From d11550e11d893cd743996d8789c6d82ac3ea190a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 3 Dec 2019 15:52:31 +0000 Subject: [PATCH 1/5] Fix number of allocated errors in Platform --- include/mbedtls/error.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 06bb1c9ca..3fff9a054 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -86,7 +86,7 @@ * CHACHA20 3 0x0051-0x0055 * POLY1305 3 0x0057-0x005B * CHACHAPOLY 2 0x0054-0x0056 - * PLATFORM 1 0x0070-0x0072 + * PLATFORM 2 0x0070-0x0072 * * High-level module nr (3 bits - 0x0...-0x7...) * Name ID Nr of Errors From 60f6b64b8f6545c9fcc699291a19144ddff2cd99 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 3 Dec 2019 15:55:56 +0000 Subject: [PATCH 2/5] Add two error codes to the Error module One of the error codes was already reserved, this commit just makes it explicit. The other one is a new error code for initializing return values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should not be returned by the library. If it is returned, then it is surely a bug in the library or somebody is tampering with the device. --- include/mbedtls/error.h | 4 ++++ library/error.c | 11 +++++++++++ scripts/generate_errors.pl | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 3fff9a054..7ca54b8c3 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -55,6 +55,7 @@ * Low-level module errors (0x0002-0x007E, 0x0003-0x007F) * * Module Nr Codes assigned + * ERROR 2 0x006E 0x0001 * MPI 7 0x0002-0x0010 * GCM 3 0x0012-0x0014 0x0013-0x0013 * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017 @@ -112,6 +113,9 @@ extern "C" { #endif +#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ +#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ + /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/library/error.c b/library/error.c index 649b3baa4..85beaeeac 100644 --- a/library/error.c +++ b/library/error.c @@ -109,6 +109,10 @@ #include "mbedtls/entropy.h" #endif +#if defined(MBEDTLS_ERROR_C) +#include "mbedtls/error.h" +#endif + #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif @@ -579,6 +583,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); #endif /* MBEDTLS_ENTROPY_C */ +#if defined(MBEDTLS_ERROR_C) + if( use_ret == -(MBEDTLS_ERR_ERROR_GENERIC_ERROR) ) + mbedtls_snprintf( buf, buflen, "ERROR - Generic error" ); + if( use_ret == -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED) ) + mbedtls_snprintf( buf, buflen, "ERROR - This is a bug in the library" ); +#endif /* MBEDTLS_ERROR_C */ + #if defined(MBEDTLS_GCM_C) if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) ) mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index e640f4ccd..b4c014e3f 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -31,7 +31,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5 + ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5 OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD From a13b905d8dde4d851f1730e62643d1fb775649ca Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 22 Nov 2019 12:48:59 +0000 Subject: [PATCH 3/5] Map the new Mbed TLS error value in PSA --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e4d4924a9..b98a4629d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -351,6 +351,8 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED: + return( PSA_ERROR_CORRUPTION_DETECTED ); default: return( PSA_ERROR_GENERIC_ERROR ); From 24eed8d2d2df4423a63c8761edd0d65a43ff03a3 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 22 Nov 2019 13:21:35 +0000 Subject: [PATCH 4/5] Initialise return values to an error Initialising the return values to and error is best practice and makes the library more robust. --- library/aes.c | 7 +++-- library/asn1parse.c | 17 ++++++----- library/asn1write.c | 19 ++++++------ library/bignum.c | 35 +++++++++++----------- library/ccm.c | 9 +++--- library/chacha20.c | 5 ++-- library/chachapoly.c | 15 +++++----- library/cipher.c | 13 ++++---- library/cipher_wrap.c | 3 +- library/cmac.c | 13 ++++---- library/ctr_drbg.c | 9 +++--- library/dhm.c | 15 +++++----- library/ecdh.c | 21 ++++++------- library/ecdsa.c | 15 +++++----- library/ecjpake.c | 33 +++++++++++---------- library/ecp.c | 67 +++++++++++++++++++++--------------------- library/ecp_curves.c | 19 ++++++------ library/entropy.c | 5 ++-- library/entropy_poll.c | 3 +- library/gcm.c | 11 +++---- library/hkdf.c | 3 +- library/hmac_drbg.c | 13 ++++---- library/md.c | 11 +++---- library/md2.c | 7 +++-- library/md4.c | 7 +++-- library/md5.c | 7 +++-- library/nist_kw.c | 3 +- library/oid.c | 3 +- library/pem.c | 11 +++---- library/pk.c | 9 +++--- library/pk_wrap.c | 27 +++++++++-------- library/pkcs12.c | 7 +++-- library/pkcs5.c | 3 +- library/pkparse.c | 27 +++++++++-------- library/pkwrite.c | 19 ++++++------ library/platform.c | 5 ++-- library/poly1305.c | 5 ++-- library/psa_crypto.c | 43 ++++++++++++++------------- library/ripemd160.c | 7 +++-- library/rsa.c | 29 +++++++++--------- library/sha1.c | 7 +++-- library/sha256.c | 7 +++-- library/sha512.c | 7 +++-- 43 files changed, 322 insertions(+), 279 deletions(-) diff --git a/library/aes.c b/library/aes.c index aff0a9939..6e8699022 100644 --- a/library/aes.c +++ b/library/aes.c @@ -38,6 +38,7 @@ #include "mbedtls/aes.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_PADLOCK_C) #include "mbedtls/padlock.h" #endif @@ -766,7 +767,7 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; @@ -791,7 +792,7 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; @@ -1175,7 +1176,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t blocks = length / 16; size_t leftover = length % 16; unsigned char tweak[16]; diff --git a/library/asn1parse.c b/library/asn1parse.c index 412259e35..5075dfd53 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -29,6 +29,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -124,7 +125,7 @@ int mbedtls_asn1_get_bool( unsigned char **p, const unsigned char *end, int *val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) @@ -143,7 +144,7 @@ int mbedtls_asn1_get_int( unsigned char **p, const unsigned char *end, int *val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) @@ -185,7 +186,7 @@ int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, mbedtls_mpi *X ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) @@ -202,7 +203,7 @@ int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, mbedtls_asn1_bitstring *bs) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Certificate type is a single byte bitstring */ if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) @@ -235,7 +236,7 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, size_t *len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) return( ret ); @@ -261,7 +262,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, mbedtls_asn1_sequence *cur, int tag) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_asn1_buf *buf; @@ -310,7 +311,7 @@ int mbedtls_asn1_get_alg( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, @@ -354,7 +355,7 @@ int mbedtls_asn1_get_alg_null( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf params; memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); diff --git a/library/asn1write.c b/library/asn1write.c index a138d0b75..262d0bf56 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -28,6 +28,7 @@ #if defined(MBEDTLS_ASN1_WRITE_C) #include "mbedtls/asn1write.h" +#include "mbedtls/error.h" #include @@ -131,7 +132,7 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, #if defined(MBEDTLS_BIGNUM_C) int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write the MPI @@ -168,7 +169,7 @@ cleanup: int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write NULL @@ -182,7 +183,7 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, @@ -197,7 +198,7 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s const char *oid, size_t oid_len, size_t par_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( par_len == 0 ) @@ -216,7 +217,7 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( *p - start < 1 ) @@ -233,7 +234,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolea int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; do @@ -263,7 +264,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, const char *text, size_t text_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, @@ -339,7 +340,7 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; size_t unused_bits, byte_len; @@ -372,7 +373,7 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); diff --git a/library/bignum.c b/library/bignum.c index a2f2a9f99..1d258db0e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -46,6 +46,7 @@ #include "mbedtls/bignum.h" #include "mbedtls/bn_mul.