mbedtls/library
Gilles Peskine 7820a574f1 Catch failures of AES or DES operations
Declare all AES and DES functions that return int as needing to have
their result checked, and do check the result in our code.

A DES or AES block operation can fail in alternative implementations of
mbedtls_internal_aes_encrypt() (under MBEDTLS_AES_ENCRYPT_ALT),
mbedtls_internal_aes_decrypt() (under MBEDTLS_AES_DECRYPT_ALT),
mbedtls_des_crypt_ecb() (under MBEDTLS_DES_CRYPT_ECB_ALT),
mbedtls_des3_crypt_ecb() (under MBEDTLS_DES3_CRYPT_ECB_ALT).
A failure can happen if the accelerator peripheral is in a bad state.
Several block modes were not catching the error.

This commit does the following code changes, grouped together to avoid
having an intermediate commit where the build fails:

* Add MBEDTLS_CHECK_RETURN to all functions returning int in aes.h and des.h.
* Fix all places where this causes a GCC warning, indicating that our code
  was not properly checking the result of an AES operation:
    * In library code: on failure, goto exit and return ret.
    * In pkey programs: goto exit.
    * In the benchmark program: exit (not ideal since there's no error
      message, but it's what the code currently does for failures).
    * In test code: TEST_ASSERT.
* Changelog entry.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 16:22:08 +02:00
..
.gitignore Ignore generated source files that are no longer checked in 2021-05-20 10:37:22 +02:00
aes.c Catch failures of AES or DES operations 2021-09-27 16:22:08 +02:00
aesni.c Move aesni.h to library 2021-03-10 12:52:37 +00:00
aesni.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
aria.c Replace 3 byte shift with appropriate macro 2021-08-19 09:55:42 +01:00
asn1parse.c Add missing const attribute to asn1 api 2021-01-26 13:57:46 +01:00
asn1write.c Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x 2021-08-19 09:56:47 +01:00
base64.c Use byte reading macros in places not using a byte mask 2021-08-19 09:56:47 +01:00
bignum.c Replace _RR with prec_RR to prevent reserved identifier clashes 2021-07-14 10:20:09 +01:00
bn_mul.h Fix aarch64 assembly for bignum multiplication 2021-09-22 18:31:35 +01:00
camellia.c Add Character byte reading macros 2021-08-19 09:55:41 +01:00
ccm.c Remove rendundat ctx->add_len check. 2021-09-06 12:09:34 +02:00
chacha20.c Replace instances of byte reading macros with PUT 2021-08-19 09:56:47 +01:00
chachapoly.c Replace instances of byte reading macros with PUT 2021-08-19 09:56:47 +01:00
check_crypto_config.h psa: config: Add CAMELLIA to the list of possible CMAC ciphers 2021-03-25 14:25:46 +01:00
cipher_wrap.c Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
cipher_wrap.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
cipher.c Add output_length parameter to mbedtls_gcm_finish 2021-06-23 21:51:32 +02:00
cmac.c Allow skipping 3DES in CMAC self-test when ALT implemented 2021-03-02 10:18:08 +01:00
CMakeLists.txt Add dummy stages for client_hello_process 2021-09-03 16:29:19 +08:00
common.h Remove trailing whitespace 2021-08-19 09:57:42 +01:00
ctr_drbg.c Tidy up grouped MBEDTLS_BYTE_x macros 2021-08-23 11:52:28 +01:00
debug.c Add missing parentheses 2021-06-17 21:46:29 +02:00
des.c Catch failures of AES or DES operations 2021-09-27 16:22:08 +02:00
dhm.c Use byte reading macros in places not using a byte mask 2021-08-19 09:56:47 +01:00
ecdh_misc.h fix various issues 2021-09-15 22:06:11 +08:00
ecdh.c fix various issues 2021-09-15 22:06:11 +08:00
ecdsa.c Add output size parameter to signature functions 2021-06-25 00:46:22 +02:00
ecjpake.c Tidy up grouped MBEDTLS_BYTE_x macros 2021-08-23 11:52:28 +01:00
ecp_curves.c Add prefix to BYTES_TO_T_UINT_* 2021-06-25 12:46:40 +01:00
ecp_internal_alt.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
ecp_invasive.h Move mbedtls_mpi_random to the bignum module 2021-06-03 18:10:04 +02:00
ecp.c Improve documentation and add more uses of MBEDTLS_PUT 2021-08-19 09:57:42 +01:00
entropy_poll.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
entropy_poll.h Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
entropy.c Merge pull request #4640 from TRodziewicz/move_part_of_timing_module_out_of_the_library_and_to_test 2021-06-18 16:35:58 +01:00
gcm.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
hkdf.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
hmac_drbg.c Rename the _ret() functions 2021-06-08 16:45:41 +02:00
Makefile Add dummy stages for client_hello_process 2021-09-03 16:29:19 +08:00
md5.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
md_wrap.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
md.c Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
memory_buffer_alloc.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
mps_common.h Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
mps_error.h Fix Doxygen headers for MPS files 2021-03-29 14:20:18 +01:00
mps_reader.c Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
mps_reader.h Fix Doxygen headers for MPS files 2021-03-29 14:20:18 +01:00
mps_trace.c Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
mps_trace.h Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
net_sockets.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
nist_kw.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
oid.c Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
padlock.c Move padlock.h to library 2021-03-10 12:52:37 +00:00
padlock.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
pem.c Rename the _ret() functions 2021-06-08 16:45:41 +02:00
pk_wrap.c Fix the build with MBEDTLS_ECP_RESTARTABLE enabled 2021-06-25 00:46:22 +02:00
