WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

error code fixes: 

* fix TLS layer to consistently use WOLFSSL_FATAL_ERROR for error retvals, rather than literal -1.
* add WC_NO_ERR_TRACE() wrapper around LENGTH_ONLY_E (it does not signify an error condition).
* refactor errcode handling for traceability in wolfSSL_DSA_do_sign(), wolfSSL_DH_size(), wolfSSL_EC_KEY_get_conv_form(), wolfSSL_d2i_DSA_SIG(), wolfSSL_DSA_do_sign(), SetDhInternal(), and wolfSSL_EC_KEY_get_conv_form().
pull/7956/head
Daniel Pouzzner 2024-09-06 19:33:48 -05:00
parent 398f8c90e2
commit c81c9be9ce
36 changed files with 551 additions and 545 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/bio.c
View File

@ -1849,13 +1849,13 @@ int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs)
WOLFSSL_ENTER("wolfSSL_BIO_seek");
if (bio == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* offset ofs from beginning of file */
if (bio->type == WOLFSSL_BIO_FILE &&
XFSEEK(bio->ptr.fh, ofs, SEEK_SET) < 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
@ -1872,7 +1872,7 @@ int wolfSSL_BIO_tell(WOLFSSL_BIO* bio)
WOLFSSL_ENTER("wolfSSL_BIO_tell");
if (bio == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (bio->type != WOLFSSL_BIO_FILE) {
@ -1881,7 +1881,7 @@ int wolfSSL_BIO_tell(WOLFSSL_BIO* bio)
pos = (int)XFTELL(bio->ptr.fh);
if (pos < 0)
return -1;
return WOLFSSL_FATAL_ERROR;
else
return pos;
}
@ -3246,7 +3246,7 @@ int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, va_list args)
#if !defined(NO_FILESYSTEM)
case WOLFSSL_BIO_FILE:
if (bio->ptr.fh == XBADFILE) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = XVFPRINTF(bio->ptr.fh, format, args);
break;

28
src/crl.c
View File

@ -121,7 +121,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer,
dcrl->issuerSz);
if (crle->issuer == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
#ifdef CRL_STATIC_REVOKED_LIST
@ -141,13 +141,13 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap,
DYNAMIC_TYPE_CRL_ENTRY);
if (crle->toBeSigned == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
crle->signature = (byte*)XMALLOC(crle->signatureSz, heap,
DYNAMIC_TYPE_CRL_ENTRY);
if (crle->signature == NULL) {
XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
crle->toBeSigned = NULL;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WC_RSA_PSS
@ -160,7 +160,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
crle->toBeSigned = NULL;
XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY);
crle->signature = NULL;
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex,
crle->sigParamsSz);
@ -563,7 +563,7 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
WOLFSSL_ENTER("AddCRL");
if (crl == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
crle = crl->currentEntry;
@ -578,7 +578,7 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
if (InitCRL_Entry(crle, dcrl, buff, verified, crl->heap) < 0) {
WOLFSSL_MSG("Init CRL Entry failed");
CRL_Entry_free(crle, crl->heap);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
@ -625,7 +625,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
else {
WOLFSSL_MSG("Pem to Der failed");
FreeDer(&der);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#else
ret = NOT_COMPILED_IN;
@ -1018,7 +1018,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (crl->monitors[0].path) {
@ -1029,7 +1029,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -1041,7 +1041,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -1051,7 +1051,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
}
newList = tmp->crlList;
@ -1103,7 +1103,7 @@ static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL);
if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) {
WOLFSSL_MSG("kevent trigger customer event failed");
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
@ -1235,7 +1235,7 @@ static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
/* write to our custom event */
if (write(mfd, &w64, sizeof(w64)) < 0) {
WOLFSSL_MSG("StopMonitor write failed");
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
@ -1378,7 +1378,7 @@ static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
{
if (SetEvent(mfd) == 0) {
WOLFSSL_MSG("SetEvent custom event trigger failed");
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
}

2
src/dtls13.c
View File

@ -2585,7 +2585,7 @@ int Dtls13RtxTimeout(WOLFSSL* ssl)
/* Increase timeout on long timeout */
if (DtlsMsgPoolTimeout(ssl) != 0)
return -1;
return WOLFSSL_FATAL_ERROR;
return Dtls13RtxSendBuffered(ssl);
}

34
src/internal.c
View File

@ -2108,7 +2108,7 @@ int wolfSSL_session_export_internal(WOLFSSL* ssl, byte* buf, word32* sz,
if (type == WOLFSSL_EXPORT_TLS) {
*sz += AES_BLOCK_SIZE*2;
}
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (ret == 0) {
@ -10467,7 +10467,7 @@ static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz)
if (ssl->CBIORecv == NULL) {
WOLFSSL_MSG("Your IO Recv callback is null, please set");
return -1;
return WOLFSSL_FATAL_ERROR;
}
retry:
@ -10486,7 +10486,7 @@ retry:
}
#endif
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
case WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ):
if (retryLimit > 0 && ssl->ctx->autoRetry &&
@ -10503,7 +10503,7 @@ retry:
}
#endif
ssl->options.connReset = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
case WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_ISR): /* interrupt */
/* see if we got our timeout */
@ -10527,7 +10527,7 @@ retry:
case WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_CONN_CLOSE):
ssl->options.isClosed = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
case WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_TIMEOUT):
#ifdef WOLFSSL_DTLS
@ -10537,7 +10537,7 @@ retry:
if (Dtls13RtxTimeout(ssl) < 0) {
WOLFSSL_MSG(
"Error trying to retransmit DTLS buffered message");
return -1;
return WOLFSSL_FATAL_ERROR;
}
goto retry;
}
@ -10552,7 +10552,7 @@ retry:
goto retry;
}
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
default:
WOLFSSL_MSG("Unexpected recv return code");
@ -27580,7 +27580,7 @@ static int CmpEccStrength(int hashAlgo, int curveSz)
{
int dgstSz = GetMacDigestSize((byte)hashAlgo);
if (dgstSz <= 0)
return -1;
return WOLFSSL_FATAL_ERROR;
return dgstSz - (curveSz & (~0x3));
}
#endif
@ -38207,7 +38207,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
diff -= ticketSeen;
if (diff > timeout * 1000 ||
diff > (sword64)TLS13_MAX_TICKET_AGE * 1000)
return -1;
return WOLFSSL_FATAL_ERROR;
#else
sword64 diff;
sword64 ticketSeen; /* Time ticket seen (ms) */
@ -38225,7 +38225,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
diff -= ticketSeen;
if (diff > timeout * 1000 ||
diff > (sword64)TLS13_MAX_TICKET_AGE * 1000)
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
ato32(psk->it->ageAdd, &ticketAdd);
/* Subtract client's ticket age and unobfuscate. */
@ -38235,7 +38235,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* Allow +/- 1000 milliseconds on ticket age.
*/
if (diff < -1000 || diff - MAX_TICKET_AGE_DIFF * 1000 > 1000)
return -1;
return WOLFSSL_FATAL_ERROR;
#if !defined(WOLFSSL_PSK_ONE_ID) && !defined(WOLFSSL_PRIORITIZE_PSK)
/* Check whether resumption is possible based on suites in SSL and
@ -38243,18 +38243,18 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
*/
(void)ssl;
if (XMEMCMP(suite, psk->it->suite, SUITE_LEN) != 0)
return -1;
return WOLFSSL_FATAL_ERROR;
#else
(void)suite;
if (!FindSuiteSSL(ssl, psk->it->suite))
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
#ifdef OPENSSL_EXTRA
if (ssl->sessionCtxSz > 0 &&
(psk->it->sessionCtxSz != ssl->sessionCtxSz ||
XMEMCMP(psk->it->sessionCtx, ssl->sessionCtx,
ssl->sessionCtxSz) != 0))
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
return 0;
}
@ -41086,7 +41086,7 @@ int wolfSSL_sk_BY_DIR_HASH_find(
}
next = next->next;
}
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* return a number of WOLFSSL_BY_DIR_HASH in stack */
int wolfSSL_sk_BY_DIR_HASH_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk)
@ -41094,7 +41094,7 @@ int wolfSSL_sk_BY_DIR_HASH_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk)
WOLFSSL_ENTER("wolfSSL_sk_BY_DIR_HASH_num");
if (sk == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
return (int)sk->num;
}
/* return WOLFSSL_BY_DIR_HASH instance at i */
@ -41277,7 +41277,7 @@ int wolfSSL_sk_BY_DIR_entry_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *sk)
WOLFSSL_ENTER("wolfSSL_sk_BY_DIR_entry_num");
if (sk == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
return (int)sk->num;
}
/* return WOLFSSL_BY_DIR_entry instance at i */

6
src/ocsp.c
View File

@ -1641,7 +1641,7 @@ int wolfSSL_OCSP_REQ_CTX_nbio(WOLFSSL_OCSP_REQ_CTX *ctx)
reqLen - ctx->sent);
if (sent <= 0) {
if (wolfSSL_BIO_should_retry(ctx->bio))
return -1;
return WOLFSSL_FATAL_ERROR;
WOLFSSL_MSG("wolfSSL_BIO_write error");
ctx->ioState = ORIOS_INVALID;
return 0;
@ -1670,7 +1670,7 @@ int wolfSSL_OCSP_REQ_CTX_nbio(WOLFSSL_OCSP_REQ_CTX *ctx)
if (ret == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ) ||
ret == WC_NO_ERR_TRACE(OCSP_WANT_READ))
{
return -1;
return WOLFSSL_FATAL_ERROR;
}
return WOLFSSL_FAILURE;
}
@ -1898,7 +1898,7 @@ int wolfSSL_OCSP_check_nonce(OcspRequest* req, WOLFSSL_OCSP_BASICRESP* bs)
/* nonce present in req only */
if (reqNonce != NULL && rspNonce == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
/* nonces are present and equal, return 1. Extra NULL check for fixing
scan-build warning. */

348
src/pk.c
View File

File diff suppressed because it is too large Load Diff

4
src/quic.c
View File

@ -200,7 +200,7 @@ static sword32 quic_record_transfer(QuicRecord* qr, byte* buf, word32 sz)
/* We check if the buf is at least RECORD_HEADER_SZ */
if (sz < RECORD_HEADER_SZ) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (qr->rec_hdr_remain == 0) {
@ -785,7 +785,7 @@ int wolfSSL_quic_receive(WOLFSSL* ssl, byte* buf, word32 sz)
/* record too small to be fit into a RecordLayerHeader struct. */
if (n == -1) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (quic_record_done(ssl->quic.input_head)) {
QuicRecord* qr = ssl->quic.input_head;

254
src/sniffer.c
View File

@ -1656,31 +1656,31 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
int ret = -1;
if (keyBuf == NULL || keyBufSz == NULL || keyFile == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (keySz == 0) {
/* load from file */
file = XFOPEN(keyFile, "rb");
if (file == XBADFILE) return -1;
if (file == XBADFILE) return WOLFSSL_FATAL_ERROR;
if(XFSEEK(file, 0, XSEEK_END) != 0) {
XFCLOSE(file);
return -1;
return WOLFSSL_FATAL_ERROR;
}
fileSz = XFTELL(file);
if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) {
XFCLOSE(file);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if(XFSEEK(file, 0, XSEEK_SET) != 0) {
XFCLOSE(file);
return -1;
return WOLFSSL_FATAL_ERROR;
}
loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE);
if (loadBuf == NULL) {
XFCLOSE(file);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = (int)XFREAD(loadBuf, 1, fileSz, file);
@ -1688,14 +1688,14 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
if (ret != fileSz) {
XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
else {
/* use buffer directly */
loadBuf = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_FILE);
if (loadBuf == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
fileSz = keySz;
XMEMCPY(loadBuf, keyFile, fileSz);
@ -1732,7 +1732,7 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
}
if (ret < 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
return ret;
@ -1751,14 +1751,14 @@ static int CreateWatchSnifferServer(char* error)
DYNAMIC_TYPE_SNIFFER_SERVER);
if (sniffer == NULL) {
SetError(MEMORY_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
InitSnifferServer(sniffer);
sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
if (!sniffer->ctx) {
SetError(MEMORY_STR, error, NULL, 0);
FreeSnifferServer(sniffer);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
if (CryptoDeviceId != INVALID_DEVID)
@ -1800,7 +1800,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
NULL, DYNAMIC_TYPE_SNIFFER_NAMED_KEY);
if (namedKey == NULL) {
SetError(MEMORY_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMSET(namedKey, 0, sizeof(NamedKey));
@ -1815,7 +1815,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
if (ret < 0) {
SetError(KEY_FILE_STR, error, NULL, 0);
FreeNamedKey(namedKey);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
#endif
@ -1849,7 +1849,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
#ifdef HAVE_SNI
FreeNamedKey(namedKey);
#endif
return -1;
return WOLFSSL_FATAL_ERROR;
}
InitSnifferServer(sniffer);
@ -1865,7 +1865,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
FreeNamedKey(namedKey);
#endif
FreeSnifferServer(sniffer);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
if (CryptoDeviceId != INVALID_DEVID)
@ -1906,7 +1906,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
SetError(KEY_FILE_STR, error, NULL, 0);
if (isNew)
FreeSnifferServer(sniffer);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLF_CRYPTO_CB
wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
@ -2124,7 +2124,7 @@ static int CheckIp6Hdr(Ip6Hdr* iphdr, IpInfo* info, int length, char* error)
if (version != IPV6) {
SetError(BAD_IPVER_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* Here, we need to move onto next header if not TCP. */
@ -2134,7 +2134,7 @@ static int CheckIp6Hdr(Ip6Hdr* iphdr, IpInfo* info, int length, char* error)
int hdrsz = (exthdr->length + 1) * 8;
if (hdrsz > length - exthdrsz) {
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
exthdrsz += hdrsz;
exthdr = (Ip6ExtHdr*)((byte*)exthdr + hdrsz);
@ -2146,7 +2146,7 @@ static int CheckIp6Hdr(Ip6Hdr* iphdr, IpInfo* info, int length, char* error)
#ifndef WOLFSSL_SNIFFER_WATCH
if (!IsServerRegistered6(iphdr->src) && !IsServerRegistered6(iphdr->dst)) {
SetError(SERVER_NOT_REG_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -2180,12 +2180,12 @@ static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error,
if (version != IPV4) {
SetError(BAD_IPVER_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (iphdr->protocol != TCP_PROTOCOL) {
SetError(BAD_PROTO_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
info->length = IP_HL(iphdr);
@ -2577,7 +2577,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
if (args->length > *sslBytes) {
SetError(PARTIAL_INPUT_STR, error, session,
FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
@ -2800,7 +2800,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
if (args->length > *sslBytes) {
SetError(PARTIAL_INPUT_STR, error, session,
FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* if curve not provided in key share data, then use private
@ -2893,7 +2893,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
if (args->length > *sslBytes) {
SetError(PARTIAL_INPUT_STR, error, session,
FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
if (ret == 0) {
@ -2976,7 +2976,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
if (args->length > *sslBytes) {
SetError(PARTIAL_INPUT_STR, error, session,
FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
if (ret == 0) {
@ -3162,13 +3162,13 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
if (SetCipherSpecs(session->sslServer) != 0) {
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
ret = -1; break;
ret = WOLFSSL_FATAL_ERROR; break;
}
if (SetCipherSpecs(session->sslClient) != 0) {
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
ret = -1; break;
ret = WOLFSSL_FATAL_ERROR; break;
}
#ifdef WOLFSSL_TLS13
@ -3200,7 +3200,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
if (ret != 0) {
SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
ret = -1; break;
ret = WOLFSSL_FATAL_ERROR; break;
}
#ifdef SHOW_SECRETS
@ -3260,7 +3260,7 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
session->sslServer->buffers.key->length == 0) {
SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -3288,7 +3288,7 @@ static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len,
info->key_len = (word16)((input[index] << 8) | input[index+1]);
index += OPAQUE16_LEN;
if (info->key_len == 0 || info->key_len > len - index) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
info->key = &input[index];
index += info->key_len;
@ -3392,7 +3392,7 @@ static int ProcessServerKeyShare(SnifferSession* session, const byte* input, int
}
if (ret != 0) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
return ret;
@ -3417,7 +3417,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* make sure can read through hint len */
if (TICKET_HINT_LEN > *sslBytes) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
input += TICKET_HINT_LEN; /* skip over hint len */
*sslBytes -= TICKET_HINT_LEN;
@ -3428,7 +3428,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* make sure can read through hint age and nonce len */
if (TICKET_HINT_AGE_LEN + 1 > *sslBytes) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
input += TICKET_HINT_AGE_LEN; /* skip over hint age */
*sslBytes -= TICKET_HINT_AGE_LEN;
@ -3437,7 +3437,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
len = input[0];
if (len > MAX_TICKET_NONCE_STATIC_SZ) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
input += OPAQUE8_LEN;
*sslBytes -= OPAQUE8_LEN;
@ -3455,7 +3455,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* make sure can read through len */
if (OPAQUE16_LEN > *sslBytes) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
len = (word16)((input[0] << 8) | input[1]);
@ -3465,7 +3465,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* make sure can read through ticket */
if (len > *sslBytes) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_TLS13
@ -3475,7 +3475,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
#ifdef HAVE_SESSION_TICKET
if (SetTicket(session->sslServer, input, len) != 0) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* set haveSessionId to use the wolfSession cache */
@ -3502,7 +3502,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* capture last part of sessionID as macID (32 bytes) */
if (len < ID_LEN) {
SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* store session with macID as sessionID */
session->sslServer->options.haveSessionId = 1;
@ -3546,7 +3546,7 @@ static int DoResume(SnifferSession* session, char* error)
INC_STAT(SnifferStats.sslResumeMisses);
#endif
SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -3571,13 +3571,13 @@ static int DoResume(SnifferSession* session, char* error)
if (SetCipherSpecs(session->sslServer) != 0) {
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (SetCipherSpecs(session->sslClient) != 0) {
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_TLS13
@ -3616,7 +3616,7 @@ static int DoResume(SnifferSession* session, char* error)
if (ret != 0) {
SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
return ret;
@ -3645,7 +3645,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
/* make sure can read through session len */
if (toRead > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMCPY(&pv, input, VERSION_SZ);
@ -3670,7 +3670,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
/* make sure can read through compression */
if ( (b + SUITE_LEN + ENUM_LEN) > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (b) {
#ifdef WOLFSSL_TLS13
@ -3718,7 +3718,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
if (b) {
SetError(BAD_COMPRESSION_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* extensions */
@ -3729,7 +3729,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
/* make sure can read len */
if (SUITE_LEN > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
len = (word16)((input[0] << 8) | input[1]);
input += SUITE_LEN;
@ -3737,7 +3737,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
/* make sure can read through all extensions */
if (len > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
while (len >= EXT_TYPE_SZ + LENGTH_SZ) {
@ -3756,7 +3756,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
if (extLen > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef DEBUG_SNIFFER
printf("\tserver_hello ext: 0x%02x (len %d)\n", extType, extLen);
@ -3769,7 +3769,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
if (ret != 0) {
SetError(SERVER_HELLO_INPUT_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
break;
#endif
@ -3835,14 +3835,14 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
#ifndef WOLFSSL_TLS13
SetError(UNSUPPORTED_TLS_VER_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
}
else {
#ifdef WOLFSSL_NO_TLS12
SetError(UNSUPPORTED_TLS_VER_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
}
@ -4007,7 +4007,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read up to session len */
if (toRead > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* skip, get negotiated one from server hello */
@ -4029,7 +4029,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
if (bLen) {
if (ID_LEN > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
Trace(CLIENT_RESUME_TRY_STR);
#ifdef WOLFSSL_TLS13
@ -4055,7 +4055,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read len */
if (SUITE_LEN > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
len = (word16)((input[0] << 8) | input[1]);
input += SUITE_LEN;
@ -4063,7 +4063,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read suites + comp len */
if (len + ENUM_LEN > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
input += len;
*sslBytes -= len;
@ -4074,7 +4074,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read len */
if (bLen > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
input += bLen;
*sslBytes -= bLen;
@ -4088,7 +4088,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read len */
if (SUITE_LEN > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
len = (word16)((input[0] << 8) | input[1]);
input += SUITE_LEN;
@ -4096,7 +4096,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read through all extensions */
if (len > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
while (len >= EXT_TYPE_SZ + LENGTH_SZ) {
@ -4114,7 +4114,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
/* make sure can read through individual extension */
if (extLen > *sslBytes) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef DEBUG_SNIFFER
@ -4163,7 +4163,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
word16 ksLen = (word16)((input[0] << 8) | input[1]);
if (ksLen + OPAQUE16_LEN > extLen) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* cache key share data till server_hello */
session->cliKeyShareSz = ksLen;
@ -4187,7 +4187,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
idsLen = (word16)((input[idx] << 8) | input[idx+1]);
if (idsLen + OPAQUE16_LEN + idx > extLen) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
idx += OPAQUE16_LEN;
@ -4195,7 +4195,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
idLen = (word16)((input[idx] << 8) | input[idx+1]);
if (idLen + OPAQUE16_LEN + idx > extLen) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
idx += OPAQUE16_LEN;
identity = &input[idx];
@ -4211,7 +4211,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
bindersLen = (word16)((input[idx] << 8) | input[idx+1]);
if (bindersLen + OPAQUE16_LEN + idx > extLen) {
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
idx += OPAQUE16_LEN;
binders = &input[idx];
@ -4246,7 +4246,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
if (extLen && extLen < ID_LEN) {
SetError(CLIENT_HELLO_INPUT_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (extLen) {
if (session->ticketID == NULL) {
@ -4255,7 +4255,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
if (session->ticketID == 0) {
SetError(MEMORY_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -4297,7 +4297,7 @@ static int KeyWatchCall(SnifferSession* session, const byte* data, int dataSz,
if (WatchCb == NULL) {
SetError(WATCH_CB_MISSING_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = wc_InitSha256(&sha);
@ -4307,7 +4307,7 @@ static int KeyWatchCall(SnifferSession* session, const byte* data, int dataSz,
ret = wc_Sha256Final(&sha, digest);
if (ret != 0) {
SetError(WATCH_HASH_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = WatchCb((void*)session, digest, sizeof(digest),
@ -4317,7 +4317,7 @@ static int KeyWatchCall(SnifferSession* session, const byte* data, int dataSz,
INC_STAT(SnifferStats.sslKeysUnmatched);
#endif
SetError(WATCH_FAIL_STR, error, session, FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
else {
#ifdef WOLFSSL_SNIFFER_STATS
@ -4341,7 +4341,7 @@ static int ProcessCertificate(const byte* input, int* sslBytes,
if (*sslBytes < CERT_HEADER_SZ) {
SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_TLS13
@ -4358,14 +4358,14 @@ static int ProcessCertificate(const byte* input, int* sslBytes,
if (*sslBytes < (int)certChainSz) {
SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ato24(input, &certSz);
input += OPAQUE24_LEN;
if (*sslBytes < (int)certSz) {
SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
*sslBytes -= certChainSz;
@ -4443,7 +4443,7 @@ static int ProcessFinished(const byte* input, int size, int* sslBytes,
if (ret != 0) {
SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
session->flags.gotFinished = 1;
@ -4479,7 +4479,7 @@ static int ProcessFinished(const byte* input, int size, int* sslBytes,
if (ret != 0) {
SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
#endif
@ -4529,7 +4529,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
if (*sslBytes < HANDSHAKE_HEADER_SZ) {
SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
type = input[0];
size = (input[1] << 16) | (input[2] << 8) | input[3];
@ -4595,7 +4595,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
if (HashUpdate(session->hash, input, size) != 0) {
SetError(EXTENDED_MASTER_HASH_STR, error,
session, FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
goto exit;
}
}
@ -4629,7 +4629,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
/* can't know temp key passively */
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
session->verboseErr = 1;
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
#if defined(WOLFSSL_SNIFFER_STATS)
INC_STAT(SnifferStats.sslEphemeralMisses);
@ -4680,7 +4680,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
else {
SetError(EXTENDED_MASTER_HASH_STR, error,
session, FATAL_ERROR_STATE);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
XMEMSET(session->hash, 0, sizeof(HsHashes));
XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES);
@ -4712,7 +4712,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
break;
default:
SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0);
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
@ -5246,14 +5246,14 @@ static int DoOldHello(SnifferSession* session, const byte* sslFrame,
if (*rhSize > *sslBytes) {
SetError(OLD_CLIENT_INPUT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes,
(word16)*rhSize);
if (ret < 0 && ret != WC_NO_ERR_TRACE(MATCH_SUITE_ERROR)) {
SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
Trace(OLD_CLIENT_OK_STR);
@ -5319,7 +5319,7 @@ static int TcpChecksum(IpInfo* ipInfo, TcpInfo* tcpInfo, int dataLen,
/* field, but tcp checksum offloading could negate calculation */
if (checksum == 0)
return 0;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -5342,7 +5342,7 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
/* ip header */
if (length < IP_HDR_SZ) {
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
version = IP_V(iphdr);
@ -5356,31 +5356,31 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
}
if (CheckIpHdr(iphdr, ipInfo, length, error, trace) != 0)
return -1;
return WOLFSSL_FATAL_ERROR;
#ifndef WOLFSSL_SNIFFER_WATCH
if (checkReg &&
!IsServerRegistered(iphdr->src) && !IsServerRegistered(iphdr->dst)) {
SetError(SERVER_NOT_REG_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
/* tcp header */
if (length < (ipInfo->length + TCP_HDR_SZ)) {
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
tcphdr = (TcpHdr*)(packet + ipInfo->length);
if (CheckTcpHdr(tcphdr, tcpInfo, error, trace) != 0)
return -1;
return WOLFSSL_FATAL_ERROR;
#ifndef WOLFSSL_SNIFFER_WATCH
if (checkReg &&
!IsPortRegistered(tcpInfo->srcPort) &&
!IsPortRegistered(tcpInfo->dstPort)) {
SetError(SERVER_PORT_NOT_REG_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -5388,7 +5388,7 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
*sslFrame = packet + ipInfo->length + tcpInfo->length;
if (*sslFrame > packet + length) {
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* We only care about the data in the TCP/IP record. There may be extra
@ -5430,7 +5430,7 @@ static int CheckSession(IpInfo* ipInfo, TcpInfo* tcpInfo, int sslBytes,
return 1;
SetError(MEMORY_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 1;
}
@ -5453,7 +5453,7 @@ static int CheckSession(IpInfo* ipInfo, TcpInfo* tcpInfo, int sslBytes,
#endif
SetError(BAD_SESSION_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
return 0;
@ -5514,12 +5514,12 @@ static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
if (MaxRecoveryMemory != -1 &&
(int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
add = CreateBuffer(&seq, seq + sslBytes - 1, sslFrame, &bytesLeft);
if (add == NULL) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
*front = add;
*reassemblyMemory += sslBytes;
@ -5536,12 +5536,12 @@ static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
if (MaxRecoveryMemory -1 &&
(int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
add = CreateBuffer(&seq, end, sslFrame, &bytesLeft);
if (add == NULL) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
add->next = curr;
*front = add;
@ -5578,13 +5578,13 @@ static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
if (MaxRecoveryMemory != -1 &&
(int)(*reassemblyMemory + added) > MaxRecoveryMemory) {
SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
add = CreateBuffer(&seq, seq + added - 1, &sslFrame[seq - startSeq],
&bytesLeft);
if (add == NULL) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
add->next = prev->next;
prev->next = add;
@ -5854,7 +5854,7 @@ static int FindNextRecordInAssembly(SnifferSession* session,
if ( *sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
if (GrowInputBuffer(ssl, *sslBytes, 0) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -5946,7 +5946,7 @@ static int CheckAck(TcpInfo* tcpInfo, SnifferSession* session)
TraceAck(real, expected);
if (real > expected)
return -1; /* we missed a packet, ACKing data we never saw */
return WOLFSSL_FATAL_ERROR; /* we missed a packet, ACKing data we never saw */
}
return 0;
}
@ -5995,7 +5995,7 @@ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
UpdateMissedDataSessions();
#endif
SetError(ACK_MISSED_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
else {
SetError(ACK_MISSED_STR, error, session, 0);
@ -6066,13 +6066,13 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
if (session->flags.fatalError == FATAL_ERROR_STATE) {
SetError(FATAL_ERROR_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (skipPartial) {
if (FindNextRecordInAssembly(session,
sslFrame, sslBytes, end, error) < 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -6090,7 +6090,7 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) {
if (GrowInputBuffer(ssl, *sslBytes, length) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
if (vChain == NULL) {
@ -6113,7 +6113,7 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) {
if (GrowInputBuffer(ssl, *sslBytes, length) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -6151,7 +6151,7 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
#ifdef OLD_HELLO_ALLOWED
int ret = DoOldHello(session, *sslFrame, &rhSize, sslBytes, error);
if (ret < 0)
return -1; /* error already set */
return WOLFSSL_FATAL_ERROR; /* error already set */
if (*sslBytes <= 0)
return 1;
#endif
@ -6262,7 +6262,7 @@ doMessage:
rhSize = 0;
if (sslBytes < 0) {
SetError(PACKET_HDR_SHORT_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (sslBytes >= RECORD_HEADER_SZ) {
if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
@ -6284,7 +6284,7 @@ doMessage:
if (sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
if (GrowInputBuffer(ssl, sslBytes, 0) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
XMEMMOVE(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
@ -6322,11 +6322,11 @@ doMessage:
}
if (ssl->decrypt.setup != 1) {
SetError(DECRYPT_KEYS_NOT_SETUP, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (CheckAvailableSize(ssl, rhSize) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
sslFrame = DecryptMessage(ssl, sslFrame, rhSize,
@ -6350,7 +6350,7 @@ doMessage:
if (errCode != 0) {
if ((enum ContentType)rh.type == application_data) {
SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* do not end session for failures on handshake packets */
return 0;
@ -6375,7 +6375,7 @@ doPart:
if (session->flags.fatalError == 0)
SetError(BAD_HANDSHAKE_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* DoHandShake now fully decrements sslBytes to remaining */
@ -6429,7 +6429,7 @@ doPart:
*data = NULL;
SetError(MEMORY_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
*data = tmpData;
XMEMCPY(*data + decoded,
@ -6449,7 +6449,7 @@ doPart:
stored = StoreDataCb(buf, bufSz, offset,
ctx);
if (stored <= 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
offset += stored;
} while (offset < bufSz);
@ -6457,13 +6457,13 @@ doPart:
else {
SetError(STORE_DATA_CB_MISSING_STR, error,
session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
#else
(void)ctx;
SetError(NO_DATA_DEST_STR, error, session,
FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
}
TraceAddedData(ret, decoded);
@ -6474,7 +6474,7 @@ doPart:
else {
/* set error, but do not treat fatal */
SetError(BAD_APP_DATA_STR, error,session, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (ssl->buffers.outputBuffer.dynamicFlag)
ShrinkOutputBuffer(ssl);
@ -6498,7 +6498,7 @@ doPart:
case no_type:
default:
SetError(GOT_UNKNOWN_RECORD_STR, error, session, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* do we have another msg in record ? */
@ -6846,7 +6846,7 @@ int ssl_FreeZeroDecodeBuffer(byte** data, int sz, char* error)
(void)error;
if (sz < 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (data != NULL) {
@ -6869,7 +6869,7 @@ int ssl_Trace(const char* traceFile, char* error)
TraceFile = XFOPEN(traceFile, "a");
if (!TraceFile) {
SetError(BAD_TRACE_FILE_STR, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
TraceOn = 1;
}
@ -6939,7 +6939,7 @@ int ssl_GetSessionStats(unsigned int* active, unsigned int* total,
return 0;
else {
SetError(BAD_SESSION_STATS, error, NULL, 0);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -6980,7 +6980,7 @@ int ssl_ResetStatistics(void)
int ssl_ReadStatistics(SSLStats* stats)
{
if (stats == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
LOCK_STAT();
XMEMCPY(stats, &SnifferStats, sizeof(SSLStats));
@ -6994,7 +6994,7 @@ int ssl_ReadStatistics(SSLStats* stats)
int ssl_ReadResetStatistics(SSLStats* stats)
{
if (stats == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
LOCK_STAT();
XMEMCPY(stats, &SnifferStats, sizeof(SSLStats));
@ -7040,10 +7040,10 @@ int ssl_SetWatchKey_buffer(void* vSniffer, const byte* key, word32 keySz,
int ret;
if (vSniffer == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (key == NULL || keySz == 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
sniffer = (SnifferSession*)vSniffer;
@ -7072,7 +7072,7 @@ int ssl_SetWatchKey_buffer(void* vSniffer, const byte* key, word32 keySz,
if (ret != WOLFSSL_SUCCESS) {
SetError(KEY_FILE_STR, error, sniffer, FATAL_ERROR_STATE);
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
@ -7086,10 +7086,10 @@ int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType,
int ret;
if (vSniffer == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (keyFile == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* Remap the keyType from what the user can use to
@ -7101,7 +7101,7 @@ int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType,
if (ret < 0) {
SetError(KEY_FILE_STR, error, NULL, 0);
XFREE(keyBuf, NULL, DYNAMIC_TYPE_X509);
return -1;
return WOLFSSL_FATAL_ERROR;
}
ret = ssl_SetWatchKey_buffer(vSniffer, keyBuf, keyBufSz, FILETYPE_DER,

48
src/ssl.c
View File

@ -853,7 +853,7 @@ int GetEchConfig(WOLFSSL_EchConfig* config, byte* output, word32* outputLen)
if (output == NULL) {
*outputLen = totalLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (totalLen > *outputLen) {
@ -1010,7 +1010,7 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen)
if (output == NULL) {
*outputLen = totalLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (totalLen > *outputLen) {
@ -2123,7 +2123,7 @@ int wolfSSL_export_dtls_srtp_keying_material(WOLFSSL* ssl,
}
if (out == NULL) {
*olen = (size_t)profile->kdfBits;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*olen < (size_t)profile->kdfBits) {
@ -2332,7 +2332,7 @@ int wolfSSL_mcast_peer_add(WOLFSSL* ssl, word16 peerId, int sub)
}
else {
WOLFSSL_MSG("No room in peer list.");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
else {
@ -4582,7 +4582,7 @@ int wolfSSL_GetCipherType(WOLFSSL* ssl)
if (ssl->specs.cipher_type == aead)
return WOLFSSL_AEAD_TYPE;
return -1;
return WOLFSSL_FATAL_ERROR;
}
@ -6558,7 +6558,7 @@ static int d2iTryRsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
#endif
if (!isRsaKey) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -6642,7 +6642,7 @@ static int d2iTryEccKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
#endif
if (!isEccKey) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -6730,7 +6730,7 @@ static int d2iTryDsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
/* test if DSA key */
if (!isDsaKey) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -6814,7 +6814,7 @@ static int d2iTryDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
/* test if DH key */
if (!isDhKey) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -6898,7 +6898,7 @@ static int d2iTryAltDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
#endif
if (ret != 0) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -7013,7 +7013,7 @@ static int d2iTryFalconKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
#endif
if (!isFalcon) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -7098,7 +7098,7 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
#endif
if (!isDilithium) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (*out != NULL) {
@ -13199,7 +13199,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
}
/* SSL_MODE_AUTO_RETRY
* Should not return -1 with renegotiation on read/write */
* Should not return WOLFSSL_FATAL_ERROR with renegotiation on read/write */
return mode;
}
@ -13226,7 +13226,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
}
/* SSL_MODE_AUTO_RETRY
* Should not return -1 with renegotiation on read/write */
* Should not return WOLFSSL_FATAL_ERROR with renegotiation on read/write */
return 0;
}
@ -13677,7 +13677,7 @@ static WC_INLINE int compare_WOLFSSL_CIPHER(
(a->bits == b->bits))
return 0;
else
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif /* OPENSSL_ALL || WOLFSSL_QT */
@ -18083,7 +18083,7 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
NULL, &szNeeded) != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return WOLFSSL_FAILURE;
*outLen = szNeeded + headerLen + footerLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* don't even try if inLen too short */
@ -19095,7 +19095,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
#endif
if (o == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_QT
@ -19115,7 +19115,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
byte* buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (!buf) {
WOLFSSL_MSG("malloc error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
idx = SetObjectId(o->objSz, buf);
XMEMCPY(buf + idx, o->obj, o->objSz);
@ -19124,12 +19124,12 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ret < 0) {
WOLFSSL_MSG("Issue getting OID of object");
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
else {
WOLFSSL_MSG("Issue getting OID of object");
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -19425,7 +19425,7 @@ static int crypto_ex_cb_new(CRYPTO_EX_cb_ctx** dst, long ctx_l, void* ctx_ptr,
CRYPTO_EX_cb_ctx* new_ctx = (CRYPTO_EX_cb_ctx*)XMALLOC(
sizeof(CRYPTO_EX_cb_ctx), NULL, DYNAMIC_TYPE_OPENSSL);
if (new_ctx == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
new_ctx->ctx_l = ctx_l;
new_ctx->ctx_ptr = ctx_ptr;
new_ctx->new_func = new_func;
@ -19529,7 +19529,7 @@ int wolfssl_get_ex_new_index(int class_index, long ctx_l, void* ctx_ptr,
case WOLF_CRYPTO_EX_INDEX_SSL_SESSION:
if (crypto_ex_cb_new(&crypto_ex_cb_ctx_session, ctx_l, ctx_ptr,
new_func, dup_func, free_func) != 0)
return -1;
return WOLFSSL_FATAL_ERROR;
idx = ssl_session_idx++;
break;
@ -19550,7 +19550,7 @@ int wolfssl_get_ex_new_index(int class_index, long ctx_l, void* ctx_ptr,
break;
}
if (idx >= MAX_EX_DATA)
return -1;
return WOLFSSL_FATAL_ERROR;
return idx;
}
#endif /* HAVE_EX_DATA || WOLFSSL_WPAS_SMALL */
@ -22934,7 +22934,7 @@ int oid2nid(word32 oid, int grp)
}
}
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* frees all nodes in the current threads error queue

54
src/ssl_asn1.c
View File

@ -96,7 +96,7 @@ static int asn1_item_init(void* obj, const WOLFSSL_ASN1_ITEM* item)
for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
asn1Mem(obj, mem->offset) = asn1_new_tpl(mem);
if (asn1Mem(obj, mem->offset) == NULL) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
}
@ -110,7 +110,7 @@ static int asn1_item_init(void* obj, const WOLFSSL_ASN1_ITEM* item)
break;
default:
WOLFSSL_MSG("ASN1 type not implemented");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
@ -516,7 +516,7 @@ static int d2i_handle_tags(const WOLFSSL_ASN1_TEMPLATE* mem, const byte** src,
!= tag ||
GetLength(*src, &idx, asnLen, (word32)*len) < 0) {
WOLFSSL_MSG("asn tag error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
*len -= idx;
*src += idx;
@ -526,20 +526,20 @@ static int d2i_handle_tags(const WOLFSSL_ASN1_TEMPLATE* mem, const byte** src,
* tag so we substitute it for the expected tag. */
if (mem->first_byte == 0) {
WOLFSSL_MSG("first byte not set");
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (GetASNTag(*src, &idx, &tag, (word32)*len) < 0 ||
(byte)mem->tag != (tag & ASN_TYPE_MASK) ||
GetLength(*src, &idx, asnLen, (word32)*len) < 0) {
WOLFSSL_MSG("asn tag error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
*asnLen += idx; /* total buffer length */
*impBuf = (byte*)XMALLOC(*asnLen, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (*impBuf == NULL) {
WOLFSSL_MSG("malloc error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMCPY(*impBuf, *src, *asnLen);
(*impBuf)[0] = mem->first_byte;
@ -608,7 +608,7 @@ static int d2i_ASN_SEQUENCE(void* obj, const byte **src, long len,
err = GetSequence(s, &idx, &slen, (word32)len);
if (err <= 0) {
WOLFSSL_MSG("GetSequence error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
s += idx;
len -= idx;
@ -617,7 +617,7 @@ static int d2i_ASN_SEQUENCE(void* obj, const byte **src, long len,
asn1Mem(obj, mem->offset) = d2i_generic(mem, &s, &len);
if (asn1Mem(obj, mem->offset) == NULL) {
WOLFSSL_MSG("d2i error");
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
*src = s;
@ -638,7 +638,7 @@ static int d2i_ASN_CHOICE(void* obj, const byte **src, long len,
}
}
WOLFSSL_MSG("der does not decode with any CHOICE");
return -1;
return WOLFSSL_FATAL_ERROR;
}
static void* d2i_ASN_OBJECT_TYPE(const byte **src, long len,
@ -690,11 +690,11 @@ void* wolfSSL_ASN1_item_d2i(void** dst, const byte **src, long len,
case WOLFSSL_ASN1_OBJECT_TYPE:
obj = d2i_ASN_OBJECT_TYPE(&tmp, len, item);
if (obj == NULL)
err = -1;
err = WOLFSSL_FATAL_ERROR;
break;
default:
WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_d2i");
err = -1;
err = WOLFSSL_FATAL_ERROR;
break;
}
@ -1123,7 +1123,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src)
* @return Negative value when a is less than b.
* @return 0 when a equals b.
* @return Positive value when a is greater than b.
* @return -1 when a or b is NULL.
* @return WOLFSSL_FATAL_ERROR when a or b is NULL.
*/
int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
const WOLFSSL_ASN1_INTEGER* b)
@ -1135,11 +1135,11 @@ int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
/* Validate parameters. */
if ((a == NULL) || (b == NULL)) {
WOLFSSL_MSG("Bad parameter.");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Negative value < Positive value */
else if (a->negative && !b->negative) {
ret = -1;
ret = -2; /* avoid collision with WOLFSSL_FATAL_ERROR */
}
/* Positive value > Negative value */
else if (!a->negative && b->negative) {
@ -1204,7 +1204,7 @@ static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg)
/* Get length from DER header. */
if (GetLength(data, &idx, &len, (word32)length) < 0) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
else {
if (neg != NULL) {
@ -1832,7 +1832,7 @@ long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a)
/* Create a big number from the DER encoding. */
bn = wolfSSL_ASN1_INTEGER_to_BN(a, NULL);
if (bn == NULL) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
if (ret > 0) {
@ -2584,7 +2584,7 @@ WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1)
* @return Negative value when a is less than b.
* @return 0 when a equals b.
* @return Positive value when a is greater than b.
* @return -1 when a or b is NULL.
* @return WOLFSSL_FATAL_ERROR when a or b is NULL.
*/
int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a,
const WOLFSSL_ASN1_STRING *b)
@ -2594,7 +2594,7 @@ int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a,
/* Validate parameters. */
if ((a == NULL) || (b == NULL)) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Compare length of data. */
else if (a->length != b->length) {
@ -2717,7 +2717,7 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
len = wolfSSL_ASN1_STRING_length(asn1);
/* Check data and length are usable. */
if ((data == NULL) || (len < 0)) {
len = -1;
len = WOLFSSL_FATAL_ERROR;
}
}
if (len != -1) {
@ -2725,7 +2725,7 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
buf = (unsigned char*)XMALLOC((size_t)(len + 1), NULL,
DYNAMIC_TYPE_OPENSSL);
if (buf == NULL) {
len = -1;
len = WOLFSSL_FATAL_ERROR;
}
}
if (len != -1) {
@ -2827,7 +2827,7 @@ static int i2d_ASN1_STRING(WOLFSSL_ASN1_STRING* s,
unsigned char* out;
if (s == NULL || s->data == NULL || s->length == 0)
return -1;
return WOLFSSL_FATAL_ERROR;
len = SetHeader(tag, s->length, NULL, 0) + s->length;
@ -2880,7 +2880,7 @@ int wolfSSL_i2d_ASN1_SEQUENCE(WOLFSSL_ASN1_STRING* s,
unsigned char* out;
if (s == NULL || s->data == NULL || s->length == 0)
return -1;
return WOLFSSL_FATAL_ERROR;
if (pp == NULL)
return s->length;
@ -3389,7 +3389,7 @@ static int wolfssl_asn1_string_dump_hex(WOLFSSL_BIO *bio,
/* Write out hash character to indicate hex string. */
if (wolfSSL_BIO_write(bio, hash, 1) != 1) {
str_len = -1;
str_len = WOLFSSL_FATAL_ERROR;
}
else {
/* Check if we are to write out DER header. */
@ -3401,7 +3401,7 @@ static int wolfssl_asn1_string_dump_hex(WOLFSSL_BIO *bio,
str_len += 4;
/* Write out tag and length as hex digits. */
if (wolfSSL_BIO_write(bio, hex_tmp, 4) != 4) {
str_len = -1;
str_len = WOLFSSL_FATAL_ERROR;
}
}
}
@ -3419,7 +3419,7 @@ static int wolfssl_asn1_string_dump_hex(WOLFSSL_BIO *bio,
str_len += 2;
/* Write out character as hex digites. */
if (wolfSSL_BIO_write(bio, hex_tmp, 2) != 2) {
str_len = -1;
str_len = WOLFSSL_FATAL_ERROR;
break;
}
}
@ -3474,7 +3474,7 @@ static int wolfssl_asn1_string_print_esc_2253(WOLFSSL_BIO *bio,
str_len++;
/* Write out escaping character. */
if (wolfSSL_BIO_write(bio,"\\", 1) != 1) {
str_len = -1;
str_len = WOLFSSL_FATAL_ERROR;
break;
}
}
@ -3482,7 +3482,7 @@ static int wolfssl_asn1_string_print_esc_2253(WOLFSSL_BIO *bio,
str_len++;
/* Write out character. */
if (wolfSSL_BIO_write(bio, p, 1) != 1) {
str_len = -1;
str_len = WOLFSSL_FATAL_ERROR;
break;
}
}

32
src/ssl_bn.c
View File

@ -64,7 +64,7 @@ static int wolfssl_bn_set_neg(WOLFSSL_BIGNUM* bn, int neg)
if (BN_IS_NULL(bn)) {
WOLFSSL_MSG("bn NULL error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
#if !defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_INT_NEGATIVE)
else if (neg) {
@ -102,17 +102,17 @@ int wolfssl_bn_get_value(WOLFSSL_BIGNUM* bn, mp_int* mpi)
/* Validate parameters. */
if (BN_IS_NULL(bn)) {
WOLFSSL_MSG("bn NULL error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
else if (mpi == NULL) {
WOLFSSL_MSG("mpi NULL error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Copy the internal representation into MP integer. */
if ((ret == 1) && mp_copy((mp_int*)bn->internal, mpi) != MP_OKAY) {
WOLFSSL_MSG("mp_copy error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
return ret;
@ -145,7 +145,7 @@ int wolfssl_bn_set_value(WOLFSSL_BIGNUM** bn, mp_int* mpi)
/* Validate parameters. */
if ((bn == NULL) || (mpi == NULL)) {
WOLFSSL_MSG("mpi or bn NULL error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Allocate a new big number if one not passed in. */
@ -153,7 +153,7 @@ int wolfssl_bn_set_value(WOLFSSL_BIGNUM** bn, mp_int* mpi)
a = wolfSSL_BN_new();
if (a == NULL) {
WOLFSSL_MSG("wolfssl_bn_set_value alloc failed");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
*bn = a;
}
@ -161,7 +161,7 @@ int wolfssl_bn_set_value(WOLFSSL_BIGNUM** bn, mp_int* mpi)
/* Copy MP integer value into internal representation of big number. */
if ((ret == 1) && (mp_copy(mpi, (mp_int*)((*bn)->internal)) != MP_OKAY)) {
WOLFSSL_MSG("mp_copy error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Dispose of any allocated big number on error. */
@ -455,7 +455,7 @@ int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM* bn, unsigned char* r)
/* Validate parameters. */
if (BN_IS_NULL(bn)) {
WOLFSSL_MSG("NULL bn error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
else {
/* Get the length of the encoding. */
@ -464,7 +464,7 @@ int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM* bn, unsigned char* r)
if ((r != NULL) && (mp_to_unsigned_bin((mp_int*)bn->internal, r) !=
MP_OKAY)) {
WOLFSSL_MSG("mp_to_unsigned_bin error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
}
@ -1132,8 +1132,7 @@ int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* b)
ret = 0;
}
else {
/* NULL less than not NULL. */
ret = -1;
ret = -1; /* NULL less than not NULL. */
}
}
else if (bIsNull) {
@ -1150,9 +1149,12 @@ int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* b)
else if (ret == MP_GT) {
ret = 1;
}
else {
else if (ret == MP_LT) {
ret = -1;
}
else {
ret = WOLFSSL_FATAL_ERROR; /* also -1 */
}
}
return ret;
@ -2271,18 +2273,18 @@ int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int checks,
if (BN_IS_NULL(bn)) {
WOLFSSL_MSG("bn NULL error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Create a new RNG or use global. */
if ((ret == 1) && ((rng = wolfssl_make_rng(tmpRng, &localRng)) == NULL)) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
if ((ret == 1) && (mp_prime_is_prime_ex((mp_int*)bn->internal, checks, &res,
rng) != MP_OKAY)) {
WOLFSSL_MSG("mp_prime_is_prime_ex error");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
if (localRng) {

8
src/ssl_crypto.c
View File

@ -2431,7 +2431,7 @@ int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* key,
/* Check key parity is odd. */
if ((ret == 0) && (!wolfSSL_DES_check_key_parity(key))) {
WOLFSSL_MSG("Odd parity test fail");
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
/* Check whether key is weak. */
if ((ret == 0) && wolfSSL_DES_is_weak_key(key)) {
@ -2929,19 +2929,19 @@ static int wolfssl_aes_set_key(const unsigned char *key, const int bits,
/* Validate parameters. */
if ((key == NULL) || (aes == NULL)) {
WOLFSSL_MSG("Null argument passed in");
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMSET(aes, 0, sizeof(AES_KEY));
if (wc_AesInit((Aes*)aes, NULL, INVALID_DEVID) != 0) {
WOLFSSL_MSG("Error in initting AES key");
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, enc) != 0) {
WOLFSSL_MSG("Error in setting AES key");
return -1;
return WOLFSSL_FATAL_ERROR;
}
return 0;
}

6
src/ssl_p7p12.c
View File

@ -602,7 +602,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
canonLineLen = (word32)lineLen;
if ((canonLine = wc_MIME_single_canonicalize(
line, &canonLineLen)) == NULL) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
@ -612,7 +612,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
}
if (wolfSSL_BIO_write(out, canonLine, (int)canonLineLen) < 0) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
XFREE(canonLine, NULL, DYNAMIC_TYPE_PKCS7);
@ -621,7 +621,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
else {
/* no line ending in current line, write direct to out */
if (wolfSSL_BIO_write(out, line, lineLen) < 0) {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
}

8
src/ssl_sess.c
View File

@ -1625,7 +1625,7 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx,
ID_LEN, &error) % CLIENT_SESSION_ROWS;
}
else {
error = -1;
error = WOLFSSL_FATAL_ERROR;
}
if (error == 0 && wc_LockMutex(&clisession_mutex) == 0) {
clientIdx = (word32)ClientCache[clientRow].nextIdx;
@ -1644,7 +1644,7 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx,
}
}
else {
error = -1;
error = WOLFSSL_FATAL_ERROR;
ClientCache[clientRow].nextIdx = 0; /* reset index as safety */
WOLFSSL_MSG("Invalid client cache index! "
"Possible corrupted memory");
@ -1709,7 +1709,7 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
if (clientSession->serverRow >= SESSION_ROWS ||
clientSession->serverIdx >= SESSIONS_PER_ROW) {
WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
error = -1;
error = WOLFSSL_FATAL_ERROR;
}
if (error == 0) {
/* Lock row */
@ -1734,7 +1734,7 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
if (cacheSession && cacheSession->sessionIDSz == 0) {
cacheSession = NULL;
WOLFSSL_MSG("Session cache entry not set");
error = -1;
error = WOLFSSL_FATAL_ERROR;
}
}
if (error == 0) {

6
src/tls.c
View File

@ -3886,7 +3886,7 @@ int TLSX_CSR2_AddPendingSigner(TLSX *extensions, Signer *s)
csr2 = TLSX_CSR2_GetMulti(extensions);
if (!csr2)
return -1;
return WOLFSSL_FATAL_ERROR;
s->next = csr2->pendingSigners;
csr2->pendingSigners = s;
@ -9559,14 +9559,14 @@ static int TLSX_KeyShare_GroupRank(const WOLFSSL* ssl, int group)
#ifdef HAVE_LIBOQS
if (!TLSX_KeyShare_IsSupported(group))
return -1;
return WOLFSSL_FATAL_ERROR;
#endif
for (i = 0; i < numGroups; i++)
if (groups[i] == (word16)group)
return i;
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* Set a key share that is supported by the client into extensions.

14
src/tls13.c
View File

@ -4145,7 +4145,7 @@ int EchConfigGetSupportedCipherSuite(WOLFSSL_EchConfig* config)
return i;
}
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* returns status after we hash the ech inner */
@ -4418,11 +4418,11 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->options.useEch == 1 && !ssl->options.disableECH) {
TLSX* echX = TLSX_Find(ssl->extensions, TLSX_ECH);
if (echX == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
args->ech = (WOLFSSL_ECH*)echX->data;
if (args->ech == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
/* set the type to inner */
args->ech->type = ECH_TYPE_INNER;
@ -4816,7 +4816,7 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
break;
#endif /* WOLFSSL_SM3 */
default:
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
}
@ -4954,7 +4954,7 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* output,
break;
#endif /* WOLFSSL_SM3 */
default:
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
break;
}
@ -6938,7 +6938,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
echX = TLSX_Find(ssl->extensions, TLSX_ECH);
if (echX == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
((WOLFSSL_ECH*)echX->data)->aad = input + HANDSHAKE_HEADER_SZ;
((WOLFSSL_ECH*)echX->data)->aadLen = helloSz;
@ -7409,7 +7409,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
echX = TLSX_Find(ssl->extensions, TLSX_ECH);
if (echX == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
/* replace the last 8 bytes of server random with the accept */
if (((WOLFSSL_ECH*)echX->data)->state == ECH_PARSED_INTERNAL) {

38
src/wolfio.c
View File

@ -1198,7 +1198,7 @@ int wolfIO_SendTo(SOCKET_T sd, WOLFSSL_BIO_ADDR *addr, char *buf, int sz, int wr
unsigned long blocking = non_blocking;
ret = ioctlsocket(sockfd, FIONBIO, &blocking);
if (ret == SOCKET_ERROR)
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
#else
ret = fcntl(sockfd, F_GETFL, 0);
if (ret >= 0) {
@ -1228,7 +1228,7 @@ int wolfIO_SendTo(SOCKET_T sd, WOLFSSL_BIO_ADDR *addr, char *buf, int sz, int wr
if ((sockfd < 0) || (sockfd >= FD_SETSIZE)) {
WOLFSSL_MSG("socket fd out of FDSET range");
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -1314,7 +1314,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#endif /* HAVE_SOCKADDR */
if (sockfd == NULL || ip == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
#if !defined(HAVE_GETADDRINFO)
@ -1343,12 +1343,12 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
if (wolfIO_Word16ToString(strPort, port) == 0) {
WOLFSSL_MSG("invalid port number for responder");
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) {
WOLFSSL_MSG("no addr info for responder");
return -1;
return WOLFSSL_FATAL_ERROR;
}
sockaddr_len = answer->ai_addrlen;
@ -1412,7 +1412,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
}
else {
WOLFSSL_MSG("no addr info for responder");
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
#else
@ -1452,7 +1452,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
if (entry == NULL) {
WOLFSSL_MSG("no addr info for responder");
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -1465,7 +1465,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
{
WOLFSSL_MSG("bad socket fd, out of fds?");
*sockfd = SOCKET_INVALID;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#ifdef HAVE_IO_TIMEOUT
@ -1499,7 +1499,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
WOLFSSL_MSG("Responder tcp connect failed");
CloseSocket(*sockfd);
*sockfd = SOCKET_INVALID;
return -1;
return WOLFSSL_FATAL_ERROR;
}
return ret;
#else
@ -1507,7 +1507,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
(void)ip;
(void)port;
(void)to_sec;
return -1;
return WOLFSSL_FATAL_ERROR;
#endif /* HAVE_SOCKADDR */
}
@ -1520,7 +1520,7 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
SOCKADDR_IN *sin = (SOCKADDR_IN *)&addr;
if (sockfd == NULL || port < 1) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
XMEMSET(&addr, 0, sizeof(addr));
@ -1538,7 +1538,7 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
{
WOLFSSL_MSG("socket failed");
*sockfd = SOCKET_INVALID;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)\
@ -1559,14 +1559,14 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
WOLFSSL_MSG("wolfIO_TcpBind failed");
CloseSocket(*sockfd);
*sockfd = SOCKET_INVALID;
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
}
return ret;
#else
(void)sockfd;
(void)port;
return -1;
return WOLFSSL_FATAL_ERROR;
#endif /* HAVE_SOCKADDR */
}
@ -1646,7 +1646,7 @@ int wolfIO_DecodeUrl(const char* url, int urlSz, char* outName, char* outPath,
}
for (j = 0; j < i; j++) {
if (port[j] < '0' || port[j] > '9') return -1;
if (port[j] < '0' || port[j] > '9') return WOLFSSL_FATAL_ERROR;
bigPort = (bigPort * 10) + (word32)(port[j] - '0');
}
if (outPort)
@ -1726,7 +1726,7 @@ static int wolfIO_HttpProcessResponseBuf(WolfSSLGenericIORecvCb ioCb,
else {
WOLFSSL_MSG("wolfIO_HttpProcessResponseBuf bad size");
XFREE(newRecvBuf, heap, dynType);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -1740,7 +1740,7 @@ static int wolfIO_HttpProcessResponseBuf(WolfSSLGenericIORecvCb ioCb,
else {
WOLFSSL_MSG("wolfIO_HttpProcessResponseBuf recv failed");
XFREE(newRecvBuf, heap, dynType);
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
@ -3054,7 +3054,7 @@ int uIPReceive(WOLFSSL *ssl, char *buf, int sz, void *_ctx)
{
uip_wolfssl_ctx *ctx = (uip_wolfssl_ctx *)_ctx;
if (!ctx || !ctx->ssl_rx_databuf)
return -1;
return WOLFSSL_FATAL_ERROR;
(void)ssl;
if (ctx->ssl_rb_len > 0) {
if (sz > ctx->ssl_rb_len - ctx->ssl_rb_off)
@ -3206,7 +3206,7 @@ int LwIPNativeSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
ret = tcp_write(nlwip->pcb, buf, sz, TCP_WRITE_FLAG_COPY);
if (ret != ERR_OK) {
sz = -1;
sz = WOLFSSL_FATAL_ERROR;
}
return sz;

28
src/x509.c
View File

@ -461,13 +461,13 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
if (!x || !obj) {
WOLFSSL_MSG("Bad parameter");
return -1;
return WOLFSSL_FATAL_ERROR;
}
sk = wolfSSL_X509_get0_extensions(x);
if (!sk) {
WOLFSSL_MSG("No extensions");
return -1;
return WOLFSSL_FATAL_ERROR;
}
lastpos++;
if (lastpos < 0)
@ -476,7 +476,7 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
if (wolfSSL_OBJ_cmp(wolfSSL_sk_X509_EXTENSION_value(sk,
lastpos)->obj, obj) == 0)
return lastpos;
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
@ -1993,7 +1993,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext)
* lastPos : Start search from extension after lastPos.
* Set to -1 to search from index 0.
* return >= 0 If successful the extension index is returned.
* return -1 If extension is not found or error is encountered.
* return WOLFSSL_FATAL_ERROR If extension is not found or error is encountered.
*/
int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
{
@ -4503,7 +4503,7 @@ int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk)
WOLFSSL_ENTER("wolfSSL_sk_GENERAL_NAME_num");
if (sk == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
return (int)sk->num;
@ -4674,7 +4674,7 @@ int wolfSSL_sk_DIST_POINT_num(WOLFSSL_STACK* sk)
WOLFSSL_ENTER("wolfSSL_sk_DIST_POINT_num");
if (sk == NULL) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
return wolfSSL_sk_num(sk);
@ -5335,7 +5335,7 @@ int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME* name)
{
WOLFSSL_ENTER("wolfSSL_X509_NAME_get_sz");
if (!name)
return -1;
return WOLFSSL_FATAL_ERROR;
return name->sz;
}
@ -9084,7 +9084,7 @@ int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME* asnTime)
return wolfSSL_X509_cmp_time(asnTime, NULL);
}
/* return -1 if asnTime is earlier than or equal to cmpTime, and 1 otherwise
/* return WOLFSSL_FATAL_ERROR if asnTime is earlier than or equal to cmpTime, and 1 otherwise
* return 0 on error
*/
int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, time_t* cmpTime)
@ -10924,7 +10924,7 @@ static int ConvertNIDToWolfSSL(int nid)
case NID_favouriteDrink: return ASN_FAVOURITE_DRINK;
default:
WOLFSSL_MSG("Attribute NID not found");
return -1;
return WOLFSSL_FATAL_ERROR;
}
}
#endif /* OPENSSL_ALL || OPENSSL_EXTRA ||
@ -12424,7 +12424,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_NAME_ENTRY_get_object(
int idx) {
if (!name || idx >= MAX_NAME_ENTRIES ||
!obj || !obj->obj) {
return -1;
return WOLFSSL_FATAL_ERROR;
}
if (idx < 0) {
@ -12441,7 +12441,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_NAME_ENTRY_get_object(
}
}
}
return -1;
return WOLFSSL_FATAL_ERROR;
}
#endif
@ -12777,7 +12777,7 @@ int wolfSSL_sk_X509_NAME_find(const WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk,
return i;
}
}
return -1;
return WOLFSSL_FATAL_ERROR;
}
/* Name Entry */
@ -13417,7 +13417,7 @@ int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s)
WOLFSSL_ENTER("wolfSSL_sk_X509_num");
if (s == NULL)
return -1;
return WOLFSSL_FATAL_ERROR;
return (int)s->num;
}
@ -13549,7 +13549,7 @@ int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, size_t chklen,
else {
for (i = 0; i < (chklen > 1 ? chklen - 1 : chklen); i++) {
if (chk[i] == '\0') {
ret = -1;
ret = WOLFSSL_FATAL_ERROR;
goto out;
}
}

42
wolfcrypt/src/asn.c
View File

@ -3665,7 +3665,7 @@ int StreamOctetString(const byte* inBuf, word32 inBufSz, byte* out, word32* outS
}
else {
*outSz = outIdx;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
}
@ -4033,7 +4033,7 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz)
/* Return the length of the DER encoded ASN.1 */
*derSz = j;
if (der == NULL) {
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
end:
#ifdef WOLFSSL_SMALL_STACK
@ -7238,7 +7238,7 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
WOLFSSL_MSG("Checking size of PKCS8");
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
WOLFSSL_ENTER("wc_CreatePKCS8Key");
@ -7366,7 +7366,7 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
/* Check for buffer to encoded into. */
if ((ret == 0) && (out == NULL)) {
WOLFSSL_MSG("Checking size of PKCS8");
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (ret == 0) {
/* Encode PKCS #8 key into buffer. */
@ -8573,7 +8573,7 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
if (out == NULL) {
/* Sequence tag, length */
*outSz = 1 + SetLength(outerLen, NULL) + outerLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
SetOctetString(keySz + padSz, out);
@ -9287,7 +9287,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
if (out == NULL) {
*outSz = totalSz;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
inOutIdx = 0;
@ -9443,7 +9443,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
/* Return size when no output buffer. */
if ((ret == 0) && (out == NULL)) {
*outSz = (word32)sz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* Check output buffer is big enough for encoded data. */
if ((ret == 0) && (sz > (int)*outSz)) {
@ -10218,7 +10218,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
/* if no output, then just getting size */
if (output == NULL) {
*outSz = total;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* make sure output fits in buffer */
@ -10293,7 +10293,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
ret = SizeASN_Items(dhKeyPkcs8ASN, dataASN, dhKeyPkcs8ASN_Length, &sz);
if (output == NULL) {
*outSz = (word32)sz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* Check buffer is big enough for encoding. */
if ((ret == 0) && ((int)*outSz < sz)) {
@ -10357,7 +10357,7 @@ int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz)
if (output == NULL) {
*outSz = idx;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* make sure output fits in buffer */
if (idx > *outSz) {
@ -10405,7 +10405,7 @@ int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz)
}
if ((ret == 0) && (output == NULL)) {
*outSz = (word32)sz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* Check buffer is big enough for encoding. */
if ((ret == 0) && (*outSz < (word32)sz)) {
@ -11256,7 +11256,7 @@ static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen,
*inLen = outLen;
if (output == NULL) {
FreeTmpDsas(tmps, key->heap, ints);
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (outLen > *inLen) {
FreeTmpDsas(tmps, key->heap, ints);
@ -11318,7 +11318,7 @@ static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen,
}
if ((ret == 0) && (output == NULL)) {
*inLen = (word32)sz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* Check buffer is big enough for encoding. */
if ((ret == 0) && (sz > (int)*inLen)) {
@ -11369,7 +11369,7 @@ int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen)
}
/* This version of the function allows output to be NULL. In that case, the
DsaKeyIntsToDer will return LENGTH_ONLY_E and the required output buffer
DsaKeyIntsToDer will return WC_NO_ERR_TRACE(LENGTH_ONLY_E) and the required output buffer
size will be pointed to by inLen. */
int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output, word32* inLen)
{
@ -11875,7 +11875,7 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
pubSz = 1 + pubSz;
else
pubSz = 1 + 2 * pubSz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
#else
ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
#endif
@ -26113,7 +26113,7 @@ int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
/* if derKey is NULL, return required output buffer size in derKeySz */
if (derKey == NULL) {
*derKeySz = cert->pubKeySize;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (ret == 0) {
@ -26180,7 +26180,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
if (uuid == NULL) {
*uuidSz = (word32)id->len;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((int)*uuidSz < id->len) {
@ -26208,7 +26208,7 @@ int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
if (id != NULL && id->oidSum == FASCN_OID) {
if (fascn == NULL) {
*fascnSz = (word32)id->len;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((int)*fascnSz < id->len) {
@ -34686,7 +34686,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (inLen != NULL && totalSz > *inLen) {
#ifndef WOLFSSL_NO_MALLOC
@ -34798,7 +34798,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
/* Return the size if no buffer. */
if ((ret == 0) && (output == NULL)) {
*inLen = (word32)sz;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* Check the buffer is big enough. */
if ((ret == 0) && (inLen != NULL) && (sz > (int)*inLen)) {
@ -34937,7 +34937,7 @@ static int eccToPKCS8(ecc_key* key, byte* output, word32* outLen,
XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
*outLen = pkcs8Sz;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*outLen < pkcs8Sz) {

2
wolfcrypt/src/coding.c
View File

@ -458,7 +458,7 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
*outLen = i;
if (ret == 0)
return getSzOnly ? LENGTH_ONLY_E : 0;
return getSzOnly ? WC_NO_ERR_TRACE(LENGTH_ONLY_E) : 0;
return ret;
}

2
wolfcrypt/src/dh.c
View File

@ -3149,7 +3149,7 @@ int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
*pSz = pLen;
*qSz = qLen;
*gSz = gLen;
ret = LENGTH_ONLY_E;
ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
}

4
wolfcrypt/src/dsa.c
View File

@ -542,7 +542,7 @@ int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz,
*pSz = pLen;
*qSz = qLen;
*gSz = gLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (p == NULL || q == NULL || g == NULL)
@ -616,7 +616,7 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
if (x == NULL && y == NULL) {
*xSz = xLen;
*ySz = yLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (x == NULL || y == NULL)

8
wolfcrypt/src/ecc.c
View File

@ -9593,7 +9593,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out,
/* return length needed only */
if (point != NULL && out == NULL && outLen != NULL) {
*outLen = 1 + 2*numlen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (point == NULL || out == NULL || outLen == NULL)
@ -9669,7 +9669,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
/* return length needed only */
if (point != NULL && out == NULL && outLen != NULL) {
*outLen = output_len;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (point == NULL || out == NULL || outLen == NULL)
@ -9733,7 +9733,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
/* if key hasn't been setup assume max bytes for size estimation */
numlen = key->dp ? (word32)key->dp->size : MAX_ECC_BYTES;
*outLen = 1 + 2 * numlen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (key == NULL || out == NULL || outLen == NULL)
@ -15366,7 +15366,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
if (*outLen < (1 + numlen)) {
*outLen = 1 + numlen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (out == NULL)

12
wolfcrypt/src/eccsi.c
View File

@ -516,7 +516,7 @@ static int eccsi_encode_point(ecc_point* point, word32 size, byte* data,
if (data == NULL) {
*sz = size * 2 + !raw;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*sz < size * 2 + !raw)) {
err = BUFFER_E;
@ -655,7 +655,7 @@ int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz)
if (err == 0) {
if (data == NULL) {
*sz = (word32)(key->ecc.dp->size * 3);
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*sz < (word32)key->ecc.dp->size * 3) {
err = BUFFER_E;
@ -777,7 +777,7 @@ int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz)
if (err == 0) {
if (data == NULL) {
*sz = (word32)key->ecc.dp->size;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*sz < (word32)key->ecc.dp->size) {
err = BUFFER_E;
@ -1016,7 +1016,7 @@ int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk, ecc_point* pvt,
if ((err == 0) && (data == NULL)) {
*sz = (word32)(key->ecc.dp->size * 3);
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*sz < (word32)(key->ecc.dp->size * 3))) {
err = BUFFER_E;
@ -1077,7 +1077,7 @@ int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data, word32* sz)
if (err == 0) {
if (data == NULL) {
*sz = (word32)key->ecc.dp->size;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*sz < (word32)key->ecc.dp->size) {
err = BUFFER_E;
@ -2000,7 +2000,7 @@ int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
sz = (word32)key->ecc.dp->size;
if (sig == NULL) {
*sigSz = sz * 4 + 1;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
}
if ((err == 0) && (*sigSz < sz * 4 + 1)) {

12
wolfcrypt/src/pkcs12.c
View File

@ -995,7 +995,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
if (der == NULL && derSz != NULL) {
*derSz = (int)totalSz;
XFREE(sdBuf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*der == NULL) {
@ -1809,7 +1809,7 @@ static int wc_PKCS12_shroud_key(WC_PKCS12* pkcs12, WC_RNG* rng,
}
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
*outSz = sz + MAX_LENGTH_SZ + 1;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (ret < 0) {
return ret;
@ -1871,7 +1871,7 @@ static int wc_PKCS12_create_key_bag(WC_PKCS12* pkcs12, WC_RNG* rng,
if (out == NULL) {
*outSz = MAX_SEQ_SZ + WC_PKCS12_DATA_OBJ_SZ + 1 + MAX_LENGTH_SZ +
length;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
heap = wc_PKCS12_GetHeap(pkcs12);
@ -1948,7 +1948,7 @@ static int wc_PKCS12_create_cert_bag(WC_PKCS12* pkcs12,
*outSz = (word32)(MAX_SEQ_SZ + WC_CERTBAG_OBJECT_ID + 1 + MAX_LENGTH_SZ +
MAX_SEQ_SZ + WC_CERTBAG1_OBJECT_ID + 1 + MAX_LENGTH_SZ + 1 +
MAX_LENGTH_SZ + (int)certSz);
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* check buffer size able to handle max size */
@ -2093,7 +2093,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
totalSz += SetLength(outerSz, seq) + outerSz;
if (out == NULL) {
*outSz = totalSz + SetSequence(totalSz, seq);
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*outSz < totalSz + SetSequence(totalSz, seq)) {
@ -2181,7 +2181,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
if (out == NULL) {
*outSz = totalSz + SetSequence(totalSz, seq);
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*outSz < (totalSz + SetSequence(totalSz, seq))) {

6
wolfcrypt/src/pkcs7.c
View File

@ -1456,7 +1456,7 @@ int wc_PKCS7_GetAttributeValue(PKCS7* pkcs7, const byte* oid, word32 oidSz,
if (out == NULL) {
*outSz = attrib->valueSz;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*outSz < attrib->valueSz) {
@ -6587,7 +6587,7 @@ int wc_PKCS7_GetSignerSID(PKCS7* pkcs7, byte* out, word32* outSz)
if (out == NULL) {
*outSz = pkcs7->signerInfo->sidSz;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if (*outSz < pkcs7->signerInfo->sidSz) {
@ -8841,7 +8841,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz,
/* if user set out to NULL, give back required length */
if (out == NULL) {
*outSz = (word32)outLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
/* verify output buffer is large enough */

2
wolfcrypt/src/port/nxp/se050_port.c
View File

@ -633,7 +633,7 @@ int wc_se050_get_binary_object(word32 keyId, byte* out, word32* outSz)
else {
if (out == NULL) {
*outSz = ret;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((word32)ret > *outSz) {
WOLFSSL_MSG("Output buffer not large enough for object");

2
wolfcrypt/src/rsa.c
View File

@ -2926,7 +2926,7 @@ int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
if (out == NULL) {
*outSz = inLen;
return LENGTH_ONLY_E;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
switch (key->state) {

16
wolfcrypt/src/sakke.c
View File

@ -622,7 +622,7 @@ int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz)
if ((err == 0) && (data == NULL)) {
*sz = (word32)(3 * key->ecc.dp->size);
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err >= 0) && (*sz < (word32)(3 * key->ecc.dp->size))) {
err = BUFFER_E;
@ -731,7 +731,7 @@ int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz)
if ((err == 0) && (data == NULL)) {
*sz = (word32)key->ecc.dp->size;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err >= 0) && (*sz < (word32)key->ecc.dp->size)) {
err = BUFFER_E;
@ -848,7 +848,7 @@ static int sakke_encode_point(ecc_point* point, word32 size, byte* data,
if (data == NULL) {
*sz = size * 2 + !raw;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*sz < size * 2 + !raw)) {
err = BUFFER_E;
@ -1419,7 +1419,7 @@ int wc_GenerateSakkeRskTable(const SakkeKey* key, const ecc_point* rsk,
}
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -6421,7 +6421,7 @@ int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz)
if ((err == 0) && (data == NULL)) {
*sz = (word32)(key->ecc.dp->size * 2);
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*sz < (word32)key->ecc.dp->size * 2)) {
err = BUFFER_E;
@ -6531,7 +6531,7 @@ int wc_GenerateSakkePointITable(SakkeKey* key, byte* table, word32* len)
#else
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
*len = 0;
@ -6729,7 +6729,7 @@ int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key, enum wc_HashType hashType,
*authSz = outSz;
if (auth == NULL) {
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
}
@ -6824,7 +6824,7 @@ int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv, word16* ssvSz)
/* Return length only if an output buffer is NULL. */
if (ssv == NULL) {
*ssvSz = (word16) (n / 8);
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else {
n = *ssvSz;

8
wolfcrypt/src/sp_arm32.c
View File

@ -152927,7 +152927,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -152985,7 +152985,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -155919,7 +155919,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -156148,7 +156148,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

8
wolfcrypt/src/sp_arm64.c
View File

@ -121840,7 +121840,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -121898,7 +121898,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -124576,7 +124576,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -124805,7 +124805,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

8
wolfcrypt/src/sp_armthumb.c
View File

@ -214918,7 +214918,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -214976,7 +214976,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -217910,7 +217910,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -218139,7 +218139,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

8
wolfcrypt/src/sp_c32.c
View File

@ -50966,7 +50966,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -51024,7 +51024,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -53958,7 +53958,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -54187,7 +54187,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

8
wolfcrypt/src/sp_c64.c
View File

@ -49795,7 +49795,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -49853,7 +49853,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -52531,7 +52531,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -52760,7 +52760,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

8
wolfcrypt/src/sp_cortexm.c
View File

@ -78246,7 +78246,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -78304,7 +78304,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -81238,7 +81238,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -81467,7 +81467,7 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&

12
wolfcrypt/src/sp_x86_64.c
View File

@ -100243,7 +100243,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == MP_OKAY) && (table == NULL)) {
*len = sizeof(sp_table_entry_1024) * 256;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
err = BUFFER_E;
@ -100307,7 +100307,7 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
if ((err == 0) && (table == NULL)) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == 0) && (*len != 0)) {
err = BUFFER_E;
@ -104076,7 +104076,7 @@ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -104305,7 +104305,7 @@ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&
@ -104636,7 +104636,7 @@ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = 0;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
else if (*len != 0) {
err = BUFFER_E;
@ -104838,7 +104838,7 @@ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table,
if (table == NULL) {
*len = sizeof(sp_table_entry_1024) * 1167;
err = LENGTH_ONLY_E;
err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
}
if ((err == MP_OKAY) &&