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -314,7 +315,7 @@ cleanup: */ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MPI_VALIDATE_RET( X != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); @@ -457,7 +458,7 @@ static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c ) */ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, slen, n; mbedtls_mpi_uint d; mbedtls_mpi T; @@ -532,7 +533,7 @@ cleanup: static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p, const size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint r; size_t length = 0; char *p_end = *p + buflen; @@ -697,7 +698,7 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) */ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n, slen, plen; /* * Buffer should have space for (short) label and decimal formatted MPI, @@ -832,7 +833,7 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; size_t const limbs = CHARS_TO_LIMBS( buflen ); @@ -864,7 +865,7 @@ cleanup: */ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t const limbs = CHARS_TO_LIMBS( buflen ); size_t const overhead = ( limbs * ciL ) - buflen; unsigned char *Xp; @@ -991,7 +992,7 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, */ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, v0, t1; mbedtls_mpi_uint r0 = 0, r1; MPI_VALIDATE_RET( X != NULL ); @@ -1170,7 +1171,7 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) */ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi_uint *o, *p, c, tmp; MPI_VALIDATE_RET( X != NULL ); @@ -1251,7 +1252,7 @@ static void mpi_sub_hlp( size_t n, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d ) int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { mbedtls_mpi TB; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); @@ -1474,7 +1475,7 @@ void mpi_mul_hlp( size_t i, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d, mbedtls_mp */ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi TA, TB; MPI_VALIDATE_RET( X != NULL ); @@ -1629,7 +1630,7 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; mbedtls_mpi_uint TP2[3]; @@ -1775,7 +1776,7 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, */ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MPI_VALIDATE_RET( R != NULL ); MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); @@ -1937,7 +1938,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t wbits, wsize, one = 1; size_t i, j, nblimbs; size_t bufsize, nbits; @@ -2152,7 +2153,7 @@ cleanup: */ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t lz, lzt; mbedtls_mpi TA, TB; @@ -2214,7 +2215,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t const limbs = CHARS_TO_LIMBS( size ); size_t const overhead = ( limbs * ciL ) - size; unsigned char *Xp; @@ -2245,7 +2246,7 @@ cleanup: */ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); @@ -2498,7 +2499,7 @@ int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi XX; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( f_rng != NULL ); diff --git a/library/ccm.c b/library/ccm.c index a7e360ecf..eaef106a1 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -38,6 +38,7 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -74,7 +75,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, const unsigned char *key, unsigned int keybits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; CCM_VALIDATE_RET( ctx != NULL ); @@ -156,7 +157,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; unsigned char q; size_t len_left, olen; @@ -366,7 +367,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; unsigned char i; int diff; @@ -479,7 +480,7 @@ int mbedtls_ccm_self_test( int verbose ) unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN]; unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN]; size_t i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ccm_init( &ctx ); diff --git a/library/chacha20.c b/library/chacha20.c index 8a3610f0e..343b2167c 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -33,6 +33,7 @@ #include "mbedtls/chacha20.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -325,7 +326,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32], unsigned char* output ) { mbedtls_chacha20_context ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHA20_VALIDATE_RET( key != NULL ); CHACHA20_VALIDATE_RET( nonce != NULL ); @@ -536,7 +537,7 @@ int mbedtls_chacha20_self_test( int verbose ) { unsigned char output[381]; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; for( i = 0U; i < 2U; i++ ) { diff --git a/library/chachapoly.c b/library/chachapoly.c index dc643dd61..f0af5ded2 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -30,6 +30,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -122,7 +123,7 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, const unsigned char key[32] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( key != NULL ); @@ -135,7 +136,7 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, const unsigned char nonce[12], mbedtls_chachapoly_mode_t mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char poly1305_key[64]; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( nonce != NULL ); @@ -191,7 +192,7 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL ); CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL ); @@ -240,7 +241,7 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, unsigned char mac[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char len_block[16]; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( mac != NULL ); @@ -304,7 +305,7 @@ static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, unsigned char *output, unsigned char tag[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); if( ret != 0 ) @@ -354,7 +355,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; @@ -492,7 +493,7 @@ int mbedtls_chachapoly_self_test( int verbose ) { mbedtls_chachapoly_context ctx; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[200]; unsigned char mac[16]; diff --git a/library/cipher.c b/library/cipher.c index 69079aae7..b62f1d593 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -34,6 +34,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/cipher_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -504,7 +505,7 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t block_size; CIPHER_VALIDATE_RET( ctx != NULL ); @@ -1134,7 +1135,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ) { unsigned char check_tag[16]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CIPHER_VALIDATE_RET( ctx != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); @@ -1211,7 +1212,7 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t finish_olen; CIPHER_VALIDATE_RET( ctx != NULL ); @@ -1455,7 +1456,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen, @@ -1471,7 +1472,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CCM_C) if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen, @@ -1487,7 +1488,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CHACHAPOLY_C) if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ if ( ( iv_len != ctx->cipher_info->iv_size ) || diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7fc40b5f0..a813426be 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -32,6 +32,7 @@ #if defined(MBEDTLS_CIPHER_C) #include "mbedtls/cipher_internal.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_CHACHAPOLY_C) #include "mbedtls/chachapoly.h" @@ -1916,7 +1917,7 @@ static int chacha20_stream_wrap( void *ctx, size_t length, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_chacha20_update( ctx, length, input, output ); if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) diff --git a/library/cmac.c b/library/cmac.c index 5d101e1c7..642680d55 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -50,6 +50,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -136,7 +137,7 @@ static int cmac_multiply_by_u( unsigned char *output, static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx, unsigned char* K1, unsigned char* K2 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX]; size_t olen, block_size; @@ -315,7 +316,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen, block_size; if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || @@ -393,7 +394,7 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, unsigned char *output ) { mbedtls_cipher_context_t ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( cipher_info == NULL || key == NULL || input == NULL || output == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); @@ -427,7 +428,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, const unsigned char *input, size_t in_len, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE]; unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE]; @@ -894,7 +895,7 @@ exit: static int test_aes128_cmac_prf( int verbose ) { int i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[MBEDTLS_AES_BLOCK_SIZE]; for( i = 0; i < NB_PRF_TESTS; i++ ) @@ -921,7 +922,7 @@ static int test_aes128_cmac_prf( int verbose ) int mbedtls_cmac_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_AES_C) /* AES-128 */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 047bb2a3e..281dc4fe1 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -34,6 +34,7 @@ #include "mbedtls/ctr_drbg.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -319,7 +320,7 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, size_t add_len ) { unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( add_len == 0 ) return( 0 ); @@ -367,7 +368,7 @@ static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); @@ -452,7 +453,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, const unsigned char *custom, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; size_t nonce_len; @@ -590,7 +591,7 @@ exit: int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) diff --git a/library/dhm.c b/library/dhm.c index 8255632a9..392ed0c15 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -37,6 +37,7 @@ #include "mbedtls/dhm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -137,7 +138,7 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( p != NULL && *p != NULL ); DHM_VALIDATE_RET( end != NULL ); @@ -239,7 +240,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, const mbedtls_mpi *P, const mbedtls_mpi *G ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( P != NULL ); DHM_VALIDATE_RET( G != NULL ); @@ -260,7 +261,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( input != NULL ); @@ -396,7 +397,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi GYb; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( output != NULL ); @@ -473,7 +474,7 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end; #if defined(MBEDTLS_PEM_PARSE_C) @@ -627,7 +628,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n ) */ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; DHM_VALIDATE_RET( dhm != NULL ); @@ -679,7 +680,7 @@ static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_param */ int mbedtls_dhm_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_dhm_context dhm; mbedtls_dhm_init( &dhm ); diff --git a/library/ecdh.c b/library/ecdh.c index 914eb5055..3cf533371 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -36,6 +36,7 @@ #include "mbedtls/ecdh.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -80,7 +81,7 @@ static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If multiplication is in progress, we already generated a privkey */ #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -121,7 +122,7 @@ static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point P; mbedtls_ecp_point_init( &P ); @@ -199,7 +200,7 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx, mbedtls_ecp_group_id grp_id ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_ecp_group_load( &ctx->grp, grp_id ); if( ret != 0 ) @@ -307,7 +308,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t grp_len, pt_len; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; @@ -414,7 +415,7 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( buf != NULL ); @@ -451,7 +452,7 @@ static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If it's not our key, just import the public part as Qp */ if( side == MBEDTLS_ECDH_THEIRS ) @@ -475,7 +476,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( key != NULL ); ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || @@ -530,7 +531,7 @@ static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif @@ -602,7 +603,7 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx, const unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, @@ -652,7 +653,7 @@ static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif diff --git a/library/ecdsa.c b/library/ecdsa.c index bda9262c9..a6ba75d1c 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -51,6 +51,7 @@ #endif #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" /* Parameter validation macros based on platform_util.h */ #define ECDSA_VALIDATE_RET( cond ) \ @@ -229,7 +230,7 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, const unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n_size = ( grp->nbits + 7 ) / 8; size_t use_size = blen > n_size ? n_size : blen; @@ -429,7 +430,7 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, void *p_rng_blind, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context rng_ctx; mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; @@ -599,7 +600,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, const mbedtls_mpi *r, const mbedtls_mpi *s, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi e, s_inv, u1, u2; mbedtls_ecp_point R; mbedtls_mpi *pu1 = &u1, *pu2 = &u2; @@ -723,7 +724,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, unsigned char *sig, size_t *slen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; unsigned char *p = buf + sizeof( buf ); size_t len = 0; @@ -752,7 +753,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; ECDSA_VALIDATE_RET( ctx != NULL ); ECDSA_VALIDATE_RET( hash != NULL ); @@ -845,7 +846,7 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; @@ -925,7 +926,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, */ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECDSA_VALIDATE_RET( ctx != NULL ); ECDSA_VALIDATE_RET( key != NULL ); diff --git a/library/ecjpake.c b/library/ecjpake.c index 1845c936a..79ea3cbec 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -34,6 +34,7 @@ #include "mbedtls/ecjpake.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -110,7 +111,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, const unsigned char *secret, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECJPAKE_VALIDATE_RET( ctx != NULL ); ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT || @@ -159,7 +160,7 @@ static int ecjpake_write_len_point( unsigned char **p, const int pf, const mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Need at least 4 for length plus 1 for point */ @@ -199,7 +200,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, const char *id, mbedtls_mpi *h ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[ECJPAKE_HASH_BUF_LEN]; unsigned char *p = buf; const unsigned char *end = buf + sizeof( buf ); @@ -249,7 +250,7 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, const unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V, VV; mbedtls_mpi r, h; size_t r_len; @@ -324,7 +325,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V; mbedtls_mpi v; mbedtls_mpi h; /* later recycled to hold r */ @@ -382,7 +383,7 @@ static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, const unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( end < *p ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); @@ -422,7 +423,7 @@ static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( end < *p ) @@ -457,7 +458,7 @@ static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, const unsigned char *buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; const unsigned char *end = buf + len; @@ -495,7 +496,7 @@ static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; const unsigned char *end = buf + len; @@ -553,7 +554,7 @@ static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *B, const mbedtls_ecp_point *C ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi one; mbedtls_mpi_init( &one ); @@ -575,7 +576,7 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; const unsigned char *end = buf + len; mbedtls_ecp_group grp; @@ -639,7 +640,7 @@ static int ecjpake_mul_secret( mbedtls_mpi *R, int sign, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi b; /* Blinding value, then s + N * blinding */ mbedtls_mpi_init( &b ); @@ -668,7 +669,7 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point G; /* C: GA, S: GB */ mbedtls_ecp_point Xm; /* C: Xc, S: Xs */ mbedtls_mpi xm; /* C: xc, S: xs */ @@ -750,7 +751,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point K; mbedtls_mpi m_xm2_s, one; unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; @@ -956,7 +957,7 @@ static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, const unsigned char *xm1, size_t len1, const unsigned char *xm2, size_t len2 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) ); @@ -1004,7 +1005,7 @@ static int ecjpake_lgc( void *p, unsigned char *out, size_t len ) */ int mbedtls_ecjpake_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecjpake_context cli; mbedtls_ecjpake_context srv; unsigned char buf[512], pms[32]; diff --git a/library/ecp.c b/library/ecp.c index c281d8419..1ad169742 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -81,6 +81,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/threading.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -634,7 +635,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) */ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( P != NULL ); ECP_VALIDATE_RET( Q != NULL ); @@ -662,7 +663,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src */ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( pt != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); @@ -708,7 +709,7 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, const char *x, const char *y ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( P != NULL ); ECP_VALIDATE_RET( x != NULL ); ECP_VALIDATE_RET( y != NULL ); @@ -903,7 +904,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp int format, size_t *olen, unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( pt != NULL ); ECP_VALIDATE_RET( olen != NULL ); @@ -936,7 +937,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( buf != NULL ); @@ -1031,7 +1032,7 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, */ static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( grp->modp == NULL ) return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); @@ -1088,7 +1089,7 @@ static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) ); MOD_MUL( *X ); cleanup: @@ -1108,7 +1109,7 @@ static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) ); MOD_SUB( *X ); cleanup: @@ -1129,7 +1130,7 @@ static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) ); MOD_ADD( *X ); cleanup: @@ -1140,7 +1141,7 @@ static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, mbedtls_mpi *X, size_t count ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) ); MOD_ADD( *X ); cleanup: @@ -1162,7 +1163,7 @@ cleanup: */ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi Zi, ZZi; if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ) @@ -1214,7 +1215,7 @@ cleanup: static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, mbedtls_ecp_point *T[], size_t T_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi *c, u, Zi, ZZi; @@ -1303,7 +1304,7 @@ static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *Q, unsigned char inv ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char nonzero; mbedtls_mpi mQY; @@ -1337,7 +1338,7 @@ cleanup: static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, S, T, U; #if defined(MBEDTLS_SELF_TEST) @@ -1433,7 +1434,7 @@ cleanup: static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi T1, T2, T3, T4, X, Y, Z; #if defined(MBEDTLS_SELF_TEST) @@ -1521,7 +1522,7 @@ cleanup: static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l, ll; size_t p_size; int count = 0; @@ -1693,7 +1694,7 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, unsigned char w, size_t d, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t j = 0; const unsigned char T_size = 1U << ( w - 1 ); @@ -1829,7 +1830,7 @@ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point T[], unsigned char T_size, unsigned char i ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ii, j; /* Ignore the "sign" bit and scale down */ @@ -1862,7 +1863,7 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Txi; size_t i; @@ -1942,7 +1943,7 @@ static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, unsigned char w, unsigned char *parity_trick ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, mm; mbedtls_mpi_init( &M ); @@ -1988,7 +1989,7 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char parity_trick; unsigned char k[COMB_MAX_D + 1]; mbedtls_ecp_point *RR = R; @@ -2083,7 +2084,7 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char w, p_eq_g, i; size_t d; unsigned char T_size, T_ok; @@ -2215,7 +2216,7 @@ cleanup: */ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) if( mbedtls_internal_ecp_grp_capable( grp ) ) @@ -2241,7 +2242,7 @@ cleanup: static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l; size_t p_size; int count = 0; @@ -2296,7 +2297,7 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, const mbedtls_mpi *d ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) @@ -2344,7 +2345,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char b; mbedtls_ecp_point RP; @@ -2484,7 +2485,7 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, */ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi YY, RHS; /* pt coordinates must be normalized for our checks */ @@ -2537,7 +2538,7 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( mbedtls_mpi_cmp_int( m, 1 ) == 0 ) { @@ -2569,7 +2570,7 @@ int mbedtls_ecp_muladd_restartable( const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point mP; mbedtls_ecp_point *pmP = &mP; mbedtls_ecp_point *pR = R; @@ -2846,7 +2847,7 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( d != NULL ); ECP_VALIDATE_RET( G != NULL ); @@ -2882,7 +2883,7 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( key != NULL ); ECP_VALIDATE_RET( f_rng != NULL ); @@ -2966,7 +2967,7 @@ cleanup: */ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Q; mbedtls_ecp_group grp; ECP_VALIDATE_RET( pub != NULL ); @@ -3012,7 +3013,7 @@ cleanup: */ int mbedtls_ecp_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_ecp_group grp; mbedtls_ecp_point R, P; diff --git a/library/ecp_curves.c b/library/ecp_curves.c index dcc70739d..a24a50c03 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -29,6 +29,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -669,7 +670,7 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); */ static int ecp_use_curve25519( mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) ); @@ -709,7 +710,7 @@ cleanup: static int ecp_use_curve448( mbedtls_ecp_group *grp ) { mbedtls_mpi Ns; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_init( &Ns ); @@ -900,7 +901,7 @@ static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry ) */ static int ecp_mod_p192( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint c = 0; mbedtls_mpi_uint *p, *end; @@ -991,7 +992,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) * (see fix_negative for the motivation of C) */ #define INIT( b ) \ - int ret; \ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; \ signed char c = 0, cc; \ uint32_t cur; \ size_t i = 0, bits = (b); \ @@ -1027,7 +1028,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) */ static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* C = - c * 2^(bits + 32) */ #if !defined(MBEDTLS_HAVE_INT64) @@ -1185,7 +1186,7 @@ cleanup: */ static int ecp_mod_p521( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P521_WIDTH + 1]; @@ -1234,7 +1235,7 @@ cleanup: */ static int ecp_mod_p255( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P255_WIDTH + 2]; @@ -1291,7 +1292,7 @@ cleanup: */ static int ecp_mod_p448( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, Q; mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH]; @@ -1353,7 +1354,7 @@ cleanup: static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, size_t adjust, size_t shift, mbedtls_mpi_uint mask ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, R; mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1]; diff --git a/library/entropy.c b/library/entropy.c index d7091cbf7..ad6de2307 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -36,6 +36,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -236,7 +237,7 @@ cleanup: int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, const unsigned char *data, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) @@ -308,7 +309,7 @@ cleanup: */ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 4556f88a5..c9b2c95c6 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -36,6 +36,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" @@ -121,7 +122,7 @@ int mbedtls_platform_entropy_poll( void *data, { FILE *file; size_t read_len; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) data); #if defined(HAVE_GETRANDOM) diff --git a/library/gcm.c b/library/gcm.c index 5121a7ac7..26f6010a0 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -39,6 +39,7 @@ #include "mbedtls/gcm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -168,7 +169,7 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, const unsigned char *key, unsigned int keybits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; GCM_VALIDATE_RET( ctx != NULL ); @@ -280,7 +281,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, const unsigned char *add, size_t add_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; size_t i; const unsigned char *p; @@ -365,7 +366,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ectr[16]; size_t i; const unsigned char *p; @@ -476,7 +477,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, size_t tag_len, unsigned char *tag ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( iv != NULL ); @@ -508,7 +509,7 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; diff --git a/library/hkdf.c b/library/hkdf.c index 82d8a429f..379035ddb 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -29,13 +29,14 @@ #include #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char prk[MBEDTLS_MD_MAX_SIZE]; ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk ); diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index f71c95c44..f811885c9 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -35,6 +35,7 @@ #include "mbedtls/hmac_drbg.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -127,7 +128,7 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t * md_info, const unsigned char *data, size_t data_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -159,7 +160,7 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; { size_t total_entropy_len; @@ -251,7 +252,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, const unsigned char *custom, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t md_size; if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) @@ -329,7 +330,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, unsigned char *output, size_t out_len, const unsigned char *additional, size_t add_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); size_t left = out_len; @@ -398,7 +399,7 @@ exit: */ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) @@ -434,7 +435,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) #if defined(MBEDTLS_FS_IO) int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; diff --git a/library/md.c b/library/md.c index e1b5183b6..b2352034b 100644 --- a/library/md.c +++ b/library/md.c @@ -34,6 +34,7 @@ #include "mbedtls/md.h" #include "mbedtls/md_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include "mbedtls/md2.h" #include "mbedtls/md4.h" @@ -643,7 +644,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si #if defined(MBEDTLS_FS_IO) int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; size_t n; mbedtls_md_context_t ctx; @@ -683,7 +684,7 @@ cleanup: int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; unsigned char *ipad, *opad; size_t i; @@ -738,7 +739,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; @@ -762,7 +763,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ipad; if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) @@ -781,7 +782,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, unsigned char *output ) { mbedtls_md_context_t ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); diff --git a/library/md2.c b/library/md2.c index 1c0b3df52..82aed8e73 100644 --- a/library/md2.c +++ b/library/md2.c @@ -35,6 +35,7 @@ #include "mbedtls/md2.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -170,7 +171,7 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; while( ilen > 0 ) @@ -212,7 +213,7 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char x; @@ -250,7 +251,7 @@ int mbedtls_md2_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md2_context ctx; mbedtls_md2_init( &ctx ); diff --git a/library/md4.c b/library/md4.c index 828fd4299..6a658e31d 100644 --- a/library/md4.c +++ b/library/md4.c @@ -35,6 +35,7 @@ #include "mbedtls/md4.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -253,7 +254,7 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -323,7 +324,7 @@ static const unsigned char md4_padding[64] = int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -371,7 +372,7 @@ int mbedtls_md4_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md4_context ctx; mbedtls_md4_init( &ctx ); diff --git a/library/md5.c b/library/md5.c index a93da8a06..2306855f4 100644 --- a/library/md5.c +++ b/library/md5.c @@ -34,6 +34,7 @@ #include "mbedtls/md5.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -259,7 +260,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -318,7 +319,7 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -386,7 +387,7 @@ int mbedtls_md5_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_context ctx; mbedtls_md5_init( &ctx ); diff --git a/library/nist_kw.c b/library/nist_kw.c index 317a2426a..03e807202 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -39,6 +39,7 @@ #include "mbedtls/nist_kw.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -116,7 +117,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, unsigned int keybits, const int is_wrap ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values( cipher, diff --git a/library/oid.c b/library/oid.c index 27c455e87..891d3cdea 100644 --- a/library/oid.c +++ b/library/oid.c @@ -31,6 +31,7 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" +#include "mbedtls/error.h" #include #include @@ -732,7 +733,7 @@ FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pb int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n; unsigned int value; char *p; diff --git a/library/pem.c b/library/pem.c index 897c8a0d6..31f4a9a25 100644 --- a/library/pem.c +++ b/library/pem.c @@ -34,6 +34,7 @@ #include "mbedtls/md5.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -85,7 +86,7 @@ static int pem_pbkdf1( unsigned char *key, size_t keylen, mbedtls_md5_context md5_ctx; unsigned char md5sum[16]; size_t use_len; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_init( &md5_ctx ); @@ -146,7 +147,7 @@ static int pem_des_decrypt( unsigned char des_iv[8], { mbedtls_des_context des_ctx; unsigned char des_key[8]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_des_init( &des_ctx ); @@ -174,7 +175,7 @@ static int pem_des3_decrypt( unsigned char des3_iv[8], { mbedtls_des3_context des3_ctx; unsigned char des3_key[24]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_des3_init( &des3_ctx ); @@ -204,7 +205,7 @@ static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, { mbedtls_aes_context aes_ctx; unsigned char aes_key[32]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_aes_init( &aes_ctx ); @@ -439,7 +440,7 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer, const unsigned char *der_data, size_t der_len, unsigned char *buf, size_t buf_len, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *encode_buf = NULL, *c, *p = buf; size_t len = 0, use_len, add_len = 0; diff --git a/library/pk.c b/library/pk.c index e93ccfdab..fc166728b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -30,6 +30,7 @@ #include "mbedtls/pk_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" @@ -297,7 +298,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, mbedtls_ecp_restart_is_enabled() && ctx->pk_info->verify_rs_func != NULL ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) return( ret ); @@ -354,7 +355,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, if( type == MBEDTLS_PK_RSASSA_PSS ) { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_rsassa_pss_options *pss_opts; #if SIZE_MAX > UINT_MAX @@ -420,7 +421,7 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, mbedtls_ecp_restart_is_enabled() && ctx->pk_info->sign_rs_func != NULL ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) return( ret ); @@ -604,7 +605,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_ecc_curve_t curve_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* export the private key material in the format PSA wants */ if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 702c3bbb4..266ee7fa4 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -27,6 +27,7 @@ #if defined(MBEDTLS_PK_C) #include "mbedtls/pk_internal.h" +#include "mbedtls/error.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "mbedtls/rsa.h" @@ -83,7 +84,7 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; size_t rsa_len = mbedtls_rsa_get_len( rsa ); @@ -248,7 +249,7 @@ static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; mbedtls_ecdsa_init( &ecdsa ); @@ -266,7 +267,7 @@ static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; mbedtls_ecdsa_init( &ecdsa ); @@ -340,7 +341,7 @@ static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ @@ -365,7 +366,7 @@ static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ @@ -490,7 +491,7 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end, unsigned char *to, size_t to_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len; if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len, @@ -524,7 +525,7 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, unsigned char *sig, size_t int_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tmp_size; if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, @@ -545,7 +546,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; psa_status_t status; @@ -630,7 +631,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, @@ -658,7 +659,7 @@ static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( @@ -804,7 +805,7 @@ static int rsa_alt_check_pair( const void *pub, const void *prv ) unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; size_t sig_len = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); @@ -925,7 +926,7 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, size_t n_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( (size_t)( *p - start ) < n_len ) @@ -977,7 +978,7 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, size_t buf_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const size_t rs_len = *sig_len / 2; unsigned char *p = sig + buf_len; diff --git a/library/pkcs12.c b/library/pkcs12.c index 7edf064c1..96c64ad63 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -37,6 +37,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -53,7 +54,7 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char **p = ¶ms->p; const unsigned char *end = params->p + params->len; @@ -145,7 +146,7 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, ((void) output); return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); #else - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[16]; mbedtls_arc4_context ctx; ((void) mode); @@ -250,7 +251,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, const unsigned char *salt, size_t saltlen, mbedtls_md_type_t md_type, int id, int iterations ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int j; unsigned char diversifier[128]; diff --git a/library/pkcs5.c b/library/pkcs5.c index 3d29fd7e5..883232225 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -38,6 +38,7 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" @@ -59,7 +60,7 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, int *keylen, mbedtls_md_type_t *md_type ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf prf_alg_oid; unsigned char *p = params->p; const unsigned char *end = params->p + params->len; diff --git a/library/pkparse.c b/library/pkparse.c index ae210bca6..596dae919 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -31,6 +31,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -130,7 +131,7 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, const char *path, const char *pwd ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; @@ -157,7 +158,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, */ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; @@ -188,7 +189,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) static int pk_get_ecparams( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if ( end - *p < 1 ) return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + @@ -243,7 +244,7 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, */ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = params->p; const unsigned char * const end = params->p + params->len; const unsigned char *end_field, *end_curve; @@ -433,7 +434,7 @@ cleanup: static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group_id *grp_id ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; mbedtls_ecp_group_init( &grp ); @@ -460,7 +461,7 @@ cleanup: */ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; if( params->tag == MBEDTLS_ASN1_OID ) @@ -500,7 +501,7 @@ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *g static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, mbedtls_ecp_keypair *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q, (const unsigned char *) *p, end - *p ) ) == 0 ) @@ -528,7 +529,7 @@ static int pk_get_rsapubkey( unsigned char **p, const unsigned char *end, mbedtls_rsa_context *rsa ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, @@ -583,7 +584,7 @@ static int pk_get_pk_alg( unsigned char **p, const unsigned char *end, mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf alg_oid; memset( params, 0, sizeof(mbedtls_asn1_buf) ); @@ -615,7 +616,7 @@ static int pk_get_pk_alg( unsigned char **p, int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, mbedtls_pk_context *pk ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_asn1_buf alg_params; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; @@ -811,7 +812,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; size_t len; mbedtls_asn1_buf params; @@ -1164,7 +1165,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_info_t *pk_info; #if defined(MBEDTLS_PEM_PARSE_C) size_t len; @@ -1376,7 +1377,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; #if defined(MBEDTLS_RSA_C) const mbedtls_pk_info_t *pk_info; diff --git a/library/pkwrite.c b/library/pkwrite.c index c2c562348..49a21bf08 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -31,6 +31,7 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -77,7 +78,7 @@ static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, mbedtls_rsa_context *rsa ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; @@ -116,7 +117,7 @@ end_of_export: static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; @@ -144,7 +145,7 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, static int pk_write_ec_param( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const char *oid; size_t oid_len; @@ -163,7 +164,7 @@ static int pk_write_ec_param( unsigned char **p, unsigned char *start, static int pk_write_ec_private( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t byte_length = ( ec->grp.pbits + 7 ) / 8; unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; @@ -181,7 +182,7 @@ exit: int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, const mbedtls_pk_context *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; PK_VALIDATE_RET( p != NULL ); @@ -229,7 +230,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0, par_len = 0, oid_len; mbedtls_pk_type_t pk_type; @@ -315,7 +316,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; @@ -558,7 +559,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; @@ -583,7 +584,7 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, si int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PRV_DER_MAX_BYTES]; const char *begin, *end; size_t olen = 0; diff --git a/library/platform.c b/library/platform.c index 575615954..420d09ea1 100644 --- a/library/platform.c +++ b/library/platform.c @@ -29,6 +29,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" /* The compile time configuration of memory allocation via the macros * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime @@ -86,7 +87,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #include int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; va_list argp; va_start( argp, fmt ); @@ -131,7 +132,7 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, #include int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Avoid calling the invalid parameter handler by checking ourselves */ if( s == NULL || n == 0 || fmt == NULL ) diff --git a/library/poly1305.c b/library/poly1305.c index 2b56c5f7e..bc1e8a649 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -30,6 +30,7 @@ #include "mbedtls/poly1305.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -423,7 +424,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32], unsigned char mac[16] ) { mbedtls_poly1305_context ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; POLY1305_VALIDATE_RET( key != NULL ); POLY1305_VALIDATE_RET( mac != NULL ); POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); @@ -529,7 +530,7 @@ int mbedtls_poly1305_self_test( int verbose ) { unsigned char mac[16]; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; for( i = 0U; i < 2U; i++ ) { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b98a4629d..c82cae9fe 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -75,6 +75,7 @@ #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" #include "mbedtls/sha1.h" @@ -1147,7 +1148,7 @@ static psa_status_t psa_get_rsa_public_exponent( psa_key_attributes_t *attributes ) { mbedtls_mpi mpi; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint8_t *buffer = NULL; size_t buflen; mbedtls_mpi_init( &mpi ); @@ -1251,7 +1252,7 @@ psa_status_t psa_get_key_slot_number( static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; @@ -1336,7 +1337,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { mbedtls_pk_context pk; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { #if defined(MBEDTLS_RSA_C) @@ -1784,7 +1785,7 @@ static psa_status_t psa_validate_optional_attributes( if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_mpi actual, required; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_init( &actual ); mbedtls_mpi_init( &required ); ret = mbedtls_rsa_export( slot->data.rsa, @@ -2107,7 +2108,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ if( operation->alg != 0 ) @@ -2183,7 +2184,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ @@ -2251,7 +2252,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t *hash_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t actual_hash_length = PSA_HASH_SIZE( operation->alg ); /* Fill the output buffer with something that isn't a valid hash @@ -2634,7 +2635,7 @@ static int psa_cmac_setup( psa_mac_operation_t *operation, psa_key_slot_t *slot, const mbedtls_cipher_info_t *cipher_info ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; operation->mac_size = cipher_info->block_size; @@ -2755,7 +2756,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, const mbedtls_cipher_info_t *cipher_info = mbedtls_cipher_info_from_psa( full_length_alg, slot->attr.type, key_bits, NULL ); - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( cipher_info == NULL ) { status = PSA_ERROR_NOT_SUPPORTED; @@ -3107,7 +3108,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, size_t *signature_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); @@ -3165,7 +3166,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, size_t signature_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); @@ -3231,7 +3232,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, size_t signature_size, size_t *signature_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); mbedtls_mpi_init( &r ); @@ -3286,7 +3287,7 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, const uint8_t *signature, size_t signature_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); mbedtls_mpi_init( &r ); @@ -3525,7 +3526,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( output_size < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) @@ -3604,7 +3605,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( input_length != mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -3801,7 +3802,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, size_t *iv_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( operation->iv_set || ! operation->iv_required ) { return( PSA_ERROR_BAD_STATE ); @@ -3833,7 +3834,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, size_t iv_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( operation->iv_set || ! operation->iv_required ) { return( PSA_ERROR_BAD_STATE ); @@ -3861,7 +3862,7 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, size_t *output_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; if( operation->alg == 0 ) @@ -5371,7 +5372,7 @@ exit: psa_status_t psa_generate_random( uint8_t *output, size_t output_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; GUARD_MODULE_INITIALIZED; while( output_size > MBEDTLS_CTR_DRBG_MAX_REQUEST ) @@ -5466,7 +5467,7 @@ static psa_status_t psa_generate_key_internal( if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int exponent; psa_status_t status; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) @@ -5508,7 +5509,7 @@ static psa_status_t psa_generate_key_internal( const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); mbedtls_ecp_keypair *ecp; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( domain_parameters_size != 0 ) return( PSA_ERROR_NOT_SUPPORTED ); if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) diff --git a/library/ripemd160.c b/library/ripemd160.c index 0791ae4cc..a62f4b824 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -35,6 +35,7 @@ #include "mbedtls/ripemd160.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -322,7 +323,7 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -390,7 +391,7 @@ static const unsigned char ripemd160_padding[64] = int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -439,7 +440,7 @@ int mbedtls_ripemd160_ret( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ripemd160_context ctx; mbedtls_ripemd160_init( &ctx ); diff --git a/library/rsa.c b/library/rsa.c index a35af4474..3c2f31438 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -49,6 +49,7 @@ #include "mbedtls/rsa_internal.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -98,7 +99,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; RSA_VALIDATE_RET( ctx != NULL ); if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || @@ -392,7 +393,7 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -436,7 +437,7 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -527,7 +528,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, void *p_rng, unsigned int nbits, int exponent ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi H, G, L; int prime_quality = 0; RSA_VALIDATE_RET( ctx != NULL ); @@ -719,7 +720,7 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; mbedtls_mpi T; RSA_VALIDATE_RET( ctx != NULL ); @@ -832,7 +833,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; /* Temporary holding the result */ @@ -1125,7 +1126,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, unsigned char *output ) { size_t olen; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; unsigned int hlen; const mbedtls_md_info_t *md_info; @@ -1212,7 +1213,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, unsigned char *output ) { size_t nb_pad, olen; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; RSA_VALIDATE_RET( ctx != NULL ); @@ -1322,7 +1323,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, unsigned char *output, size_t output_max_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, pad_len; unsigned char *p, bad, pad_done; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; @@ -1558,7 +1559,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, unsigned char *output, size_t output_max_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, plaintext_max_size; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; /* The following variables take sensitive values: their value must @@ -1774,7 +1775,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, unsigned char *p = sig; unsigned char salt[MBEDTLS_MD_MAX_SIZE]; size_t slen, min_slen, hlen, offset = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; @@ -2029,7 +2030,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, const unsigned char *hash, unsigned char *sig ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *sig_try = NULL, *verif = NULL; RSA_VALIDATE_RET( ctx != NULL ); @@ -2151,7 +2152,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int expected_salt_len, const unsigned char *sig ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t siglen; unsigned char *p; unsigned char *hash_start; @@ -2448,7 +2449,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; RSA_VALIDATE_RET( dst != NULL ); RSA_VALIDATE_RET( src != NULL ); diff --git a/library/sha1.c b/library/sha1.c index 355c83d2f..923394341 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -34,6 +34,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -307,7 +308,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -368,7 +369,7 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -440,7 +441,7 @@ int mbedtls_sha1_ret( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha1_context ctx; SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); diff --git a/library/sha256.c b/library/sha256.c index 2dc0e1a2c..087a8e349 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -34,6 +34,7 @@ #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -275,7 +276,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -336,7 +337,7 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -414,7 +415,7 @@ int mbedtls_sha256_ret( const unsigned char *input, unsigned char output[32], int is224 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); diff --git a/library/sha512.c b/library/sha512.c index 2e2b79787..fa4025653 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -34,6 +34,7 @@ #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 @@ -323,7 +324,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; unsigned int left; @@ -383,7 +384,7 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; @@ -463,7 +464,7 @@ int mbedtls_sha512_ret( const unsigned char *input, unsigned char output[64], int is384 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); From 9c2ccd2e7afbb964be15fa4de53a2cd2682c5276 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 9 Dec 2019 15:00:41 +0000 Subject: [PATCH 5/5] Fix error code range in documentation --- include/mbedtls/error.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 7ca54b8c3..5ccebebde 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -52,7 +52,7 @@ * For historical reasons, low-level error codes are divided in even and odd, * even codes were assigned first, and -1 is reserved for other errors. * - * Low-level module errors (0x0002-0x007E, 0x0003-0x007F) + * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) * * Module Nr Codes assigned * ERROR 2 0x006E 0x0001