Change DES and AES functions to MBEDTLS_CHECK_RETURN_TYPICAL
For all of these functions, the only possible failures are a hardware
accelerator (not possible unless using an ALT implementation), an internal
error or runtime corruption.
Exception: the self-tests, which serve little purpose if their status isn't
tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 4662260..94ee58a 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -175,7 +175,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
@@ -194,7 +194,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
@@ -215,7 +215,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -236,7 +236,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -265,7 +265,7 @@
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
@@ -313,7 +313,7 @@
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
* on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -358,7 +358,7 @@
* smaller than an AES block in size (16 Bytes) or if \p
* length is larger than 2^20 blocks (16 MiB).
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
int mode,
size_t length,
@@ -407,7 +407,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -452,7 +452,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -507,7 +507,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
@@ -594,7 +594,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
@@ -615,7 +615,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
@@ -631,7 +631,7 @@
*
* \return \c 0 on success.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
@@ -681,7 +681,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_aes_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index a82ecf8..325aab5 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -147,7 +147,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -161,7 +161,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -176,7 +176,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -191,7 +191,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -202,7 +202,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -214,7 +214,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -226,7 +226,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -238,7 +238,7 @@
*
* \return 0
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -255,7 +255,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -283,7 +283,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode,
size_t length,
@@ -301,7 +301,7 @@
*
* \return 0 if successful
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -327,7 +327,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode,
size_t length,
@@ -358,7 +358,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-MBEDTLS_CHECK_RETURN
+MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_des_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */