_t slen, | ||||
|                             const char *label, | ||||
| @@ -5212,6 +5235,7 @@ exit: | ||||
| #endif /* MBEDTLS_USE_PSA_CRYPTO */ | ||||
|  | ||||
| #if defined(MBEDTLS_SHA256_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_sha256( const unsigned char *secret, size_t slen, | ||||
|                            const char *label, | ||||
|                            const unsigned char *random, size_t rlen, | ||||
| @@ -5223,6 +5247,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen, | ||||
| #endif /* MBEDTLS_SHA256_C */ | ||||
|  | ||||
| #if defined(MBEDTLS_SHA384_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int tls_prf_sha384( const unsigned char *secret, size_t slen, | ||||
|                            const char *label, | ||||
|                            const unsigned char *random, size_t rlen, | ||||
| @@ -5242,6 +5267,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen, | ||||
|  * Outputs: | ||||
|  * - the tls_prf, calc_verify and calc_finished members of handshake structure | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, | ||||
|                                    mbedtls_md_type_t hash ) | ||||
| { | ||||
| @@ -5286,6 +5312,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, | ||||
|  *      EMS: passed to calc_verify (debug + session_negotiate) | ||||
|  *      PSA-PSA: conf | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, | ||||
|                                unsigned char *master, | ||||
|                                const mbedtls_ssl_context *ssl ) | ||||
| @@ -5754,6 +5781,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch | ||||
| #endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
| @@ -5925,6 +5953,7 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) | ||||
| #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char *crt_buf, | ||||
|                                          size_t crt_buf_len ) | ||||
| @@ -5940,6 +5969,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, | ||||
|     return( memcmp( peer_crt->raw.p, crt_buf, peer_crt->raw.len ) ); | ||||
| } | ||||
| #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char *crt_buf, | ||||
|                                          size_t crt_buf_len ) | ||||
| @@ -5974,6 +6004,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, | ||||
|  * Once the certificate message is read, parse it into a cert chain and | ||||
|  * perform basic checks, but leave actual verification to the caller | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, | ||||
|                                         mbedtls_x509_crt *chain ) | ||||
| { | ||||
| @@ -6129,6 +6160,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SRV_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) | ||||
| @@ -6154,6 +6186,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) | ||||
|  */ | ||||
| #define SSL_CERTIFICATE_EXPECTED 0 | ||||
| #define SSL_CERTIFICATE_SKIP     1 | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, | ||||
|                                              int authmode ) | ||||
| { | ||||
| @@ -6183,6 +6216,7 @@ static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, | ||||
|     return( SSL_CERTIFICATE_EXPECTED ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, | ||||
|                                          int authmode, | ||||
|                                          mbedtls_x509_crt *chain, | ||||
| @@ -6280,7 +6314,9 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, | ||||
|     { | ||||
|         const mbedtls_pk_context *pk = &chain->pk; | ||||
|  | ||||
|         /* If certificate uses an EC key, make sure the curve is OK */ | ||||
|         /* If certificate uses an EC key, make sure the curve is OK. | ||||
|          * This is a public key, so it can't be opaque, so can_do() is a good | ||||
|          * enough check to ensure pk_ec() is safe to use here. */ | ||||
|         if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && | ||||
|             mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) | ||||
|         { | ||||
| @@ -6371,6 +6407,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, | ||||
| } | ||||
|  | ||||
| #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char *start, size_t len ) | ||||
| { | ||||
| @@ -6402,6 +6439,7 @@ static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl, | ||||
|                                      unsigned char *start, size_t len ) | ||||
| { | ||||
| @@ -7070,6 +7108,7 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) | ||||
|  *      [in] optionally used for: | ||||
|  *        - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, | ||||
|                                    int ciphersuite, | ||||
|                                    const unsigned char master[48], | ||||
| @@ -7871,6 +7910,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, | ||||
|     return( used ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_session_load_tls12( mbedtls_ssl_session *session, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ) | ||||
|   | ||||
| @@ -75,6 +75,7 @@ int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_RENEGOTIATION) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, | ||||
|                                         unsigned char *buf, | ||||
|                                         const unsigned char *end, | ||||
| @@ -116,6 +117,7 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, | ||||
| #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, | ||||
|                                                   unsigned char *buf, | ||||
|                                                   const unsigned char *end, | ||||
| @@ -147,6 +149,7 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, | ||||
|           MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, | ||||
|                                        unsigned char *buf, | ||||
|                                        const unsigned char *end, | ||||
| @@ -220,6 +223,7 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, | ||||
|                               unsigned char *buf, | ||||
|                               const unsigned char *end, | ||||
| @@ -266,6 +270,7 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
|                                               unsigned char *buf, | ||||
|                                               const unsigned char *end, | ||||
| @@ -298,6 +303,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
|                                            unsigned char *buf, | ||||
|                                            const unsigned char *end, | ||||
| @@ -328,6 +334,7 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
|                                       unsigned char *buf, | ||||
|                                       const unsigned char *end, | ||||
| @@ -358,6 +365,7 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SESSION_TICKETS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char *buf, | ||||
|                                          const unsigned char *end, | ||||
| @@ -400,6 +408,7 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_SESSION_TICKETS */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_SRTP) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
|                                    unsigned char *buf, | ||||
|                                    const unsigned char *end, | ||||
| @@ -629,6 +638,7 @@ int mbedtls_ssl_tls12_write_client_hello_exts( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -673,6 +683,7 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
|                                               const unsigned char *buf, | ||||
|                                               size_t len ) | ||||
| @@ -699,6 +710,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, | ||||
|                               const unsigned char *buf, | ||||
|                               size_t len ) | ||||
| @@ -755,6 +767,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -780,6 +793,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -805,6 +819,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SESSION_TICKETS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -831,6 +846,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, | ||||
|                                                   const unsigned char *buf, | ||||
|                                                   size_t len ) | ||||
| @@ -879,6 +895,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, | ||||
|           MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ) | ||||
| @@ -913,6 +930,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ALPN) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
|                                const unsigned char *buf, size_t len ) | ||||
| { | ||||
| @@ -983,6 +1001,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_ALPN */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_SRTP) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ) | ||||
| @@ -1103,6 +1122,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
|  * Parse HelloVerifyRequest.  Only called after verifying the HS type. | ||||
|  */ | ||||
| #if defined(MBEDTLS_SSL_PROTO_DTLS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); | ||||
| @@ -1184,6 +1204,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) | ||||
| } | ||||
| #endif /* MBEDTLS_SSL_PROTO_DTLS */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret, i; | ||||
| @@ -1708,6 +1729,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, | ||||
|                                        unsigned char **p, | ||||
|                                        unsigned char *end ) | ||||
| @@ -1753,6 +1775,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||     \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) | ||||
| #if defined(MBEDTLS_USE_PSA_CRYPTO) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, | ||||
|                                              unsigned char **p, | ||||
|                                              unsigned char *end ) | ||||
| @@ -1817,6 +1840,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
| #else | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ecp_curve_info *curve_info; | ||||
| @@ -1845,6 +1869,7 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char **p, | ||||
|                                          unsigned char *end ) | ||||
| @@ -1885,6 +1910,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, | ||||
|           MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, | ||||
|                                       unsigned char **p, | ||||
|                                       unsigned char *end ) | ||||
| @@ -1931,6 +1957,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, | ||||
| /* | ||||
|  * Generate a pre-master secret and encrypt it with the server's RSA key | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
|                                     size_t offset, size_t *olen, | ||||
|                                     size_t pms_offset ) | ||||
| @@ -2013,6 +2040,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, | ||||
|                                           unsigned char **p, | ||||
|                                           unsigned char *end, | ||||
| @@ -2071,6 +2099,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2089,6 +2118,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
|     peer_pk = &ssl->session_negotiate->peer_cert->pk; | ||||
| #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ | ||||
|  | ||||
|     /* This is a public key, so it can't be opaque, so can_do() is a good | ||||
|      * enough check to ensure pk_ec() is safe to use below. */ | ||||
|     if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) ) | ||||
|     { | ||||
|         MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); | ||||
| @@ -2158,6 +2189,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || | ||||
|           MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2505,6 +2537,7 @@ exit: | ||||
| } | ||||
|  | ||||
| #if ! defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = | ||||
| @@ -2523,6 +2556,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) | ||||
|     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); | ||||
| } | ||||
| #else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2688,6 +2722,7 @@ exit: | ||||
| } | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2727,6 +2762,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3249,6 +3285,7 @@ ecdh_calc_secret: | ||||
| } | ||||
|  | ||||
| #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = | ||||
| @@ -3274,6 +3311,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
|     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); | ||||
| } | ||||
| #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; | ||||
| @@ -3413,6 +3451,7 @@ sign: | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SESSION_TICKETS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
|   | ||||
| @@ -78,6 +78,7 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, | ||||
| #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, | ||||
|                                      const unsigned char *buf, | ||||
|                                      size_t len ) | ||||
| @@ -152,6 +153,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) | ||||
| { | ||||
|     if( conf->f_psk != NULL ) | ||||
| @@ -173,6 +175,7 @@ static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) | ||||
| } | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -250,6 +253,7 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, | ||||
|  * | ||||
|  * DHE groups are not supported yet. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
|                                            const unsigned char *buf, | ||||
|                                            size_t len ) | ||||
| @@ -316,6 +320,7 @@ static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, | ||||
|                                               const unsigned char *buf, | ||||
|                                               size_t len ) | ||||
| @@ -361,6 +366,7 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, | ||||
|           MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ) | ||||
| @@ -390,6 +396,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
|                                               const unsigned char *buf, | ||||
|                                               size_t len ) | ||||
| @@ -409,6 +416,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, | ||||
|                               const unsigned char *buf, | ||||
|                               size_t len ) | ||||
| @@ -481,6 +489,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
|                                       const unsigned char *buf, | ||||
|                                       size_t len ) | ||||
| @@ -505,6 +514,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
|                                       const unsigned char *buf, | ||||
|                                       size_t len ) | ||||
| @@ -529,6 +539,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SESSION_TICKETS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
|                                          unsigned char *buf, | ||||
|                                          size_t len ) | ||||
| @@ -603,6 +614,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_SESSION_TICKETS */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ALPN) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
|                                const unsigned char *buf, size_t len ) | ||||
| { | ||||
| @@ -691,6 +703,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_ALPN */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_SRTP) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
|                                    const unsigned char *buf, | ||||
|                                    size_t len ) | ||||
| @@ -819,6 +832,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
|  * Return 0 if the given key uses one of the acceptable curves, -1 otherwise | ||||
|  */ | ||||
| #if defined(MBEDTLS_ECDSA_C) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_check_key_curve( mbedtls_pk_context *pk, | ||||
|                                 const mbedtls_ecp_curve_info **curves ) | ||||
| { | ||||
| @@ -840,6 +854,7 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk, | ||||
|  * Try picking a certificate for this ciphersuite, | ||||
|  * return 0 on success and -1 on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_pick_cert( mbedtls_ssl_context *ssl, | ||||
|                           const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) | ||||
| { | ||||
| @@ -924,6 +939,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, | ||||
|  * Check if a given ciphersuite is suitable for use with our config/keys/etc | ||||
|  * Sets ciphersuite_info only if the suite matches. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, | ||||
|                                   const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) | ||||
| { | ||||
| @@ -1021,6 +1037,7 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, | ||||
| /* This function doesn't alert on errors that happen early during | ||||
|    ClientHello parsing because they might indicate that the client is | ||||
|    not talking SSL/TLS at all and would not understand our alert. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret, got_common_suite; | ||||
| @@ -2237,6 +2254,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, | ||||
| #endif /* MBEDTLS_SSL_DTLS_SRTP */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2355,6 +2373,7 @@ exit: | ||||
|     mbedtls_ssl_session_free( &session_tmp ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
| #if defined(MBEDTLS_HAVE_TIME) | ||||
| @@ -2570,6 +2589,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) | ||||
| } | ||||
|  | ||||
| #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = | ||||
| @@ -2588,6 +2608,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) | ||||
|     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); | ||||
| } | ||||
| #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; | ||||
| @@ -2749,6 +2770,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| #if defined(MBEDTLS_USE_PSA_CRYPTO) &&                      \ | ||||
|         ( defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ | ||||
|           defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) ) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2843,6 +2865,7 @@ cleanup: | ||||
| } | ||||
| #elif defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -2875,6 +2898,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \ | ||||
|     defined(MBEDTLS_SSL_ASYNC_PRIVATE) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, | ||||
|                                            size_t *signature_len ) | ||||
| { | ||||
| @@ -2902,6 +2926,7 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, | ||||
| /* Prepare the ServerKeyExchange message, up to and including | ||||
|  * calculating the signature if any, but excluding formatting the | ||||
|  * signature and sending the message. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, | ||||
|                                             size_t *signature_len ) | ||||
| { | ||||
| @@ -3329,6 +3354,7 @@ curve_matching_done: | ||||
|  * that do not include a ServerKeyExchange message, do nothing. Either | ||||
|  * way, if successful, move on to the next step in the SSL state | ||||
|  * machine. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3350,7 +3376,12 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) | ||||
|         if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) ) | ||||
|         { | ||||
|             ssl_get_ecdh_params_from_cert( ssl ); | ||||
|             ret = ssl_get_ecdh_params_from_cert( ssl ); | ||||
|             if( ret != 0 ) | ||||
|             { | ||||
|                 MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); | ||||
|                 return( ret ); | ||||
|             } | ||||
|         } | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ | ||||
|  | ||||
| @@ -3426,6 +3457,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -3465,6 +3497,7 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \ | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, | ||||
|                                        const unsigned char *end ) | ||||
| { | ||||
| @@ -3508,6 +3541,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * | ||||
|     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, | ||||
|                                    unsigned char *peer_pms, | ||||
|                                    size_t *peer_pmslen, | ||||
| @@ -3525,6 +3559,7 @@ static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, | ||||
| } | ||||
| #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
|                                       const unsigned char *p, | ||||
|                                       const unsigned char *end, | ||||
| @@ -3610,6 +3645,7 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
|                                     const unsigned char *p, | ||||
|                                     const unsigned char *end, | ||||
| @@ -3698,6 +3734,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, | ||||
|           MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, | ||||
|                                           const unsigned char *end ) | ||||
| { | ||||
| @@ -3758,6 +3795,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha | ||||
| } | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -4195,6 +4233,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| } | ||||
|  | ||||
| #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = | ||||
| @@ -4213,6 +4252,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
|     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); | ||||
| } | ||||
| #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; | ||||
| @@ -4376,6 +4416,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_SESSION_TICKETS) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
|   | ||||
| @@ -42,6 +42,7 @@ | ||||
|  *      ProtocolVersion versions<2..254>; | ||||
|  * } SupportedVersions; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
|                                                    unsigned char *buf, | ||||
|                                                    unsigned char *end, | ||||
| @@ -91,6 +92,7 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
|                                                    const unsigned char *buf, | ||||
|                                                    const unsigned char *end ) | ||||
| @@ -120,6 +122,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
| } | ||||
|  | ||||
| #if defined(MBEDTLS_SSL_ALPN) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
|                                const unsigned char *buf, size_t len ) | ||||
| { | ||||
| @@ -166,6 +169,7 @@ static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl, | ||||
| } | ||||
| #endif /* MBEDTLS_SSL_ALPN */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     uint16_t group_id = ssl->handshake->offered_group_id; | ||||
| @@ -204,6 +208,7 @@ static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Functions for writing key_share extension. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl, | ||||
|                                            uint16_t *group_id ) | ||||
| { | ||||
| @@ -253,6 +258,7 @@ static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl, | ||||
|  *          KeyShareEntry client_shares<0..2^16-1>; | ||||
|  *      } KeyShareClientHello; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|                                           unsigned char *buf, | ||||
|                                           unsigned char *end, | ||||
| @@ -366,6 +372,7 @@ cleanup: | ||||
|  *        NamedGroup selected_group; | ||||
|  * } KeyShareHelloRetryRequest; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|                                               const unsigned char *buf, | ||||
|                                               const unsigned char *end ) | ||||
| @@ -440,6 +447,7 @@ static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|  *        opaque key_exchange<1..2^16-1>; | ||||
|  * } KeyShareEntry; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|                                           const unsigned char *buf, | ||||
|                                           const unsigned char *end ) | ||||
| @@ -514,6 +522,7 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|  * a "cookie" extension in the new ClientHello.  Clients MUST NOT use | ||||
|  * cookies in their initial ClientHello in subsequent connections. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl, | ||||
|                                        const unsigned char *buf, | ||||
|                                        const unsigned char *end ) | ||||
| @@ -547,6 +556,7 @@ static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_cookie_ext( mbedtls_ssl_context *ssl, | ||||
|                                        unsigned char *buf, | ||||
|                                        unsigned char *end, | ||||
| @@ -640,6 +650,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl, | ||||
|  * \return 1 if the ServerHello contains a supported_versions extension | ||||
|  * \return A negative value if an error occurred while parsing the ServerHello. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_is_supported_versions_ext_present( | ||||
|     mbedtls_ssl_context *ssl, | ||||
|     const unsigned char *buf, | ||||
| @@ -714,6 +725,7 @@ static int ssl_tls13_is_supported_versions_ext_present( | ||||
|  *     the server is TLS 1.3 capable but negotiating TLS 1.2 or below. | ||||
|  * - 0 otherwise | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_is_downgrade_negotiation( mbedtls_ssl_context *ssl, | ||||
|                                                const unsigned char *buf, | ||||
|                                                const unsigned char *end ) | ||||
| @@ -746,6 +758,7 @@ static int ssl_tls13_is_downgrade_negotiation( mbedtls_ssl_context *ssl, | ||||
|  */ | ||||
| #define SSL_SERVER_HELLO_COORDINATE_HELLO 0 | ||||
| #define SSL_SERVER_HELLO_COORDINATE_HRR 1 | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_server_hello_is_hrr( mbedtls_ssl_context *ssl, | ||||
|                                     const unsigned char *buf, | ||||
|                                     const unsigned char *end ) | ||||
| @@ -785,6 +798,7 @@ static int ssl_server_hello_is_hrr( mbedtls_ssl_context *ssl, | ||||
|  * - SSL_SERVER_HELLO_COORDINATE_TLS1_2 | ||||
|  */ | ||||
| #define SSL_SERVER_HELLO_COORDINATE_TLS1_2 2 | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_server_hello_coordinate( mbedtls_ssl_context *ssl, | ||||
|                                               unsigned char **buf, | ||||
|                                               size_t *buf_len ) | ||||
| @@ -878,6 +892,7 @@ cleanup: | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_check_server_hello_session_id_echo( mbedtls_ssl_context *ssl, | ||||
|                                                          const unsigned char **buf, | ||||
|                                                          const unsigned char *end ) | ||||
| @@ -925,6 +940,7 @@ static int ssl_tls13_check_server_hello_session_id_echo( mbedtls_ssl_context *ss | ||||
|  *    Extension extensions<6..2^16-1>; | ||||
|  * } ServerHello; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          const unsigned char *end, | ||||
| @@ -1183,6 +1199,7 @@ cleanup: | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1263,6 +1280,7 @@ cleanup: | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1297,6 +1315,7 @@ static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl ) | ||||
|  * Wait and parse ServerHello handshake message. | ||||
|  * Handler for MBEDTLS_SSL_SERVER_HELLO | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1359,16 +1378,20 @@ cleanup: | ||||
|  */ | ||||
|  | ||||
| /* Main entry point; orchestrates the other functions */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl, | ||||
|                                                  const unsigned char *buf, | ||||
|                                                  const unsigned char *end ); | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /* | ||||
|  * Handler for  MBEDTLS_SSL_ENCRYPTED_EXTENSIONS | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1402,6 +1425,7 @@ cleanup: | ||||
|  *     Extension extensions<0..2^16-1>; | ||||
|  * } EncryptedExtensions; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl, | ||||
|                                                  const unsigned char *buf, | ||||
|                                                  const unsigned char *end ) | ||||
| @@ -1483,6 +1507,7 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl, | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) | ||||
| @@ -1512,6 +1537,7 @@ static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl | ||||
|  * - SSL_CERTIFICATE_REQUEST_SKIP | ||||
|  * indicating if a Certificate Request is expected or not. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1546,6 +1572,7 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) | ||||
|  *   Extension extensions<2..2^16-1>; | ||||
|  * } CertificateRequest; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl, | ||||
|                                                 const unsigned char *buf, | ||||
|                                                 const unsigned char *end ) | ||||
| @@ -1662,6 +1689,7 @@ decode_error: | ||||
| /* | ||||
|  * Handler for  MBEDTLS_SSL_CERTIFICATE_REQUEST | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1711,6 +1739,7 @@ cleanup: | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_SERVER_CERTIFICATE | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1726,6 +1755,7 @@ static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1742,6 +1772,7 @@ static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_SERVER_FINISHED | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1773,6 +1804,7 @@ static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int non_empty_certificate_msg = 0; | ||||
| @@ -1812,6 +1844,7 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl ); | ||||
| @@ -1826,6 +1859,7 @@ static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CLIENT_FINISHED | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1849,6 +1883,7 @@ static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_FLUSH_BUFFERS | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); | ||||
| @@ -1859,6 +1894,7 @@ static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|  | ||||
|   | ||||
| @@ -156,6 +156,7 @@ static void ssl_tls13_create_verify_structure( const unsigned char *transcript_h | ||||
|     *verify_buffer_len = idx; | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl, | ||||
|                                                const unsigned char *buf, | ||||
|                                                const unsigned char *end, | ||||
| @@ -389,6 +390,7 @@ cleanup: | ||||
|  */ | ||||
|  | ||||
| /* Parse certificate chain send by the server. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl, | ||||
|                                         const unsigned char *buf, | ||||
|                                         const unsigned char *end ) | ||||
| @@ -521,6 +523,7 @@ exit: | ||||
|     return( ret ); | ||||
| } | ||||
| #else | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl, | ||||
|                                         const unsigned char *buf, | ||||
|                                         const unsigned char *end ) | ||||
| @@ -536,6 +539,7 @@ static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl, | ||||
| #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) | ||||
| #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) | ||||
| /* Validate certificate chain sent by the server. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = 0; | ||||
| @@ -693,6 +697,7 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) | ||||
|     return( ret ); | ||||
| } | ||||
| #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     ((void) ssl); | ||||
| @@ -754,6 +759,7 @@ cleanup: | ||||
|  *        CertificateEntry certificate_list<0..2^24-1>; | ||||
|  *    } Certificate; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_certificate_body( mbedtls_ssl_context *ssl, | ||||
|                                              unsigned char *buf, | ||||
|                                              unsigned char *end, | ||||
| @@ -847,6 +853,7 @@ cleanup: | ||||
| /* | ||||
|  * STATE HANDLING: Output Certificate Verify | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_get_sig_alg_from_pk( mbedtls_ssl_context *ssl, | ||||
|                                           mbedtls_pk_context *own_key, | ||||
|                                           uint16_t *algorithm ) | ||||
| @@ -964,6 +971,7 @@ static int ssl_tls13_get_sig_alg_from_pk( mbedtls_ssl_context *ssl, | ||||
|     return( -1 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl, | ||||
|                                                     unsigned char *buf, | ||||
|                                                     unsigned char *end, | ||||
| @@ -1109,6 +1117,7 @@ cleanup: | ||||
|  * Implementation | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_preprocess_finished_message( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1128,6 +1137,7 @@ static int ssl_tls13_preprocess_finished_message( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_finished_message( mbedtls_ssl_context *ssl, | ||||
|                                              const unsigned char *buf, | ||||
|                                              const unsigned char *end ) | ||||
| @@ -1206,6 +1216,7 @@ cleanup: | ||||
|  * Implement | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_prepare_finished_message( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret; | ||||
| @@ -1226,6 +1237,7 @@ static int ssl_tls13_prepare_finished_message( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl, | ||||
|                                                   unsigned char *buf, | ||||
|                                                   unsigned char *end, | ||||
| @@ -1305,6 +1317,7 @@ void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl ) | ||||
|  * | ||||
|  */ | ||||
| #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_change_cipher_spec_body( mbedtls_ssl_context *ssl, | ||||
|                                                     unsigned char *buf, | ||||
|                                                     unsigned char *end, | ||||
|   | ||||
| @@ -761,6 +761,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_calc_finished_core( psa_algorithm_t hash_alg, | ||||
|                                          unsigned char const *base_key, | ||||
|                                          unsigned char const *transcript, | ||||
| @@ -1188,6 +1189,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl ) | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int mbedtls_ssl_tls13_get_cipher_key_info( | ||||
|                     const mbedtls_ssl_ciphersuite_t *ciphersuite_info, | ||||
|                     size_t *key_len, size_t *iv_len ) | ||||
|   | ||||
| @@ -121,6 +121,7 @@ extern const struct mbedtls_ssl_tls13_labels_struct mbedtls_ssl_tls13_labels; | ||||
|  * \return           A negative error code on failure. | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_hkdf_expand_label( | ||||
|                      psa_algorithm_t hash_alg, | ||||
|                      const unsigned char *secret, size_t secret_len, | ||||
| @@ -159,6 +160,7 @@ int mbedtls_ssl_tls13_hkdf_expand_label( | ||||
|  * \returns             A negative error code on failure. | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_make_traffic_keys( | ||||
|                      psa_algorithm_t hash_alg, | ||||
|                      const unsigned char *client_secret, | ||||
| @@ -205,6 +207,7 @@ int mbedtls_ssl_tls13_make_traffic_keys( | ||||
|  * \returns        \c 0 on success. | ||||
|  * \returns        A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_derive_secret( | ||||
|                    psa_algorithm_t hash_alg, | ||||
|                    const unsigned char *secret, size_t secret_len, | ||||
| @@ -255,6 +258,7 @@ int mbedtls_ssl_tls13_derive_secret( | ||||
|  * \returns        \c 0 on success. | ||||
|  * \returns        A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_derive_early_secrets( | ||||
|           psa_algorithm_t hash_alg, | ||||
|           unsigned char const *early_secret, | ||||
| @@ -300,6 +304,7 @@ int mbedtls_ssl_tls13_derive_early_secrets( | ||||
|  * \returns        \c 0 on success. | ||||
|  * \returns        A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_derive_handshake_secrets( | ||||
|           psa_algorithm_t hash_alg, | ||||
|           unsigned char const *handshake_secret, | ||||
| @@ -350,6 +355,7 @@ int mbedtls_ssl_tls13_derive_handshake_secrets( | ||||
|  * \returns        \c 0 on success. | ||||
|  * \returns        A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_derive_application_secrets( | ||||
|           psa_algorithm_t hash_alg, | ||||
|           unsigned char const *master_secret, | ||||
| @@ -380,6 +386,7 @@ int mbedtls_ssl_tls13_derive_application_secrets( | ||||
|  * \returns        \c 0 on success. | ||||
|  * \returns        A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_derive_resumption_master_secret( | ||||
|           psa_algorithm_t hash_alg, | ||||
|           unsigned char const *application_secret, | ||||
| @@ -453,6 +460,7 @@ int mbedtls_ssl_tls13_derive_resumption_master_secret( | ||||
|  * \returns           A negative error code on failure. | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_evolve_secret( | ||||
|                    psa_algorithm_t hash_alg, | ||||
|                    const unsigned char *secret_old, | ||||
| @@ -482,6 +490,7 @@ int mbedtls_ssl_tls13_evolve_secret( | ||||
|  * \returns           \c 0 on success. | ||||
|  * \returns           A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl, | ||||
|                                const psa_algorithm_t hash_alg, | ||||
|                                unsigned char const *psk, size_t psk_len, | ||||
| @@ -516,6 +525,7 @@ int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl, | ||||
|  *                     mbedtls_ssl_transform_encrypt(). | ||||
|  * \return             A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, | ||||
|                                           int endpoint, | ||||
|                                           int ciphersuite, | ||||
| @@ -542,6 +552,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /** | ||||
| @@ -560,6 +571,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl ); | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /** | ||||
| @@ -574,6 +586,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl ); | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl, | ||||
|                                                mbedtls_ssl_key_set *traffic_keys ); | ||||
|  | ||||
| @@ -593,6 +606,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl, | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /** | ||||
| @@ -607,6 +621,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl ) | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_generate_application_keys( | ||||
|     mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys ); | ||||
|  | ||||
| @@ -620,6 +635,7 @@ int mbedtls_ssl_tls13_generate_application_keys( | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_generate_resumption_master_secret( | ||||
|     mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| @@ -645,6 +661,7 @@ int mbedtls_ssl_tls13_generate_resumption_master_secret( | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl, | ||||
|                                              unsigned char *dst, | ||||
|                                              size_t dst_len, | ||||
| @@ -660,6 +677,7 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl, | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| /** | ||||
| @@ -671,6 +689,7 @@ int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl ); | ||||
|  * \returns    \c 0 on success. | ||||
|  * \returns    A negative error code on failure. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| int mbedtls_ssl_tls13_compute_application_transform( mbedtls_ssl_context *ssl ); | ||||
|  | ||||
| #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ | ||||
|   | ||||
| @@ -50,6 +50,7 @@ | ||||
|  *          ProtocolVersion versions<2..254>; | ||||
|  *   } SupportedVersions; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
|                                                    const unsigned char *buf, | ||||
|                                                    const unsigned char *end ) | ||||
| @@ -106,6 +107,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl, | ||||
|  *       NamedGroup named_group_list<2..2^16-1>; | ||||
|  *   } NamedGroupList; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
|                                                  const unsigned char *buf, | ||||
|                                                  const unsigned char *end ) | ||||
| @@ -168,6 +170,7 @@ static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl, | ||||
|  *    be needed. | ||||
|  *  - A negative value for fatal errors. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl, | ||||
|                                            const unsigned char *buf, | ||||
|                                            const unsigned char *end ) | ||||
| @@ -306,6 +309,7 @@ static void ssl_tls13_debug_print_client_hello_exts( mbedtls_ssl_context *ssl ) | ||||
| } | ||||
| #endif /* MBEDTLS_DEBUG_C */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl, | ||||
|                                             int exts_mask ) | ||||
| { | ||||
| @@ -313,6 +317,7 @@ static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl, | ||||
|     return( masked == exts_mask ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( | ||||
|         mbedtls_ssl_context *ssl ) | ||||
| { | ||||
| @@ -322,6 +327,7 @@ static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( | ||||
|                           MBEDTLS_SSL_EXT_SIG_ALG ) ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     if( !mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) ) | ||||
| @@ -379,6 +385,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl ) | ||||
| #define SSL_CLIENT_HELLO_OK           0 | ||||
| #define SSL_CLIENT_HELLO_HRR_REQUIRED 1 | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl, | ||||
|                                          const unsigned char *buf, | ||||
|                                          const unsigned char *end ) | ||||
| @@ -704,6 +711,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl, | ||||
|  | ||||
| /* Update the handshake state machine */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -724,6 +732,7 @@ static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl ) | ||||
|  * Main entry point from the state machine; orchestrates the otherfunctions. | ||||
|  */ | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_client_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|  | ||||
| @@ -762,6 +771,7 @@ cleanup: | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_SERVER_HELLO | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -797,6 +807,7 @@ static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl ) | ||||
|  *      ProtocolVersion selected_version; | ||||
|  * } SupportedVersions; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_server_hello_supported_versions_ext( | ||||
|                                                 mbedtls_ssl_context *ssl, | ||||
|                                                 unsigned char *buf, | ||||
| @@ -834,6 +845,7 @@ static int ssl_tls13_write_server_hello_supported_versions_ext( | ||||
|  | ||||
| /* Generate and export a single key share. For hybrid KEMs, this can | ||||
|  * be called multiple times with the different components of the hybrid. */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl, | ||||
|                                                    uint16_t named_group, | ||||
|                                                    unsigned char *buf, | ||||
| @@ -887,6 +899,7 @@ static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl, | ||||
|  *     KeyShareEntry server_share; | ||||
|  * } KeyShareServerHello; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|                                           unsigned char *buf, | ||||
|                                           unsigned char *end, | ||||
| @@ -930,6 +943,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|                                               unsigned char *buf, | ||||
|                                               unsigned char *end, | ||||
| @@ -1005,6 +1019,7 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl, | ||||
|  *        Extension extensions<6..2^16-1>; | ||||
|  *    } ServerHello; | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl, | ||||
|                                               unsigned char *buf, | ||||
|                                               unsigned char *end, | ||||
| @@ -1131,6 +1146,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl, | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1151,6 +1167,7 @@ static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl ) | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_server_hello( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1189,6 +1206,7 @@ cleanup: | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_HELLO_RETRY_REQUEST | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_hello_retry_request_coordinate( | ||||
|                                                     mbedtls_ssl_context *ssl ) | ||||
| { | ||||
| @@ -1216,6 +1234,7 @@ static int ssl_tls13_write_hello_retry_request_coordinate( | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_hello_retry_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1260,6 +1279,7 @@ cleanup: | ||||
|  * } EncryptedExtensions; | ||||
|  * | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl, | ||||
|                                                       unsigned char *buf, | ||||
|                                                       unsigned char *end, | ||||
| @@ -1287,6 +1307,7 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1333,6 +1354,7 @@ cleanup: | ||||
|  * indicating if the writing of the CertificateRequest | ||||
|  * should be skipped or not. | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int authmode; | ||||
| @@ -1354,6 +1376,7 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) | ||||
|  * } CertificateRequest; | ||||
|  * | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl, | ||||
|                                                      unsigned char *buf, | ||||
|                                                      const unsigned char *end, | ||||
| @@ -1400,6 +1423,7 @@ static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_certificate_request( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1447,6 +1471,7 @@ cleanup: | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_SERVER_CERTIFICATE | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1468,6 +1493,7 @@ static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl ); | ||||
| @@ -1481,6 +1507,7 @@ static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_SERVER_FINISHED | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1513,6 +1540,7 @@ static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_CLIENT_FINISHED | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; | ||||
| @@ -1541,6 +1569,7 @@ static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl ) | ||||
| /* | ||||
|  * Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP | ||||
|  */ | ||||
| MBEDTLS_CHECK_RETURN_CRITICAL | ||||
| static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl ) | ||||
| { | ||||
|     MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); | ||||
|   | ||||
		Reference in New Issue
	
	Block a user