pk_wrap.h Merge pull request #4694 from gilles-peskine-arm/out_size-3.0 2021-06-29 09:43:17 +02:00
pk.c Add output size parameter to signature functions 2021-06-25 00:46:22 +02:00
pkcs5.c Apply MBEDTLS_ERROR_ADD to library 2021-04-15 11:19:47 +01:00
pkcs12.c Use byte reading macros in places not using a byte mask 2021-08-19 09:56:47 +01:00
pkparse.c Remove compiler warning if only MBEDTLS_PK_PARSE_C is defined 2021-08-31 13:05:12 +02:00
pkwrite.c Merge branch 'development_3.0' into remove_depr_error_codes 2021-04-21 12:31:43 +02:00
platform_util.c Correction to callback declaration and usage 2021-07-13 12:23:12 +02:00
platform.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
poly1305.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
psa_crypto_aead.c Update all uses of old AEAD output size macros 2021-04-15 17:32:06 +02:00
psa_crypto_aead.h psa: aead: Move AEAD driver entry points to psa_crypto_aead.c 2021-04-07 16:03:31 +02:00
psa_crypto_cipher.c Fix the size in bytes 2021-09-13 12:21:22 +02:00
psa_crypto_cipher.h Remove invalid buffer overflow check 2021-06-29 19:55:24 +02:00
psa_crypto_client.c Move the inclusion of crypto_spe.h to psa/crypto_platform.h 2021-06-17 11:43:58 +02:00
psa_crypto_core.h Code style improvements 2021-09-08 22:04:13 +05:30
psa_crypto_driver_wrappers.c Styling and refactoring 2021-09-10 07:16:08 +05:30
psa_crypto_driver_wrappers.h Styling and refactoring 2021-09-10 07:16:08 +05:30
psa_crypto_ecp.c Add test driver support for opaque key import 2021-09-08 22:03:54 +05:30
psa_crypto_ecp.h Add test driver support for opaque key import 2021-09-08 22:03:54 +05:30
psa_crypto_hash.c Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
psa_crypto_hash.h Merge branch 'development' into development_3.0 2021-04-19 10:51:59 +02:00
psa_crypto_invasive.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
psa_crypto_its.h Update documentation 2020-11-25 13:10:50 +01:00
psa_crypto_mac.c Merge pull request #4316 from gabor-mezei-arm/3258_implement_one-shot_MAC 2021-06-22 12:18:25 +02:00
psa_crypto_mac.h Move is_sign and mac_size checking back to PSA core scope 2021-05-10 11:29:13 +02:00
psa_crypto_random_impl.h Work around MSVC bug with duplicate static declarations 2021-02-16 18:55:05 +01:00
psa_crypto_rsa.c Add test driver support for opaque key import 2021-09-08 22:03:54 +05:30
psa_crypto_rsa.h Add test driver support for opaque key import 2021-09-08 22:03:54 +05:30
psa_crypto_se.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
psa_crypto_se.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
psa_crypto_slot_management.c Merge pull request #4878 from SiliconLabs/remove_dependency_4877 2021-09-20 22:20:16 +02:00
psa_crypto_slot_management.h psa: Fix error code when creating/registering a key with invalid id 2021-04-01 14:05:41 +02:00
psa_crypto_storage.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
psa_crypto_storage.h Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT 2021-02-15 14:26:44 +01:00
psa_crypto.c Styling and refactoring 2021-09-10 07:16:08 +05:30
psa_its_file.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
ripemd160.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
rsa_alt_helpers.c Rename rsa_internal.* to rsa_alt_helpers.* 2021-03-10 12:52:37 +00:00
rsa_alt_helpers.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
rsa.c Remove redundant hash len check 2021-07-08 12:46:26 +01:00
sha1.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
sha256.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
sha512.c Add UINT64 GET and PUT macros 2021-08-19 09:56:47 +01:00
ssl_cache.c Fix search for outdated entries in SSL session cache 2021-05-14 14:55:15 +01:00
ssl_ciphersuites.c Replace SHA512_C with SHA384_C 2021-08-25 18:13:48 +08:00
ssl_cli.c Minor coding style improvement 2021-08-20 16:20:44 +01:00
ssl_cookie.c Replace instances of byte reading macros with PUT 2021-08-19 09:56:47 +01:00
ssl_invasive.h Merge pull request #736 from mpg/cf-varpos-copy-dev-restricted 2020-08-25 14:35:55 +01:00
ssl_misc.h Remove restartable and everest from tls1.3 2021-09-14 19:33:31 +08:00
ssl_msg.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
ssl_srv.c Minor coding style improvement 2021-08-20 16:20:44 +01:00
ssl_ticket.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
ssl_tls13_client.c fix various issues 2021-09-15 22:06:11 +08:00
ssl_tls13_generic.c fix various issues 2021-09-08 16:41:02 +08:00
ssl_tls13_keys.c Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x 2021-08-19 09:56:47 +01:00
ssl_tls13_keys.h Add TLS 1.3 specific key to SSL transform conversion function 2021-08-02 04:52:49 +01:00
ssl_tls13_server.c fix name conversion issue for tls13 server entry 2021-09-03 16:29:20 +08:00
ssl_tls.c fix name conversion issue for tls13 server entry 2021-09-03 16:29:20 +08:00
threading.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
timing.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
version.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
x509_create.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
x509_crl.c Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased 2021-04-28 17:31:55 +01:00
x509_crt.c Merge pull request #4671 from mpg/x509-crt-profile-public 2021-06-23 16:06:12 +01:00
x509_csr.c Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased 2021-04-28 17:31:55 +01:00
x509.c Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased 2021-04-28 17:31:55 +01:00
x509write_crt.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
x509write_csr.c Add output size parameter to signature functions 2021-06-25 00:46:22 +02:00