mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 10:15:40 +00:00
Merge pull request #2958 from yanesca/iotcrypt-942-initialise-return-values
Initialize return values to an error
This commit is contained in:
commit
ccdeb47cdf
2
crypto
2
crypto
|
@ -1 +1 @@
|
|||
Subproject commit 81f7909497c12f637ab4f45d16bdab5cf91f2e43
|
||||
Subproject commit 795c6bab62177f48f1457c1ffac93d0a1245beb0
|
|
@ -52,9 +52,10 @@
|
|||
* For historical reasons, low-level error codes are divided in even and odd,
|
||||
* even codes were assigned first, and -1 is reserved for other errors.
|
||||
*
|
||||
* Low-level module errors (0x0002-0x007E, 0x0003-0x007F)
|
||||
* Low-level module errors (0x0002-0x007E, 0x0001-0x007F)
|
||||
*
|
||||
* Module Nr Codes assigned
|
||||
* ERROR 2 0x006E 0x0001
|
||||
* MPI 7 0x0002-0x0010
|
||||
* GCM 3 0x0012-0x0014 0x0013-0x0013
|
||||
* BLOWFISH 3 0x0016-0x0018 0x0017-0x0017
|
||||
|
@ -86,7 +87,7 @@
|
|||
* CHACHA20 3 0x0051-0x0055
|
||||
* POLY1305 3 0x0057-0x005B
|
||||
* CHACHAPOLY 2 0x0054-0x0056
|
||||
* PLATFORM 1 0x0070-0x0072
|
||||
* PLATFORM 2 0x0070-0x0072
|
||||
*
|
||||
* High-level module nr (3 bits - 0x0...-0x7...)
|
||||
* Name ID Nr of Errors
|
||||
|
@ -112,6 +113,9 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
|
||||
#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */
|
||||
|
||||
/**
|
||||
* \brief Translate a mbed TLS error code into a string representation,
|
||||
* Result is truncated if necessary and always includes a terminating
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
#endif
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
|
@ -85,7 +86,7 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
|
|||
{
|
||||
va_list argp;
|
||||
char str[DEBUG_BUF_SIZE];
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
|
|
|
@ -25,8 +25,7 @@
|
|||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
#include "mbedtls/error.h"
|
||||
#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
|
@ -109,6 +108,10 @@
|
|||
#include "mbedtls/entropy.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
#include "mbedtls/error.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
#include "mbedtls/gcm.h"
|
||||
#endif
|
||||
|
@ -754,6 +757,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" );
|
||||
#endif /* MBEDTLS_ENTROPY_C */
|
||||
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_ERROR_GENERIC_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "ERROR - Generic error" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED) )
|
||||
mbedtls_snprintf( buf, buflen, "ERROR - This is a bug in the library" );
|
||||
#endif /* MBEDTLS_ERROR_C */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
|
||||
|
|
|
@ -45,6 +45,7 @@
|
|||
#endif
|
||||
|
||||
#include "mbedtls/net_sockets.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -147,7 +148,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx )
|
|||
int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host,
|
||||
const char *port, int proto )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
struct addrinfo hints, *addr_list, *cur;
|
||||
|
||||
if( ( ret = net_prepare() ) != 0 )
|
||||
|
@ -313,7 +314,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
|
|||
mbedtls_net_context *client_ctx,
|
||||
void *client_ip, size_t buf_size, size_t *ip_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int type;
|
||||
|
||||
struct sockaddr_storage client_addr;
|
||||
|
@ -455,7 +456,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx )
|
|||
|
||||
int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
struct timeval tv;
|
||||
|
||||
fd_set read_fds;
|
||||
|
@ -540,7 +541,7 @@ void mbedtls_net_usleep( unsigned long usec )
|
|||
*/
|
||||
int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
|
@ -577,7 +578,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
|
|||
int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf,
|
||||
size_t len, uint32_t timeout )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
struct timeval tv;
|
||||
fd_set read_fds;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
@ -620,7 +621,7 @@ int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf,
|
|||
*/
|
||||
int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
|
|
|
@ -35,9 +35,10 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
@ -402,7 +403,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
|
|||
unsigned char *buf,
|
||||
size_t *olen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p = buf;
|
||||
const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
|
||||
size_t kkpp_len;
|
||||
|
@ -766,7 +767,7 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
static int ssl_generate_random( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p = ssl->handshake->randbytes;
|
||||
#if defined(MBEDTLS_HAVE_TIME)
|
||||
mbedtls_time_t t;
|
||||
|
@ -858,7 +859,7 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf
|
|||
|
||||
static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t i, n, olen, ext_len = 0;
|
||||
unsigned char *buf;
|
||||
unsigned char *p, *q;
|
||||
|
@ -1470,7 +1471,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ssl->handshake->ciphersuite_info->key_exchange !=
|
||||
MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
|
@ -2384,7 +2385,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
size_t offset, size_t *olen,
|
||||
size_t pms_offset )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
|
||||
unsigned char *p = ssl->handshake->premaster + pms_offset;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
@ -2531,7 +2532,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
|||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_ecp_keypair *peer_key;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
|
@ -2582,7 +2583,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||
|
||||
static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
ssl->handshake->ciphersuite_info;
|
||||
unsigned char *p = NULL, *end = NULL;
|
||||
|
@ -2971,7 +2972,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
|
|||
#else /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *buf;
|
||||
size_t n = 0;
|
||||
size_t cert_type_len = 0, dn_len = 0;
|
||||
|
@ -3135,7 +3136,7 @@ exit:
|
|||
|
||||
static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) );
|
||||
|
||||
|
@ -3174,7 +3175,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
|
|||
|
||||
static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
size_t header_len;
|
||||
size_t content_len;
|
||||
|
@ -3595,7 +3596,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
ssl->handshake->ciphersuite_info;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
|
||||
|
||||
|
@ -3790,7 +3791,7 @@ sign:
|
|||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
uint32_t lifetime;
|
||||
size_t ticket_len;
|
||||
unsigned char *ticket;
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
|
||||
#include "mbedtls/ssl_cookie.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#include <string.h>
|
||||
|
@ -104,7 +105,7 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char key[COOKIE_MD_OUTLEN];
|
||||
|
||||
if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
|
||||
|
@ -157,7 +158,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx,
|
|||
unsigned char **p, unsigned char *end,
|
||||
const unsigned char *cli_id, size_t cli_id_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
|
||||
unsigned long t;
|
||||
|
||||
|
|
|
@ -35,9 +35,10 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#include <string.h>
|
||||
|
@ -85,7 +86,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t servername_list_size, hostname_len;
|
||||
const unsigned char *p;
|
||||
|
||||
|
@ -432,7 +433,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
|
||||
{
|
||||
|
@ -624,7 +625,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
|
|||
unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ssl_session session;
|
||||
|
||||
mbedtls_ssl_session_init( &session );
|
||||
|
@ -2428,7 +2429,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
|
|||
unsigned char *buf,
|
||||
size_t *olen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p = buf;
|
||||
const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
|
||||
size_t kkpp_len;
|
||||
|
@ -2506,7 +2507,7 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
|
||||
static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p = ssl->out_msg + 4;
|
||||
unsigned char *cookie_len_byte;
|
||||
|
||||
|
@ -2580,7 +2581,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_HAVE_TIME)
|
||||
mbedtls_time_t t;
|
||||
#endif
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t olen, ext_len = 0, n;
|
||||
unsigned char *buf, *p;
|
||||
|
||||
|
@ -3007,7 +3008,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) )
|
||||
{
|
||||
|
@ -3088,7 +3089,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
ret = mbedtls_ecjpake_write_round_two(
|
||||
|
@ -3128,7 +3129,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
|
||||
if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL )
|
||||
|
@ -3193,7 +3194,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
const mbedtls_ecp_curve_info **curve = NULL;
|
||||
const mbedtls_ecp_group_id *gid;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
/* Match our preference list against the offered curves */
|
||||
|
@ -3251,7 +3252,7 @@ curve_matching_done:
|
|||
size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
|
||||
size_t hashlen = 0;
|
||||
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/*
|
||||
* 2.1: Choose hash algorithm:
|
||||
|
@ -3424,7 +3425,7 @@ curve_matching_done:
|
|||
* machine. */
|
||||
static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t signature_len = 0;
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
|
@ -3521,7 +3522,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
|||
|
||||
static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) );
|
||||
|
||||
|
@ -3625,7 +3626,7 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
size_t *peer_pmslen,
|
||||
size_t peer_pmssize )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl );
|
||||
mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk;
|
||||
size_t len = mbedtls_pk_get_len( public_key );
|
||||
|
@ -3714,7 +3715,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *end,
|
||||
size_t pms_offset )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *pms = ssl->handshake->premaster + pms_offset;
|
||||
unsigned char ver[2];
|
||||
unsigned char fake_pms[48], peer_pms[48];
|
||||
|
@ -3868,7 +3869,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
|||
|
||||
static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||
unsigned char *p, *end;
|
||||
|
||||
|
@ -4385,7 +4386,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t tlen;
|
||||
uint32_t lifetime;
|
||||
|
||||
|
|
|
@ -36,6 +36,7 @@
|
|||
#endif
|
||||
|
||||
#include "mbedtls/ssl_ticket.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#include <string.h>
|
||||
|
@ -73,7 +74,7 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
|
|||
static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
|
||||
unsigned char index )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char buf[MAX_KEY_BYTES];
|
||||
mbedtls_ssl_ticket_key *key = ctx->keys + index;
|
||||
|
||||
|
@ -133,7 +134,7 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
|
|||
mbedtls_cipher_type_t cipher,
|
||||
uint32_t lifetime )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_cipher_info_t *cipher_info;
|
||||
|
||||
ctx->f_rng = f_rng;
|
||||
|
@ -206,7 +207,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
|
|||
size_t *tlen,
|
||||
uint32_t *ticket_lifetime )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ssl_ticket_context *ctx = p_ticket;
|
||||
mbedtls_ssl_ticket_key *key;
|
||||
unsigned char *key_name = start;
|
||||
|
@ -306,7 +307,7 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
|
|||
unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ssl_ticket_context *ctx = p_ticket;
|
||||
mbedtls_ssl_ticket_key *key;
|
||||
unsigned char *key_name = buf;
|
||||
|
|
|
@ -43,9 +43,10 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/version.h"
|
||||
|
||||
|
@ -314,7 +315,7 @@ static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl )
|
|||
|
||||
static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t remaining, expansion;
|
||||
size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
|
||||
|
||||
|
@ -446,7 +447,7 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
|
|||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
if( src->peer_cert != NULL )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) );
|
||||
if( dst->peer_cert == NULL )
|
||||
|
@ -586,7 +587,7 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
|
|||
unsigned char h_i[20];
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_md_context_t md_ctx;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
mbedtls_md_init( &md_ctx );
|
||||
|
||||
|
@ -832,7 +833,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
|
|||
unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_md_context_t md_ctx;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
mbedtls_md_init( &md_ctx );
|
||||
|
||||
|
@ -1683,7 +1684,7 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
|
|||
unsigned char *master,
|
||||
const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/* cf. RFC 5246, Section 8.1:
|
||||
* "The master secret is always exactly 48 bytes in length." */
|
||||
|
@ -1810,7 +1811,7 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
|
|||
|
||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
|
||||
ssl->handshake->ciphersuite_info;
|
||||
|
||||
|
@ -2140,7 +2141,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
/* Write length only when we know the actual value */
|
||||
|
@ -2162,7 +2163,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||
if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t zlen;
|
||||
|
||||
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen,
|
||||
|
@ -2559,7 +2560,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
||||
if( mode == MBEDTLS_MODE_STREAM )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t olen;
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
|
||||
"including %d bytes of padding",
|
||||
|
@ -2590,7 +2591,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
mode == MBEDTLS_MODE_CCM ||
|
||||
mode == MBEDTLS_MODE_CHACHAPOLY )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char iv[12];
|
||||
size_t explicit_iv_len = transform->ivlen - transform->fixed_ivlen;
|
||||
|
||||
|
@ -2673,7 +2674,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) )
|
||||
if( mode == MBEDTLS_MODE_CBC )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t padlen, i;
|
||||
size_t olen;
|
||||
|
||||
|
@ -3462,7 +3463,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||
*/
|
||||
static int ssl_compress_buf( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *msg_post = ssl->out_msg;
|
||||
ptrdiff_t bytes_written = ssl->out_msg - ssl->out_buf;
|
||||
size_t len_pre = ssl->out_msglen;
|
||||
|
@ -3509,7 +3510,7 @@ static int ssl_compress_buf( mbedtls_ssl_context *ssl )
|
|||
|
||||
static int ssl_decompress_buf( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *msg_post = ssl->in_msg;
|
||||
ptrdiff_t header_bytes = ssl->in_msg - ssl->in_buf;
|
||||
size_t len_pre = ssl->in_msglen;
|
||||
|
@ -3604,7 +3605,7 @@ static int ssl_resend_hello_request( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
|
||||
|
@ -3823,7 +3824,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
|||
*/
|
||||
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *buf;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) );
|
||||
|
@ -4022,7 +4023,7 @@ int mbedtls_ssl_resend( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) );
|
||||
|
||||
if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING )
|
||||
|
@ -4251,7 +4252,7 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const size_t hs_len = ssl->out_msglen - 4;
|
||||
const unsigned char hs_type = ssl->out_msg[0];
|
||||
|
||||
|
@ -4737,7 +4738,7 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
|
||||
|
||||
if( ssl_check_hs_header( ssl ) != 0 )
|
||||
|
@ -4881,7 +4882,7 @@ static inline uint64_t ssl_load_six_bytes( unsigned char *buf )
|
|||
|
||||
static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *original_in_ctr;
|
||||
|
||||
// save original in_ctr
|
||||
|
@ -5107,7 +5108,7 @@ static int ssl_check_dtls_clihlo_cookie(
|
|||
*/
|
||||
static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
if( ssl->conf->f_cookie_write == NULL ||
|
||||
|
@ -5619,7 +5620,7 @@ static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl );
|
|||
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
|
||||
unsigned update_hs_digest )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) );
|
||||
|
||||
|
@ -6265,7 +6266,7 @@ static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
|
|||
|
||||
static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_record rec;
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
@ -6473,7 +6474,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
|||
|
||||
int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/*
|
||||
* Handle particular types of records
|
||||
|
@ -6616,7 +6617,7 @@ int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
|
|||
unsigned char level,
|
||||
unsigned char message )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ssl == NULL || ssl->conf == NULL )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
@ -6842,7 +6843,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
|||
unsigned char *crt_buf,
|
||||
size_t crt_buf_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char const * const peer_cert_digest =
|
||||
ssl->session->peer_cert_digest;
|
||||
mbedtls_md_type_t const peer_cert_digest_type =
|
||||
|
@ -6875,7 +6876,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
|||
static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
|
||||
mbedtls_x509_crt *chain )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
|
||||
int crt_cnt=0;
|
||||
#endif
|
||||
|
@ -7290,7 +7291,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl,
|
||||
unsigned char *start, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
/* Remember digest of the peer's end-CRT. */
|
||||
ssl->session_negotiate->peer_cert_digest =
|
||||
mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
|
||||
|
@ -7322,7 +7323,7 @@ static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl,
|
|||
unsigned char *start, size_t len )
|
||||
{
|
||||
unsigned char *end = start + len;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/* Make a copy of the peer's raw public key. */
|
||||
mbedtls_pk_init( &ssl->handshake->peer_pubkey );
|
||||
|
@ -7492,7 +7493,7 @@ exit:
|
|||
|
||||
int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) );
|
||||
|
||||
|
@ -7515,7 +7516,7 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl )
|
|||
|
||||
int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) );
|
||||
|
||||
|
@ -8214,7 +8215,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
|
|||
|
||||
int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned int hash_len;
|
||||
unsigned char buf[SSL_MAX_HASH_LEN];
|
||||
|
||||
|
@ -8607,7 +8608,7 @@ static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl )
|
|||
int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_config *conf )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
ssl->conf = conf;
|
||||
|
||||
|
@ -8674,7 +8675,7 @@ error:
|
|||
*/
|
||||
static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \
|
||||
!defined(MBEDTLS_SSL_SRV_C)
|
||||
|
@ -8922,7 +8923,7 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
|
|||
#if defined(MBEDTLS_SSL_CLI_C)
|
||||
int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ssl == NULL ||
|
||||
session == NULL ||
|
||||
|
@ -9166,7 +9167,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
|
|||
const unsigned char *psk, size_t psk_len,
|
||||
const unsigned char *psk_identity, size_t psk_identity_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
/* Remove opaque/raw PSK + PSK Identity */
|
||||
ssl_conf_remove_psk( conf );
|
||||
|
||||
|
@ -9235,7 +9236,7 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
|
|||
const unsigned char *psk_identity,
|
||||
size_t psk_identity_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
/* Clear opaque/raw PSK + PSK Identity, if present. */
|
||||
ssl_conf_remove_psk( conf );
|
||||
|
||||
|
@ -9280,7 +9281,7 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
|
|||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 )
|
||||
|
@ -9298,7 +9299,7 @@ int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
|
|||
const unsigned char *dhm_P, size_t P_len,
|
||||
const unsigned char *dhm_G, size_t G_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
|
||||
|
@ -9313,7 +9314,7 @@ int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
|
|||
|
||||
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 ||
|
||||
( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 )
|
||||
|
@ -10361,7 +10362,7 @@ static int ssl_session_load( mbedtls_ssl_session *session,
|
|||
|
||||
if( cert_len != 0 )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( cert_len > (size_t)( end - p ) )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
@ -10549,7 +10550,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
static int ssl_write_hello_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) );
|
||||
|
||||
|
@ -10580,7 +10581,7 @@ static int ssl_write_hello_request( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
static int ssl_start_renegotiation( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) );
|
||||
|
||||
|
@ -10707,7 +10708,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
|
||||
if( ssl == NULL || ssl->conf == NULL )
|
||||
|
@ -11091,7 +11092,7 @@ static int ssl_write_real( mbedtls_ssl_context *ssl,
|
|||
static int ssl_write_split( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ssl->conf->cbc_record_splitting ==
|
||||
MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
|
||||
|
@ -11123,7 +11124,7 @@ static int ssl_write_split( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) );
|
||||
|
||||
|
@ -11163,7 +11164,7 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_
|
|||
*/
|
||||
int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ssl == NULL || ssl->conf == NULL )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
@ -11746,7 +11747,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *p = buf;
|
||||
const unsigned char * const end = buf + len;
|
||||
size_t session_len;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/*
|
||||
* The context should have been freshly setup or reset.
|
||||
|
@ -12167,7 +12168,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
|||
int endpoint, int transport, int preset )
|
||||
{
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
#endif
|
||||
|
||||
/* Use the functions here so that they are covered in tests,
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
|
||||
#include "mbedtls/x509.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -83,7 +84,7 @@
|
|||
int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *serial )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( end - *p ) < 1 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_SERIAL +
|
||||
|
@ -114,7 +115,7 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
|
|||
int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *alg )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
|
||||
|
@ -128,7 +129,7 @@ int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
|
|||
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
|
||||
|
@ -148,7 +149,7 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
|
|||
*/
|
||||
static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p;
|
||||
const unsigned char *end;
|
||||
mbedtls_x509_buf md_oid;
|
||||
|
@ -209,7 +210,7 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
|
|||
mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
|
||||
int *salt_len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p;
|
||||
const unsigned char *end, *end2;
|
||||
size_t len;
|
||||
|
@ -352,7 +353,7 @@ static int x509_get_attr_type_value( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_name *cur )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
mbedtls_x509_buf *oid;
|
||||
mbedtls_x509_buf *val;
|
||||
|
@ -433,7 +434,7 @@ static int x509_get_attr_type_value( unsigned char **p,
|
|||
int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_name *cur )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t set_len;
|
||||
const unsigned char *end_set;
|
||||
|
||||
|
@ -539,7 +540,7 @@ static int x509_date_is_valid(const mbedtls_x509_time *t )
|
|||
static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
|
||||
mbedtls_x509_time *tm )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/*
|
||||
* Minimum length is 10 or 12 depending on yearlen
|
||||
|
@ -604,7 +605,7 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
|
|||
int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_time *tm )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len, year_len;
|
||||
unsigned char tag;
|
||||
|
||||
|
@ -633,7 +634,7 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
|
|||
|
||||
int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
int tag_type;
|
||||
|
||||
|
@ -662,7 +663,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50
|
|||
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
|
||||
void **sig_opts )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( *sig_opts != NULL )
|
||||
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
|
||||
|
@ -710,7 +711,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50
|
|||
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *ext, int tag )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
/* Extension structure use EXPLICIT tagging. That is, the actual
|
||||
|
@ -745,7 +746,7 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
|
|||
*/
|
||||
int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t i, n;
|
||||
unsigned char c, merge = 0;
|
||||
const mbedtls_x509_name *name;
|
||||
|
@ -807,7 +808,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
|
|||
*/
|
||||
int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t i, n, nr;
|
||||
char *p;
|
||||
|
||||
|
@ -843,7 +844,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s
|
|||
mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
|
||||
const void *sig_opts )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
char *p = buf;
|
||||
size_t n = size;
|
||||
const char *desc = NULL;
|
||||
|
@ -888,7 +889,7 @@ int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
|
|||
{
|
||||
char *p = buf;
|
||||
size_t n = buf_size;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
ret = mbedtls_snprintf( p, n, "%s key size", name );
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
|
||||
#include "mbedtls/x509.h"
|
||||
#include "mbedtls/asn1write.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
|
||||
#include <string.h>
|
||||
|
@ -241,7 +242,7 @@ int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid,
|
|||
*/
|
||||
static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name)
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
const char *oid = (const char*)cur_name->oid.p;
|
||||
size_t oid_len = cur_name->oid.len;
|
||||
|
@ -274,7 +275,7 @@ static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn
|
|||
int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
|
||||
mbedtls_asn1_named_data *first )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
mbedtls_asn1_named_data *cur = first;
|
||||
|
||||
|
@ -295,7 +296,7 @@ int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
|
|||
const char *oid, size_t oid_len,
|
||||
unsigned char *sig, size_t size )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
if( *p < start || (size_t)( *p - start ) < size )
|
||||
|
@ -325,7 +326,7 @@ int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
|
|||
static int x509_write_extension( unsigned char **p, unsigned char *start,
|
||||
mbedtls_asn1_named_data *ext )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1,
|
||||
|
@ -363,7 +364,7 @@ static int x509_write_extension( unsigned char **p, unsigned char *start,
|
|||
int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
|
||||
mbedtls_asn1_named_data *first )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
mbedtls_asn1_named_data *cur_ext = first;
|
||||
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
|
||||
#include "mbedtls/x509_crl.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
|
@ -74,7 +75,7 @@ static int x509_crl_get_version( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
int *ver )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
|
||||
{
|
||||
|
@ -101,7 +102,7 @@ static int x509_get_crl_ext( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_buf *ext )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( *p == end )
|
||||
return( 0 );
|
||||
|
@ -181,7 +182,7 @@ static int x509_get_crl_entry_ext( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_buf *ext )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
/* OPTIONAL */
|
||||
|
@ -235,7 +236,7 @@ static int x509_get_entries( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_crl_entry *entry )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t entry_len;
|
||||
mbedtls_x509_crl_entry *cur_entry = entry;
|
||||
|
||||
|
@ -300,7 +301,7 @@ static int x509_get_entries( unsigned char **p,
|
|||
int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
|
||||
const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
unsigned char *p = NULL, *end = NULL;
|
||||
mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
|
||||
|
@ -539,7 +540,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
|
|||
int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t use_len;
|
||||
mbedtls_pem_context pem;
|
||||
int is_pem = 0;
|
||||
|
@ -603,7 +604,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
|
|||
*/
|
||||
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
unsigned char *buf;
|
||||
|
||||
|
@ -630,7 +631,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path )
|
|||
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
|
||||
const mbedtls_x509_crl *crl )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
char *p;
|
||||
const mbedtls_x509_crl_entry *entry;
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
|
||||
#include "mbedtls/x509_crt.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
|
@ -390,7 +391,7 @@ static int x509_get_version( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
int *ver )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
|
||||
|
@ -427,7 +428,7 @@ static int x509_get_dates( unsigned char **p,
|
|||
mbedtls_x509_time *from,
|
||||
mbedtls_x509_time *to )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
|
||||
|
@ -456,7 +457,7 @@ static int x509_get_uid( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_buf *uid, int n )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( *p == end )
|
||||
return( 0 );
|
||||
|
@ -483,7 +484,7 @@ static int x509_get_basic_constraints( unsigned char **p,
|
|||
int *ca_istrue,
|
||||
int *max_pathlen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
/*
|
||||
|
@ -532,7 +533,7 @@ static int x509_get_ns_cert_type( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
unsigned char *ns_cert_type)
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_x509_bitstring bs = { 0, 0, NULL };
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
|
||||
|
@ -551,7 +552,7 @@ static int x509_get_key_usage( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
unsigned int *key_usage)
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t i;
|
||||
mbedtls_x509_bitstring bs = { 0, 0, NULL };
|
||||
|
||||
|
@ -581,7 +582,7 @@ static int x509_get_ext_key_usage( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_sequence *ext_key_usage)
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
|
||||
|
@ -625,7 +626,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_sequence *subject_alt_name )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len, tag_len;
|
||||
mbedtls_asn1_buf *buf;
|
||||
unsigned char tag;
|
||||
|
@ -887,7 +888,7 @@ static int x509_get_crt_ext( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
mbedtls_x509_crt *crt )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
unsigned char *end_ext_data, *end_ext_octet;
|
||||
|
||||
|
@ -1056,7 +1057,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
|
|||
size_t buflen,
|
||||
int make_copy )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
unsigned char *p, *end, *crt_end;
|
||||
mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
|
||||
|
@ -1318,7 +1319,7 @@ static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain,
|
|||
size_t buflen,
|
||||
int make_copy )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_x509_crt *crt = chain, *prev = NULL;
|
||||
|
||||
/*
|
||||
|
@ -1415,7 +1416,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain,
|
|||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
if( buf_format == MBEDTLS_X509_FORMAT_PEM )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_pem_context pem;
|
||||
|
||||
/* 1 rather than 0 since the terminating NULL byte is counted in */
|
||||
|
@ -1499,7 +1500,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain,
|
|||
*/
|
||||
int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
unsigned char *buf;
|
||||
|
||||
|
@ -1737,7 +1738,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size,
|
|||
*subject_alt_name,
|
||||
const char *prefix )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n = *size;
|
||||
char *p = *buf;
|
||||
const mbedtls_x509_sequence *cur = subject_alt_name;
|
||||
|
@ -1848,7 +1849,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size,
|
|||
int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
|
||||
mbedtls_x509_subject_alternative_name *san )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
switch( san_buf->tag &
|
||||
( MBEDTLS_ASN1_TAG_CLASS_MASK |
|
||||
MBEDTLS_ASN1_TAG_VALUE_MASK ) )
|
||||
|
@ -1909,7 +1910,7 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
|
|||
static int x509_info_cert_type( char **buf, size_t *size,
|
||||
unsigned char ns_cert_type )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n = *size;
|
||||
char *p = *buf;
|
||||
const char *sep = "";
|
||||
|
@ -1936,7 +1937,7 @@ static int x509_info_cert_type( char **buf, size_t *size,
|
|||
static int x509_info_key_usage( char **buf, size_t *size,
|
||||
unsigned int key_usage )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n = *size;
|
||||
char *p = *buf;
|
||||
const char *sep = "";
|
||||
|
@ -1960,7 +1961,7 @@ static int x509_info_key_usage( char **buf, size_t *size,
|
|||
static int x509_info_ext_key_usage( char **buf, size_t *size,
|
||||
const mbedtls_x509_sequence *extended_key_usage )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const char *desc;
|
||||
size_t n = *size;
|
||||
char *p = *buf;
|
||||
|
@ -1989,7 +1990,7 @@ static int x509_info_ext_key_usage( char **buf, size_t *size,
|
|||
static int x509_info_cert_policies( char **buf, size_t *size,
|
||||
const mbedtls_x509_sequence *certificate_policies )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const char *desc;
|
||||
size_t n = *size;
|
||||
char *p = *buf;
|
||||
|
@ -2023,7 +2024,7 @@ static int x509_info_cert_policies( char **buf, size_t *size,
|
|||
int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
const mbedtls_x509_crt *crt )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
char *p;
|
||||
char key_size_str[BEFORE_COLON];
|
||||
|
@ -2195,7 +2196,7 @@ static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
|
|||
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
|
||||
uint32_t flags )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const struct x509_crt_verify_string *cur;
|
||||
char *p = buf;
|
||||
size_t n = size;
|
||||
|
@ -2535,7 +2536,7 @@ static int x509_crt_find_parent_in(
|
|||
unsigned self_cnt,
|
||||
mbedtls_x509_crt_restart_ctx *rs_ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_x509_crt *parent, *fallback_parent;
|
||||
int signature_is_good, fallback_signature_is_good;
|
||||
|
||||
|
@ -2658,7 +2659,7 @@ static int x509_crt_find_parent(
|
|||
unsigned self_cnt,
|
||||
mbedtls_x509_crt_restart_ctx *rs_ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_x509_crt *search_list;
|
||||
|
||||
*parent_is_trusted = 1;
|
||||
|
@ -2791,7 +2792,7 @@ static int x509_crt_verify_chain(
|
|||
{
|
||||
/* Don't initialize any of those variables here, so that the compiler can
|
||||
* catch potential issues with jumping ahead when restarting */
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
uint32_t *flags;
|
||||
mbedtls_x509_crt_verify_chain_item *cur;
|
||||
mbedtls_x509_crt *child;
|
||||
|
@ -3020,7 +3021,7 @@ static int x509_crt_merge_flags_with_cb(
|
|||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned i;
|
||||
uint32_t cur_flags;
|
||||
const mbedtls_x509_crt_verify_chain_item *cur;
|
||||
|
@ -3068,7 +3069,7 @@ static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt,
|
|||
void *p_vrfy,
|
||||
mbedtls_x509_crt_restart_ctx *rs_ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_pk_type_t pk_type;
|
||||
mbedtls_x509_crt_verify_chain ver_chain;
|
||||
uint32_t ee_flags;
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#if defined(MBEDTLS_X509_CSR_PARSE_C)
|
||||
|
||||
#include "mbedtls/x509_csr.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
|
@ -68,7 +69,7 @@ static int x509_csr_get_version( unsigned char **p,
|
|||
const unsigned char *end,
|
||||
int *ver )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
|
||||
{
|
||||
|
@ -90,7 +91,7 @@ static int x509_csr_get_version( unsigned char **p,
|
|||
int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
|
||||
const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
unsigned char *p, *end;
|
||||
mbedtls_x509_buf sig_params;
|
||||
|
@ -262,7 +263,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
|
|||
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t use_len;
|
||||
mbedtls_pem_context pem;
|
||||
#endif
|
||||
|
@ -312,7 +313,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
|
|||
*/
|
||||
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
unsigned char *buf;
|
||||
|
||||
|
@ -336,7 +337,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
|
|||
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
|
||||
const mbedtls_x509_csr *csr )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t n;
|
||||
char *p;
|
||||
char key_size_str[BEFORE_COLON];
|
||||
|
|
|
@ -34,10 +34,11 @@
|
|||
#if defined(MBEDTLS_X509_CRT_WRITE_C)
|
||||
|
||||
#include "mbedtls/x509_crt.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/asn1write.h"
|
||||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/sha1.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -103,7 +104,7 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
|
|||
int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx,
|
||||
const mbedtls_mpi *serial )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 )
|
||||
return( ret );
|
||||
|
@ -140,7 +141,7 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
|
|||
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
||||
int is_ca, int max_pathlen )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char buf[9];
|
||||
unsigned char *c = buf + sizeof(buf);
|
||||
size_t len = 0;
|
||||
|
@ -174,7 +175,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
|||
#if defined(MBEDTLS_SHA1_C)
|
||||
int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
|
||||
unsigned char *c = buf + sizeof(buf);
|
||||
size_t len = 0;
|
||||
|
@ -202,7 +203,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
|
|||
|
||||
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
|
||||
unsigned char *c = buf + sizeof( buf );
|
||||
size_t len = 0;
|
||||
|
@ -240,7 +241,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
|
|||
{
|
||||
unsigned char buf[5], ku[2];
|
||||
unsigned char *c;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
|
||||
MBEDTLS_X509_KU_NON_REPUDIATION |
|
||||
MBEDTLS_X509_KU_KEY_ENCIPHERMENT |
|
||||
|
@ -279,7 +280,7 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
|
|||
{
|
||||
unsigned char buf[4];
|
||||
unsigned char *c;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
c = buf + 4;
|
||||
|
||||
|
@ -299,7 +300,7 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
|
|||
static int x509_write_time( unsigned char **p, unsigned char *start,
|
||||
const char *t, size_t size )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len = 0;
|
||||
|
||||
/*
|
||||
|
@ -332,7 +333,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const char *sig_oid;
|
||||
size_t sig_oid_len = 0;
|
||||
unsigned char *c, *c2;
|
||||
|
@ -526,7 +527,7 @@ int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t olen;
|
||||
|
||||
if( ( ret = mbedtls_x509write_crt_der( crt, buf, size,
|
||||
|
|
|
@ -33,8 +33,9 @@
|
|||
#if defined(MBEDTLS_X509_CSR_WRITE_C)
|
||||
|
||||
#include "mbedtls/x509_csr.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/asn1write.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
@ -90,7 +91,7 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch
|
|||
{
|
||||
unsigned char buf[4];
|
||||
unsigned char *c;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
c = buf + 4;
|
||||
|
||||
|
@ -112,7 +113,7 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
|
|||
{
|
||||
unsigned char buf[4];
|
||||
unsigned char *c;
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
c = buf + 4;
|
||||
|
||||
|
@ -133,7 +134,7 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const char *sig_oid;
|
||||
size_t sig_oid_len = 0;
|
||||
unsigned char *c, *c2;
|
||||
|
@ -263,7 +264,7 @@ int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, s
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t olen = 0;
|
||||
|
||||
if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
|
||||
|
|
|
@ -25,8 +25,7 @@
|
|||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
#include "mbedtls/error.h"
|
||||
#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
|
|
|
@ -38,7 +38,7 @@ my $error_format_file = $data_dir.'/error.fmt';
|
|||
|
||||
my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
|
||||
CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
|
||||
ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5
|
||||
ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
|
||||
NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
|
||||
SHA1 SHA256 SHA512 THREADING XTEA );
|
||||
my @high_level_modules = qw( CIPHER DHM ECP MD
|
||||
|
|
Loading…
Reference in a new issue