mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 14:45:32 +00:00
Minor review fixes
This commit is contained in:
parent
015aa44b93
commit
5aa4c07b85
|
@ -83,8 +83,8 @@
|
|||
#define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
|
||||
#define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES
|
||||
|
||||
#define MBEDTLS_ENTROPY_SOURCE_STRONG 1 /**< Entropy source is strong */
|
||||
#define MBEDTLS_ENTROPY_SOURCE_WEAK 0 /**< Entropy source is weak */
|
||||
#define MBEDTLS_ENTROPY_SOURCE_STRONG 0x7F /**< Entropy source is strong */
|
||||
#define MBEDTLS_ENTROPY_SOURCE_WEAK 0x0 /**< Entropy source is weak */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
|
@ -125,6 +125,11 @@
|
|||
#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */
|
||||
#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */
|
||||
#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
|
||||
/*
|
||||
* MBEDTLS_ERR_SSL_WANT_READ and MBEDTLS_ERR_SSL_WANT_WRITE are dismissable errors,
|
||||
* therefore the hamming distance to other non-dismissable errors should be
|
||||
* large to prevent bit-flipping a non-dismissable error to dismissable.
|
||||
*/
|
||||
#define MBEDTLS_ERR_SSL_WANT_READ -0xFF6900 /**< No data of requested type currently available on underlying transport. */
|
||||
#define MBEDTLS_ERR_SSL_WANT_WRITE -0xFF6880 /**< Connection requires a write call. */
|
||||
#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */
|
||||
|
|
|
@ -258,7 +258,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
|||
{
|
||||
int i;
|
||||
volatile int ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
|
||||
volatile int have_one_strong_fi = 0;
|
||||
volatile int have_one_strong_fi = MBEDTLS_ENTROPY_SOURCE_WEAK;
|
||||
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
|
||||
size_t olen;
|
||||
|
||||
|
@ -276,7 +276,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
|||
mbedtls_platform_enforce_volatile_reads();
|
||||
|
||||
if( strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
|
||||
have_one_strong_fi = 1;
|
||||
have_one_strong_fi = MBEDTLS_ENTROPY_SOURCE_STRONG;
|
||||
else
|
||||
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||
}
|
||||
|
@ -303,10 +303,10 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
|||
cleanup:
|
||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||
|
||||
if( have_one_strong_fi == 1 )
|
||||
if( have_one_strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
|
||||
{
|
||||
mbedtls_platform_enforce_volatile_reads();
|
||||
if( have_one_strong_fi == 1 )
|
||||
if( have_one_strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
|
|
@ -2342,7 +2342,7 @@ static int ssl_rsa_generate_partial_pms( mbedtls_ssl_context *ssl,
|
|||
unsigned char* out,
|
||||
unsigned add_length_tag )
|
||||
{
|
||||
volatile int ret;
|
||||
volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
|
||||
/*
|
||||
* Generate (part of) the pre-master secret as
|
||||
|
@ -2390,7 +2390,7 @@ static int ssl_rsa_encrypt_partial_pms( mbedtls_ssl_context *ssl,
|
|||
unsigned char *out, size_t buflen,
|
||||
size_t *olen )
|
||||
{
|
||||
volatile int ret;
|
||||
volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
size_t len_bytes = mbedtls_ssl_get_minor_ver( ssl ) ==
|
||||
MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
|
||||
mbedtls_pk_context *peer_pk = NULL;
|
||||
|
@ -2762,6 +2762,10 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
|
|||
unsigned char *buf,
|
||||
size_t buflen )
|
||||
{
|
||||
/*
|
||||
* Initialising to an error value would need a significant
|
||||
* structural change to provide default flow assumes failure
|
||||
*/
|
||||
volatile int ret = 0;
|
||||
unsigned char *p;
|
||||
unsigned char *end;
|
||||
|
|
|
@ -1883,7 +1883,7 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
|
|||
|
||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
volatile int ret;
|
||||
volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
|
||||
ssl->handshake->key_derivation_done = MBEDTLS_SSL_FI_FLAG_UNSET;
|
||||
|
@ -2062,7 +2062,7 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl )
|
|||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
|
||||
return( ret );
|
||||
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -2093,7 +2093,7 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl )
|
|||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
||||
return( ret );
|
||||
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -2122,7 +2122,7 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl )
|
|||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
|
||||
return( ret );
|
||||
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
|
||||
}
|
||||
}
|
||||
else
|
||||
|
|
Loading…
Reference in a new issue