Stop IAR warning about goto skipping variable definition
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 4db2a4b..42e4fb4 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -216,21 +216,22 @@
}
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
- /* PKCS12 uses CBC with PKCS7 padding */
-
- mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+ {
+ /* PKCS12 uses CBC with PKCS7 padding */
+ mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
- /* For historical reasons, when decrypting, this function works when
- * decrypting even when support for PKCS7 padding is disabled. In this
- * case, it ignores the padding, and so will never report a
- * password mismatch.
- */
- if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) {
- padding = MBEDTLS_PADDING_NONE;
- }
+ /* For historical reasons, when decrypting, this function works when
+ * decrypting even when support for PKCS7 padding is disabled. In this
+ * case, it ignores the padding, and so will never report a
+ * password mismatch.
+ */
+ if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) {
+ padding = MBEDTLS_PADDING_NONE;
+ }
#endif
- if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
- goto exit;
+ if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
+ goto exit;
+ }
}
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 2756d05..d10a193 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -242,23 +242,25 @@
}
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
- /* PKCS5 uses CBC with PKCS7 padding (which is the same as
- * "PKCS5 padding" except that it's typically only called PKCS5
- * with 64-bit-block ciphers).
- */
- mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+ {
+ /* PKCS5 uses CBC with PKCS7 padding (which is the same as
+ * "PKCS5 padding" except that it's typically only called PKCS5
+ * with 64-bit-block ciphers).
+ */
+ mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
- /* For historical reasons, when decrypting, this function works when
- * decrypting even when support for PKCS7 padding is disabled. In this
- * case, it ignores the padding, and so will never report a
- * password mismatch.
- */
- if (mode == MBEDTLS_DECRYPT) {
- padding = MBEDTLS_PADDING_NONE;
- }
+ /* For historical reasons, when decrypting, this function works when
+ * decrypting even when support for PKCS7 padding is disabled. In this
+ * case, it ignores the padding, and so will never report a
+ * password mismatch.
+ */
+ if (mode == MBEDTLS_DECRYPT) {
+ padding = MBEDTLS_PADDING_NONE;
+ }
#endif
- if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
- goto exit;
+ if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
+ goto exit;
+ }
}
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len,
diff --git a/library/x509_create.c b/library/x509_create.c
index 2583cdd..62fb119 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -254,31 +254,33 @@
/* Step 3: decode the DER. */
/* We've checked that der_length >= 1 above. */
*tag = der[0];
- unsigned char *p = der + 1;
- if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) {
- goto error;
- }
- /* Now p points to the first byte of the payload inside der,
- * and *data_len is the length of the payload. */
+ {
+ unsigned char *p = der + 1;
+ if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) {
+ goto error;
+ }
+ /* Now p points to the first byte of the payload inside der,
+ * and *data_len is the length of the payload. */
- /* Step 4: payload validation */
- if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) {
- goto error;
- }
- /* Strings must not contain null bytes. */
- if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) {
- for (size_t i = 0; i < *data_len; i++) {
- if (p[i] == 0) {
- goto error;
+ /* Step 4: payload validation */
+ if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) {
+ goto error;
+ }
+ /* Strings must not contain null bytes. */
+ if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) {
+ for (size_t i = 0; i < *data_len; i++) {
+ if (p[i] == 0) {
+ goto error;
+ }
}
}
- }
- /* Step 5: output the payload. */
- if (*data_len > data_size) {
- goto error;
+ /* Step 5: output the payload. */
+ if (*data_len > data_size) {
+ goto error;
+ }
+ memcpy(data, p, *data_len);
}
- memcpy(data, p, *data_len);
mbedtls_free(der);
return 0;