Change DES and AES functions to MBEDTLS_CHECK_RETURN_TYPICAL

For all of these functions, the only possible failures are a hardware accelerator (not possible unless using an ALT implementation), an internal error or runtime corruption. Exception: the self-tests, which serve little purpose if their status isn't tested. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-02-24 11:28:04 +00:00 · 2021-09-23 17:35:37 +02:00 · 2021-09-23 17:35:37 +02:00 · ce555e4fad
parent ee0a4435f7
commit ce555e4fad
2 changed files with 27 additions and 27 deletions
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@ -175,7 +175,7 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
 * \return         \c 0 on success.
 * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
                    unsigned int keybits );

@ -194,7 +194,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
 * \return         \c 0 on success.
 * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
                    unsigned int keybits );

@ -215,7 +215,7 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
 * \return         \c 0 on success.
 * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
                                const unsigned char *key,
                                unsigned int keybits );
@ -236,7 +236,7 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
 * \return         \c 0 on success.
 * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
                                const unsigned char *key,
                                unsigned int keybits );
@ -265,7 +265,7 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,

 * \return         \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
                    int mode,
                    const unsigned char input[16],
@ -313,7 +313,7 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
 * \return         #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
 *                 on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
                    int mode,
                    size_t length,
@ -358,7 +358,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 *                     smaller than an AES block in size (16 Bytes) or if \p
 *                     length is larger than 2^20 blocks (16 MiB).
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                           int mode,
                           size_t length,
@ -407,7 +407,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
 *
 * \return         \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
                       int mode,
                       size_t length,
@ -452,7 +452,7 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
 *
 * \return         \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
                    int mode,
                    size_t length,
@ -507,7 +507,7 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
 *
 * \return         \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
                       size_t length,
                       size_t *iv_off,
@ -594,7 +594,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
 *
 * \return                 \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
                       size_t length,
                       size_t *nc_off,
@ -615,7 +615,7 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
 *
 * \return          \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
                                  const unsigned char input[16],
                                  unsigned char output[16] );
@ -631,7 +631,7 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
 *
 * \return          \c 0 on success.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
                                  const unsigned char input[16],
                                  unsigned char output[16] );
@ -681,7 +681,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
 * \return         \c 0 on success.
 * \return         \c 1 on failure.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_aes_self_test( int verbose );

 #endif /* MBEDTLS_SELF_TEST */
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@ -147,7 +147,7 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

 /**
@ -161,7 +161,7 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

 /**
@ -176,7 +176,7 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

 /**
@ -191,7 +191,7 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

 /**
@ -202,7 +202,7 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB
 *
 * \return         0
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );

@ -214,7 +214,7 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
 *
 * \return         0
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );

@ -226,7 +226,7 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
 *
 * \return         0
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );

@ -238,7 +238,7 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
 *
 * \return         0
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );

@ -255,7 +255,7 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
                    const unsigned char input[8],
                    unsigned char output[8] );
@ -283,7 +283,7 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
                    int mode,
                    size_t length,
@ -301,7 +301,7 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
 *
 * \return         0 if successful
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
                     const unsigned char input[8],
                     unsigned char output[8] );
@ -327,7 +327,7 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
 *
 * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
 int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
                     int mode,
                     size_t length,
@ -358,7 +358,7 @@ void mbedtls_des_setkey( uint32_t SK[32],
 *
 * \return         0 if successful, or 1 if the test failed
 */
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_des_self_test( int verbose );

 #endif /* MBEDTLS_SELF_TEST */