Change DES and AES functions to MBEDTLS_CHECK_RETURN_TYPICAL
For all of these functions, the only possible failures are a hardware
accelerator (not possible unless using an ALT implementation), an internal
error or runtime corruption.
Exception: the self-tests, which serve little purpose if their status isn't
tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index d5289d3..be74cb1 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -140,7 +140,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -154,7 +154,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -169,7 +169,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -184,7 +184,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -195,7 +195,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -207,7 +207,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -219,7 +219,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -231,7 +231,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -248,7 +248,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -276,7 +276,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode,
size_t length,
@@ -294,7 +294,7 @@
*
* \return 0 if successful
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -320,7 +320,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode,
size_t length,
@@ -351,7 +351,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_des_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */