commit a82a8b9f4b886b355f0d90c9459010d175af471c
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Jun 17 10:53:58 2022 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 20 21:12:55 2022 +0200
tree d38f6a87f2aff456f9afae8063c7ec8f4c09ea82
parent a3115dc0e6b3185812efbf73cc01e4da238257e8

Mark internal int SSL functions CHECK_RETURN_CRITICAL

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

library/ssl_tls13_keys.h

diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 693b6c4..76c1e93 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -121,6 +121,7 @@
  * \return           A negative error code on failure.
  */
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_hkdf_expand_label(
                      psa_algorithm_t hash_alg,
                      const unsigned char *secret, size_t secret_len,
@@ -159,6 +160,7 @@
  * \returns             A negative error code on failure.
  */
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_make_traffic_keys(
                      psa_algorithm_t hash_alg,
                      const unsigned char *client_secret,
@@ -205,6 +207,7 @@
  * \returns        \c 0 on success.
  * \returns        A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_derive_secret(
                    psa_algorithm_t hash_alg,
                    const unsigned char *secret, size_t secret_len,
@@ -255,6 +258,7 @@
  * \returns        \c 0 on success.
  * \returns        A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_derive_early_secrets(
           psa_algorithm_t hash_alg,
           unsigned char const *early_secret,
@@ -300,6 +304,7 @@
  * \returns        \c 0 on success.
  * \returns        A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_derive_handshake_secrets(
           psa_algorithm_t hash_alg,
           unsigned char const *handshake_secret,
@@ -350,6 +355,7 @@
  * \returns        \c 0 on success.
  * \returns        A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_derive_application_secrets(
           psa_algorithm_t hash_alg,
           unsigned char const *master_secret,
@@ -380,6 +386,7 @@
  * \returns        \c 0 on success.
  * \returns        A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_derive_resumption_master_secret(
           psa_algorithm_t hash_alg,
           unsigned char const *application_secret,
@@ -453,6 +460,7 @@
  * \returns           A negative error code on failure.
  */
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_evolve_secret(
                    psa_algorithm_t hash_alg,
                    const unsigned char *secret_old,
@@ -482,6 +490,7 @@
  * \returns           \c 0 on success.
  * \returns           A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
                                const psa_algorithm_t hash_alg,
                                unsigned char const *psk, size_t psk_len,
@@ -516,6 +525,7 @@
  *                     mbedtls_ssl_transform_encrypt().
  * \return             A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
                                           int endpoint,
                                           int ciphersuite,
@@ -542,6 +552,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl );
 
 /**
@@ -560,6 +571,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl );
 
 /**
@@ -574,6 +586,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
                                                mbedtls_ssl_key_set *traffic_keys );
 
@@ -593,6 +606,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl );
 
 /**
@@ -607,6 +621,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_generate_application_keys(
     mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys );
 
@@ -620,6 +635,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_generate_resumption_master_secret(
     mbedtls_ssl_context *ssl );
 
@@ -645,6 +661,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl,
                                              unsigned char *dst,
                                              size_t dst_len,
@@ -660,6 +677,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl );
 
 /**
@@ -671,6 +689,7 @@
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_compute_application_transform( mbedtls_ssl_context *ssl );
 
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */