mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add --enable-debug-trace-errcodes, WOLFSSL_DEBUG_TRACE_ERROR_CODES, WC_ERR_TRACE(), WC_NO_ERR_TRACE(), support/gen-debug-trace-error-codes.sh. also add numerous deployments of WC_NO_ERR_TRACE() to inhibit frivolous/misleading errcode traces when -DWOLFSSL_DEBUG_TRACE_ERROR_CODES.

Browse Source
This commit is contained in:
Daniel Pouzzner 2024-06-08 16:39:53 -05:00
parent f7bc78cad0
commit b3e8f0ad24
76 changed files with 1057 additions and 787 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
configure.ac
View File

@ -200,6 +200,17 @@ AS_IF([test "$ax_enable_debug" = "yes"],
[AM_CCASFLAGS="$DEBUG_CFLAGS $AM_CCASFLAGS"],
[AM_CCASFLAGS="$AM_CCASFLAGS -DNDEBUG"])
AC_ARG_ENABLE([debug-trace-errcodes],
[ AS_HELP_STRING([--enable-debug-trace-errcodes],[Print trace messages when library errors are thrown.]) ],
[ ENABLED_DEBUG_TRACE_ERRCODES=$enableval ],
[ ENABLED_DEBUG_TRACE_ERRCODES=no ]
)
if test "$ENABLED_DEBUG_TRACE_ERRCODES" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DEBUG_TRACE_ERROR_CODES"
fi
# Start without certificates enabled and enable if a certificate algorithm is
# enabled
ENABLED_CERTS="no"
@ -9788,6 +9799,11 @@ echo "" >> $OPTION_FILE
echo "#endif /* WOLFSSL_OPTIONS_H */" >> $OPTION_FILE
echo "" >> $OPTION_FILE
if test "$ENABLED_DEBUG_TRACE_ERRCODES" = "yes"
then
support/gen-debug-trace-error-codes.sh || AC_MSG_ERROR([Header generation for debug-trace-errcodes failed.])
fi
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_LINUXKM" = "no"
then
SAVE_CFLAGS=$CFLAGS

2
src/bio.c
View File

@ -403,7 +403,7 @@ static int wolfSSL_BIO_BASE64_write(WOLFSSL_BIO* bio, const void* data,
/* get the encoded length */
if (bio->flags & WOLFSSL_BIO_FLAG_BASE64_NO_NL) {
if (Base64_Encode_NoNl((const byte*)data, inLen, NULL,
&sz) != LENGTH_ONLY_E) {
&sz) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_MSG("Error with base64 get length");
return WOLFSSL_FATAL_ERROR;
}

10
src/crl.c
View File

@ -503,7 +503,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
/* Loading <issuer-hash>.rN form CRL file if find at the folder, */
/* and try again checking Cert in the CRL list. */
/* When not set the folder or not use hash_dir, do nothing. */
if ((foundEntry == 0) && (ret != OCSP_WANT_READ)) {
if ((foundEntry == 0) && (ret != WC_NO_ERR_TRACE(OCSP_WANT_READ))) {
if (crl->cm != NULL && crl->cm->x509_store_p != NULL) {
ret = LoadCertByIssuer(crl->cm->x509_store_p,
(WOLFSSL_X509_NAME*)issuerName, X509_LU_CRL);
@ -517,7 +517,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
#endif
if (foundEntry == 0) {
WOLFSSL_MSG("Couldn't find CRL for status check");
if (ret != CRL_CERT_DATE_ERR) {
if (ret != WC_NO_ERR_TRACE(CRL_CERT_DATE_ERR)) {
ret = CRL_MISSING;
}
@ -655,13 +655,15 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
InitDecodedCRL(dcrl, crl->heap);
ret = ParseCRL(crl->currentEntry->certs, dcrl, myBuffer, (word32)sz,
verify, crl->cm);
if (ret != 0 && !(ret == ASN_CRL_NO_SIGNER_E && verify == NO_VERIFY)) {
if (ret != 0 && !(ret == WC_NO_ERR_TRACE(ASN_CRL_NO_SIGNER_E)
&& verify == NO_VERIFY)) {
WOLFSSL_MSG("ParseCRL error");
CRL_Entry_free(crl->currentEntry, crl->heap);
crl->currentEntry = NULL;
}
else {
ret = AddCRL(crl, dcrl, myBuffer, ret != ASN_CRL_NO_SIGNER_E);
ret = AddCRL(crl, dcrl, myBuffer,
ret != WC_NO_ERR_TRACE(ASN_CRL_NO_SIGNER_E));
if (ret != 0) {
WOLFSSL_MSG("AddCRL error");
crl->currentEntry = NULL;

18
src/dtls.c
View File

@ -107,14 +107,14 @@ int DtlsIgnoreError(int err)
{
/* Whitelist of errors not to ignore */
switch (err) {
case MEMORY_E:
case MEMORY_ERROR:
case ASYNC_INIT_E:
case ASYNC_OP_E:
case SOCKET_ERROR_E:
case WANT_READ:
case WANT_WRITE:
case COOKIE_ERROR:
case WC_NO_ERR_TRACE(MEMORY_E):
case WC_NO_ERR_TRACE(MEMORY_ERROR):
case WC_NO_ERR_TRACE(ASYNC_INIT_E):
case WC_NO_ERR_TRACE(ASYNC_OP_E):
case WC_NO_ERR_TRACE(SOCKET_ERROR_E):
case WC_NO_ERR_TRACE(WANT_READ):
case WC_NO_ERR_TRACE(WANT_WRITE):
case WC_NO_ERR_TRACE(COOKIE_ERROR):
return 0;
default:
return 1;
@ -267,7 +267,7 @@ static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch,
return BUFFER_E;
ret = TlsCheckCookie(ssl, ch->cookieExt.elements + OPAQUE16_LEN,
(word16)(ch->cookieExt.size - OPAQUE16_LEN));
if (ret < 0 && ret != HRR_COOKIE_ERROR)
if (ret < 0 && ret != WC_NO_ERR_TRACE(HRR_COOKIE_ERROR))
return ret;
*cookieGood = ret > 0;
ret = 0;

3
src/dtls13.c
View File

@ -396,7 +396,8 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
* WANT_WRITE means that we are done with processing the msg and we are
* waiting to flush the output buffer. */
if ((ret == 0 || ret == WANT_WRITE) || (msg->type == certificate_request &&
ssl->options.handShakeDone && ret == WC_PENDING_E)) {
ssl->options.handShakeDone &&
ret == WC_NO_ERR_TRACE(WC_PENDING_E))) {
if (IsAtLeastTLSv1_3(ssl->version))
Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
else if (downgraded)

567
src/internal.c
View File

File diff suppressed because it is too large Load Diff

3
src/keys.c
View File

@ -3561,7 +3561,8 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
void* ctx = wolfSSL_GetEncryptKeysCtx(ssl);
ret = ssl->ctx->EncryptKeysCb(ssl, ctx);
}
if (!ssl->ctx->EncryptKeysCb || ret == PROTOCOLCB_UNAVAILABLE)
if (!ssl->ctx->EncryptKeysCb ||
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
#endif
{
ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side,

12
src/ocsp.c
View File

@ -144,7 +144,7 @@ static int xstat2err(int st)
int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl)
{
int ret = OCSP_LOOKUP_FAIL;
int ret = WC_NO_ERR_TRACE(OCSP_LOOKUP_FAIL);
#ifdef WOLFSSL_SMALL_STACK
OcspRequest* ocspRequest;
@ -227,7 +227,7 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
OcspEntry* entry, CertStatus** status, buffer* responseBuffer,
void* heap)
{
int ret = OCSP_INVALID_STATUS;
int ret = WC_NO_ERR_TRACE(OCSP_INVALID_STATUS);
WOLFSSL_ENTER("GetOcspStatus");
@ -410,10 +410,10 @@ end:
if (ret == 0 && validated == 1) {
WOLFSSL_MSG("New OcspResponse validated");
}
else if (ret == OCSP_CERT_REVOKED) {
else if (ret == WC_NO_ERR_TRACE(OCSP_CERT_REVOKED)) {
WOLFSSL_MSG("OCSP revoked");
}
else if (ret == OCSP_CERT_UNKNOWN) {
else if (ret == WC_NO_ERR_TRACE(OCSP_CERT_UNKNOWN)) {
WOLFSSL_MSG("OCSP unknown");
}
else {
@ -466,7 +466,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer,
heap);
if (ret != OCSP_INVALID_STATUS)
if (ret != WC_NO_ERR_TRACE(OCSP_INVALID_STATUS))
return ret;
if (responseBuffer) {
@ -1025,7 +1025,7 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
resp->maxIdx = (word32)len;
ret = OcspResponseDecode(resp, NULL, NULL, 1);
if (ret != 0 && ret != ASN_OCSP_CONFIRM_E) {
if (ret != 0 && ret != WC_NO_ERR_TRACE(ASN_OCSP_CONFIRM_E)) {
/* for just converting from a DER to an internal structure the CA may
* not yet be known to this function for signature verification */
wolfSSL_OCSP_RESPONSE_free(resp);

19
src/pk.c
View File

@ -1804,7 +1804,7 @@ int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa, const unsigned char* derBuf,
rsa->pkcs8HeaderSz = (word16)idx;
}
/* When decoding and not PKCS#8, return will be ASN_PARSE_E. */
else if (res != ASN_PARSE_E) {
else if (res != WC_NO_ERR_TRACE(ASN_PARSE_E)) {
/* Something went wrong while decoding. */
WOLFSSL_ERROR_MSG("Unexpected error with trying to remove PKCS#8 "
"header");
@ -3384,7 +3384,7 @@ WOLFSSL_RSA* wolfSSL_RSA_generate_key(int bits, unsigned long e,
ret = wolfssl_rsa_generate_key_native(rsa, bits, bn, NULL);
#ifdef HAVE_FIPS
/* Keep trying if failed to find a prime. */
if (ret == PRIME_GEN_E) {
if (ret == WC_NO_ERR_TRACE(PRIME_GEN_E)) {
continue;
}
#endif
@ -3435,7 +3435,7 @@ int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* e,
int gen_ret = wolfssl_rsa_generate_key_native(rsa, bits, e, cb);
#ifdef HAVE_FIPS
/* Keep trying again if public key value didn't work. */
if (gen_ret == PRIME_GEN_E) {
if (gen_ret == WC_NO_ERR_TRACE(PRIME_GEN_E)) {
continue;
}
#endif
@ -5630,7 +5630,7 @@ int wolfSSL_i2d_DSAparams(const WOLFSSL_DSA* dsa,
if (ret == 0) {
key = (DsaKey*)dsa->internal;
ret = wc_DsaKeyToParamsDer_ex(key, NULL, &derLen);
if (ret == LENGTH_ONLY_E) {
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
ret = 0;
}
}
@ -7466,7 +7466,7 @@ int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out)
*out += len;
}
/* An error occurred unless only length returned. */
else if (ret != LENGTH_ONLY_E) {
else if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
err = 1;
}
}
@ -7771,7 +7771,7 @@ static int wolfssl_dhparams_to_der(WOLFSSL_DH* dh, unsigned char** out,
/* Use wolfSSL API to get length of DER encode DH parameters. */
key = (DhKey*)dh->internal;
ret = wc_DhParamsToDer(key, NULL, &derSz);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_ERROR_MSG("Failed to get size of DH params");
err = 1;
}
@ -10124,7 +10124,8 @@ int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *group,
int ret = wc_ecc_export_point_der(group->curve_idx,
(ecc_point*)point->internal, out, len);
/* Check return. When out is NULL, return will be length only error. */
if ((ret != MP_OKAY) && ((out != NULL) || (ret != LENGTH_ONLY_E))) {
if ((ret != MP_OKAY) && ((out != NULL) ||
(ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)))) {
WOLFSSL_MSG("wolfSSL_ECPoint_i2d wc_ecc_export_point_der failed");
res = 0;
}
@ -12259,7 +12260,7 @@ int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf,
res = 1;
}
/* Error out on parsing error. */
else if (ret != ASN_PARSE_E) {
else if (ret != WC_NO_ERR_TRACE(ASN_PARSE_E)) {
WOLFSSL_MSG("Unexpected error with trying to remove PKCS8 header");
res = -1;
}
@ -16259,7 +16260,7 @@ static int pem_write_mem_pkcs8privatekey(byte** pem, int* pemSz,
if (res == 1) {
/* Guestimate key size and PEM size. */
if (pem_pkcs8_encode(pkey, NULL, &keySz) != LENGTH_ONLY_E) {
if (pem_pkcs8_encode(pkey, NULL, &keySz) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
res = 0;
}
}

51
src/sniffer.c
View File

@ -2481,7 +2481,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
args = (SetupKeysArgs*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
goto exit_sk;
@ -3089,7 +3089,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#endif /* HAVE_CURVE448 */
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Handle async pending response */
ret = wolfSSL_AsyncPush(ssl, asyncDev);
break;
@ -3228,7 +3228,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
exit_sk:
/* Handle async pending response */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif /* WOLFSSL_ASYNC_CRYPT */
@ -3897,7 +3897,8 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
if (session->sslServer->error != WC_PENDING_E && session->pendSeq == 0)
if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
session->pendSeq == 0)
#endif
{
/* hash server_hello */
@ -3931,7 +3932,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
session, error, &session->cliKs);
if (ret != 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -4578,7 +4579,8 @@ static int DoHandShake(const byte* input, int* sslBytes,
#ifdef WOLFSSL_TLS13
if (type != client_hello && type != server_hello
#ifdef WOLFSSL_ASYNC_CRYPT
&& session->sslServer->error != WC_PENDING_E && session->pendSeq == 0
&& session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E)
&& session->pendSeq == 0
#endif
) {
/* For resumption the hash is before / after client_hello PSK binder */
@ -4696,7 +4698,7 @@ static int DoHandShake(const byte* input, int* sslBytes,
if (ret == 0) {
ret = ProcessClientKeyExchange(input, sslBytes, session, error);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
if (ret != 0) {
@ -4763,7 +4765,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
ret = wc_Des3_CbcDecrypt(ssl->decrypt.des3, plain, input, sz);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.des3->asyncDev);
}
#endif
@ -4781,7 +4783,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
#endif
ret = wc_AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
}
#endif
@ -4826,7 +4828,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
NULL, 0)) < 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
}
#endif
@ -4884,9 +4886,9 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input,
#ifdef WOLFSSL_ASYNC_CRYPT
if (ssl->decrypt.state != CIPHER_STATE_BEGIN) {
ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* check for still pending */
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
ssl->error = 0; /* clear async */
@ -4942,7 +4944,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input,
#ifdef WOLFSSL_ASYNC_CRYPT
/* If pending, return now */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -4994,7 +4996,7 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz,
}
#ifdef WOLFSSL_ASYNC_CRYPT
/* for async the symmetric operations are blocking */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
do {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
} while (ret == 0);
@ -5254,7 +5256,7 @@ static int DoOldHello(SnifferSession* session, const byte* sslFrame,
ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes,
(word16)*rhSize);
if (ret < 0 && ret != MATCH_SUITE_ERROR) {
if (ret < 0 && ret != WC_NO_ERR_TRACE(MATCH_SUITE_ERROR)) {
SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE);
return -1;
}
@ -5679,7 +5681,7 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
if (real + *sslBytes > *expected) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (session->sslServer->error != WC_PENDING_E &&
if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
session->pendSeq != tcpInfo->sequence)
#endif
{
@ -5735,7 +5737,7 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
* already been ack'd during handshake */
if (
#ifdef WOLFSSL_ASYNC_CRYPT
session->sslServer->error != WC_PENDING_E &&
session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
session->pendSeq != tcpInfo->sequence &&
#endif
FindPrevAck(session, real)) {
@ -6039,7 +6041,7 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
#ifdef WOLFSSL_ASYNC_CRYPT
/* if this is a pending async packet do not "grow" on partial (we already did) */
if (session->pendSeq == tcpInfo->sequence) {
if (session->sslServer->error == WC_PENDING_E) {
if (session->sslServer->error == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return 0; /* don't check pre-record again */
}
/* if record check already done then restore, otherwise process normal */
@ -6371,7 +6373,7 @@ doPart:
Trace(GOT_HANDSHAKE_STR);
ret = DoHandShake(sslFrame, &sslBytes, session, error, rhSize);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
if (ret != 0 || sslBytes > startIdx) {
@ -6655,7 +6657,7 @@ static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error))
return WOLFSSL_SNIFFER_FATAL_ERROR;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E) return WC_PENDING_E;
else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) return WC_PENDING_E;
#endif
else if (ret == -1) return WOLFSSL_SNIFFER_ERROR;
else if (ret == 1) {
@ -6706,7 +6708,8 @@ static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
#ifdef WOLFSSL_ASYNC_CRYPT
/* make sure this server was polled */
if (asyncOkay && session->sslServer->error == WC_PENDING_E &&
if (asyncOkay &&
session->sslServer->error == WC_NO_ERR_TRACE(WC_PENDING_E) &&
!session->flags.wasPolled) {
return WC_PENDING_E;
}
@ -6714,7 +6717,7 @@ static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
#ifdef WOLFSSL_SNIFFER_STATS
#ifdef WOLFSSL_ASYNC_CRYPT
if (session->sslServer->error != WC_PENDING_E)
if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
{
if (sslBytes > 0) {
@ -6736,7 +6739,7 @@ static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
session->sslServer->error = ret;
#ifdef WOLFSSL_ASYNC_CRYPT
/* capture the seq pending for this session */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
session->flags.wasPolled = 0;
session->pendSeq = tcpInfo.sequence;
if (!asyncOkay || CryptoDeviceId == INVALID_DEVID) {
@ -6751,7 +6754,7 @@ static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
else {
session->pendSeq = 0;
}
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#else
(void)asyncOkay;
#endif

55
src/ssl.c
View File

@ -980,7 +980,7 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen)
workingOutputLen = *outputLen - totalLen;
/* only error we break on, other 2 we need to keep finding length */
if (ret == BAD_FUNC_ARG)
if (ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return BAD_FUNC_ARG;
workingConfig = workingConfig->next;
@ -3532,12 +3532,14 @@ int wolfSSL_ALPN_FreePeerProtocol(WOLFSSL* ssl, char **list)
/* user is forcing ability to use secure renegotiation, we discourage it */
int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl)
{
int ret = BAD_FUNC_ARG;
int ret;
#if defined(NO_TLS)
(void)ssl;
#else
if (ssl)
ret = TLSX_UseSecureRenegotiation(&ssl->extensions, ssl->heap);
else
ret = BAD_FUNC_ARG;
if (ret == WOLFSSL_SUCCESS) {
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_RENEGOTIATION_INFO);
@ -4039,13 +4041,14 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
/* call wolfSSL_shutdown again for bidirectional shutdown */
if (ssl->options.sentNotify && !ssl->options.closeNotify) {
ret = ProcessReply(ssl);
if ((ret == ZERO_RETURN) || (ret == SOCKET_ERROR_E)) {
if ((ret == ZERO_RETURN) ||
(ret == WC_NO_ERR_TRACE(SOCKET_ERROR_E))) {
/* simulate OpenSSL behavior */
ssl->options.shutdownDone = 1;
/* Clear error */
ssl->error = WOLFSSL_ERROR_NONE;
ret = WOLFSSL_SUCCESS;
} else if (ret == MEMORY_E) {
} else if (ret == WC_NO_ERR_TRACE(MEMORY_E)) {
ret = WOLFSSL_FATAL_ERROR;
} else if (ssl->error == WOLFSSL_ERROR_NONE) {
ret = WOLFSSL_SHUTDOWN_NOT_DONE;
@ -4103,7 +4106,7 @@ int wolfSSL_get_error(WOLFSSL* ssl, int ret)
else if (ssl->error == ZERO_RETURN || ssl->options.shutdownDone)
return WOLFSSL_ERROR_ZERO_RETURN; /* convert to OpenSSL type */
#ifdef OPENSSL_EXTRA
else if (ssl->error == SOCKET_PEER_CLOSED_E)
else if (ssl->error == WC_NO_ERR_TRACE(SOCKET_PEER_CLOSED_E))
return WOLFSSL_ERROR_SYSCALL; /* convert to OpenSSL type */
#endif
return ssl->error;
@ -6259,7 +6262,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
ret = check_cert_key_dev(der->keyOID, buff, size, der->publicKey,
der->pubKeySize, isKeyLabel, isKeyId, heap,
devId);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
ret = (ret == 0) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
}
}
@ -6268,7 +6271,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
ret = CRYPTOCB_UNAVAILABLE;
}
if (ret == CRYPTOCB_UNAVAILABLE)
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
#endif /* WOLF_PRIVATE_KEY_ID */
{
ret = wc_CheckPrivateKeyCert(buff, size, der, 0);
@ -6319,7 +6322,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
heap, altDevId);
}
XFREE(decodedPubKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
ret = (ret == 0) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
}
}
@ -6328,7 +6331,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
ret = CRYPTOCB_UNAVAILABLE;
}
if (ret == CRYPTOCB_UNAVAILABLE)
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
#endif /* WOLF_PRIVATE_KEY_ID */
{
ret = wc_CheckPrivateKeyCert(buff, size, der, 1);
@ -7416,7 +7419,7 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out,
(void)idx; /* not used */
}
else {
if (ret != ASN_PARSE_E) {
if (ret != WC_NO_ERR_TRACE(ASN_PARSE_E)) {
WOLFSSL_MSG("Unexpected error with trying to remove PKCS8 "
"header");
return NULL;
@ -9463,7 +9466,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif
#ifdef WOLFSSL_EXTRA_ALERTS
if (ssl->error == NO_PEER_KEY ||
ssl->error == PSK_KEY_ERROR) {
ssl->error == WC_NO_ERR_TRACE(PSK_KEY_ERROR)) {
SendAlert(ssl, alert_fatal, handshake_failure);
}
#endif
@ -13182,7 +13185,8 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
int ret = wc_PullErrorNode(file, NULL, line);
if (ret < 0) {
if (ret == BAD_STATE_E) return 0; /* no errors in queue */
if (ret == WC_NO_ERR_TRACE(BAD_STATE_E))
return 0; /* no errors in queue */
WOLFSSL_MSG("Issue getting error node");
WOLFSSL_LEAVE("wolfSSL_ERR_get_error_line", ret);
ret = 0 - ret; /* return absolute value of error */
@ -13294,7 +13298,8 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
ret = wc_PullErrorNode(file, data, line);
if (ret < 0) {
if (ret == BAD_STATE_E) return 0; /* no errors in queue */
if (ret == WC_NO_ERR_TRACE(BAD_STATE_E))
return 0; /* no errors in queue */
WOLFSSL_MSG("Error with pulling error node!");
WOLFSSL_LEAVE("wolfSSL_ERR_get_error_line_data", ret);
ret = 0 - ret; /* return absolute value of error */
@ -15262,9 +15267,9 @@ int wolfSSL_ERR_GET_LIB(unsigned long err)
value = (err & 0xFFFFFFL);
switch (value) {
case -SSL_R_HTTP_REQUEST:
case -WC_NO_ERR_TRACE(PARSE_ERROR):
return ERR_LIB_SSL;
case -ASN_NO_PEM_HEADER:
case -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER):
case PEM_R_NO_START_LINE:
case PEM_R_PROBLEMS_GETTING_PASSWORD:
case PEM_R_BAD_PASSWORD_READ:
@ -17837,7 +17842,7 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
/* Null output buffer return size needed in outLen */
if(!buf) {
if(Base64_Encode(chain->certs[idx].buffer, chain->certs[idx].length,
NULL, &szNeeded) != LENGTH_ONLY_E)
NULL, &szNeeded) != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return WOLFSSL_FAILURE;
*outLen = szNeeded + headerLen + footerLen;
return LENGTH_ONLY_E;
@ -18866,7 +18871,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
if (o->nid > 0)
return o->nid;
if ((ret = GetObjectId(o->obj, &idx, &oid, o->grp, o->objSz)) < 0) {
if (ret == ASN_OBJECT_ID_E) {
if (ret == WC_NO_ERR_TRACE(ASN_OBJECT_ID_E)) {
/* Put ASN object tag in front and try again */
int len = SetObjectId(o->objSz, NULL) + o->objSz;
byte* buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -20460,12 +20465,12 @@ int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags)
static int peek_ignore_err(int err)
{
switch(err) {
case -WANT_READ:
case -WANT_WRITE:
case -ZERO_RETURN:
case -WC_NO_ERR_TRACE(WANT_READ):
case -WC_NO_ERR_TRACE(WANT_WRITE):
case -WC_NO_ERR_TRACE(ZERO_RETURN):
case -WOLFSSL_ERROR_ZERO_RETURN:
case -SOCKET_PEER_CLOSED_E:
case -SOCKET_ERROR_E:
case -WC_NO_ERR_TRACE(SOCKET_PEER_CLOSED_E):
case -WC_NO_ERR_TRACE(SOCKET_ERROR_E):
return 1;
default:
return 0;
@ -20480,15 +20485,15 @@ unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line,
WOLFSSL_ENTER("wolfSSL_ERR_peek_error_line_data");
err = wc_PeekErrorNodeLineData(file, line, data, flags, peek_ignore_err);
if (err == -ASN_NO_PEM_HEADER)
if (err == -WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER))
return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE;
#ifdef OPENSSL_ALL
/* PARSE_ERROR is returned if an HTTP request is detected. */
else if (err == -SSL_R_HTTP_REQUEST)
else if (err == -WC_NO_ERR_TRACE(PARSE_ERROR))
return (ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST;
#endif
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
else if (err == ASN1_R_HEADER_TOO_LONG)
else if (err == WC_NO_ERR_TRACE(ASN1_R_HEADER_TOO_LONG))
return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG;
#endif
return err;

3
src/ssl_asn1.c
View File

@ -974,7 +974,8 @@ static int wolfssl_a2i_asn1_integer_clear_to_eol(char* str, int len, int* cont)
nLen = 1;
for (i = 0; i < len; i++) {
/* Check if character is a hexadecimal character. */
if (Base16_Decode((const byte*)str + i, 1, &num, &nLen) == ASN_INPUT_E)
if (Base16_Decode((const byte*)str + i, 1, &num, &nLen) ==
WC_NO_ERR_TRACE(ASN_INPUT_E))
{
/* Found end of hexadecimal characters, return count. */
len = i;

10
src/ssl_load.c
View File

@ -353,7 +353,7 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
chain.buffer, &idx, (word32)maxSz);
}
/* PEM may have trailing data that can be ignored. */
if ((ret == ASN_NO_PEM_HEADER) && gotOne) {
if ((ret == WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)) && gotOne) {
WOLFSSL_MSG("We got one good cert, so stuff at end ok");
ret = 0;
break;
@ -2363,7 +2363,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz,
ret = ProcessUserChain(ctx, ssl, buff, sz, format, type, used, info,
verify);
/* Additional chain is optional */
if (ret == ASN_NO_PEM_HEADER) {
if (ret == WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)) {
unsigned long pemErr = 0;
CLEAR_ASN_NO_PEM_HEADER_ERROR(pemErr);
ret = 0;
@ -2459,7 +2459,7 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
ret = ProcessBuffer(ctx, buff + used, sz - used, WOLFSSL_FILETYPE_PEM,
type, ssl, &consumed, 0, verify);
/* Memory allocation failure is fatal. */
if (ret == MEMORY_E) {
if (ret == WC_NO_ERR_TRACE(MEMORY_E)) {
gotOne = 0;
}
/* Other error parsing. */
@ -2658,7 +2658,7 @@ static int wolfssl_ctx_load_path_file(WOLFSSL_CTX* ctx, const char* name,
/* When ignoring errors or loading PEM only and no PEM. don't fail. */
if ((flags & WOLFSSL_LOAD_FLAG_IGNORE_ERR) ||
((flags & WOLFSSL_LOAD_FLAG_PEM_CA_ONLY) &&
(ret == ASN_NO_PEM_HEADER))) {
(ret == WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)))) {
unsigned long err = 0;
CLEAR_ASN_NO_PEM_HEADER_ERROR(err);
#if defined(WOLFSSL_QT)
@ -2745,7 +2745,7 @@ static int wolfssl_ctx_load_path(WOLFSSL_CTX* ctx, const char* path,
ret = fileRet;
#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
/* Ignore bad path error when flag set. */
if ((ret == BAD_PATH_ERROR) &&
if ((ret == WC_NO_ERR_TRACE(BAD_PATH_ERROR)) &&
(flags & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR)) {
/* QSslSocket always loads certs in system folder
* when it is initialized.

3
src/ssl_p7p12.c
View File

@ -1499,7 +1499,8 @@ int wolfSSL_SMIME_write_PKCS7(WOLFSSL_BIO* out, PKCS7* pkcs7, WOLFSSL_BIO* in,
/* Base64 encode signedData bundle */
if (ret > 0) {
if (Base64_Encode(p7out, (word32)len, NULL, &sigBase64Len) != LENGTH_ONLY_E) {
if (Base64_Encode(p7out, (word32)len, NULL, &sigBase64Len) !=
WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
ret = 0;
}
else {

86
src/tls.c
View File

@ -212,7 +212,8 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
ret = ssl->ctx->TlsFinishedCb(ssl, side, handshake_hash, hashSz,
(byte*)hashes, ctx);
}
if (!ssl->ctx->TlsFinishedCb || ret == PROTOCOLCB_UNAVAILABLE)
if (!ssl->ctx->TlsFinishedCb ||
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
#endif
{
PRIVATE_KEY_UNLOCK();
@ -488,7 +489,8 @@ int DeriveTlsKeys(WOLFSSL* ssl)
void* ctx = wolfSSL_GetGenSessionKeyCtx(ssl);
ret = ssl->ctx->GenSessionKeyCb(ssl, ctx);
}
if (!ssl->ctx->GenSessionKeyCb || ret == PROTOCOLCB_UNAVAILABLE)
if (!ssl->ctx->GenSessionKeyCb ||
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
#endif
ret = _DeriveTlsKeys(key_dig, (word32)key_dig_len,
ssl->arrays->masterSecret, SECRET_LEN,
@ -668,7 +670,8 @@ int MakeTlsMasterSecret(WOLFSSL* ssl)
void* ctx = wolfSSL_GetGenMasterSecretCtx(ssl);
ret = ssl->ctx->GenMasterCb(ssl, ctx);
}
if (!ssl->ctx->GenMasterCb || ret == PROTOCOLCB_UNAVAILABLE)
if (!ssl->ctx->GenMasterCb ||
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
#endif
{
ret = _MakeTlsMasterSecret(ssl->arrays->masterSecret,
@ -782,7 +785,7 @@ int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner, word32 sz, int content,
*/
static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hmac->macType) {
#ifndef NO_SHA
@ -816,6 +819,7 @@ static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz)
#endif /* WOLFSSL_SM3 */
default:
ret = BAD_FUNC_ARG;
break;
}
@ -830,7 +834,7 @@ static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz)
*/
static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hmac->macType) {
#ifndef NO_SHA
@ -864,6 +868,7 @@ static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash)
#endif /* WOLFSSL_SM3 */
default:
ret = BAD_FUNC_ARG;
break;
}
@ -878,7 +883,7 @@ static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash)
*/
static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac)
{
int ret = BAD_FUNC_ARG;
int ret;
wc_HashAlg hash;
enum wc_HashType hashType = (enum wc_HashType)hmac->macType;
int digestSz = wc_HashGetDigestSize(hashType);
@ -887,6 +892,10 @@ static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac)
if ((digestSz >= 0) && (blockSz >= 0)) {
ret = wc_HashInit(&hash, hashType);
}
else {
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
ret = wc_HashUpdate(&hash, hashType, (byte*)hmac->opad,
(word32)blockSz);
@ -3388,7 +3397,8 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
/* Let's not error out the connection if we can't verify our
* cert */
if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
if (ret == WC_NO_ERR_TRACE(ASN_SELF_SIGNED_E) ||
ret == WC_NO_ERR_TRACE(ASN_NO_SIGNER_E))
ret = 0;
return ret;
}
@ -4090,7 +4100,7 @@ static void TLSX_PointFormat_FreeAll(PointFormat* list, void* heap)
static int TLSX_SupportedCurve_Append(SupportedCurve* list, word16 name,
void* heap)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
while (list) {
if (list->name == name) {
@ -4111,7 +4121,7 @@ static int TLSX_SupportedCurve_Append(SupportedCurve* list, word16 name,
static int TLSX_PointFormat_Append(PointFormat* list, byte format, void* heap)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
while (list) {
if (list->format == format) {
@ -4398,7 +4408,7 @@ int TLSX_SupportedCurve_Parse(const WOLFSSL* ssl, const byte* input,
ret = TLSX_UseSupportedCurve(extensions, name, ssl->heap);
/* If it is BAD_FUNC_ARG then it is a group we do not support, but
* that is fine. */
if (ret != WOLFSSL_SUCCESS && ret != BAD_FUNC_ARG) {
if (ret != WOLFSSL_SUCCESS && ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) {
return ret;
}
}
@ -5303,7 +5313,7 @@ static word16 TLSX_SecureRenegotiation_Write(SecureRenegotiation* data,
static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
word16 length, byte isRequest)
{
int ret = SECURE_RENEGOTIATION_E;
int ret = WC_NO_ERR_TRACE(SECURE_RENEGOTIATION_E);
if (length >= OPAQUE8_LEN) {
if (isRequest) {
@ -5313,7 +5323,7 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
if (ret == WOLFSSL_SUCCESS)
ret = 0;
}
if (ret != 0 && ret != SECURE_RENEGOTIATION_E) {
if (ret != 0 && ret != WC_NO_ERR_TRACE(SECURE_RENEGOTIATION_E)) {
}
else if (ssl->secure_renegotiation == NULL) {
}
@ -5383,6 +5393,12 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
}
#endif
}
else {
ret = SECURE_RENEGOTIATION_E;
}
}
else {
ret = SECURE_RENEGOTIATION_E;
}
if (ret != 0) {
@ -5576,7 +5592,7 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, const byte* input,
WOLFSSL_MSG("Process client ticket rejected, not using");
ssl->options.rejectTicket = 1;
ret = 0; /* not fatal */
} else if (ret == VERSION_ERROR) {
} else if (ret == WC_NO_ERR_TRACE(VERSION_ERROR)) {
WOLFSSL_MSG("Process client ticket rejected, bad TLS version");
ssl->options.rejectTicket = 1;
ret = 0; /* not fatal */
@ -5878,7 +5894,7 @@ static void TLSX_UseSRTP_Free(TlsxSrtp *srtp, void* heap)
static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length,
byte isRequest)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
word16 profile_len = 0;
word16 profile_value = 0;
word16 offset = 0;
@ -7251,7 +7267,7 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
kse->pubKey, &kse->pubKeyLen /* public */
);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -7564,7 +7580,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13GenEccKeyPair(ssl, kse);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
return ret;
}
#endif
@ -7581,7 +7597,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
if (ret == 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
/* Detect when private key generation is done */
if (ssl->error == WC_PENDING_E &&
if (ssl->error == WC_NO_ERR_TRACE(WC_PENDING_E) &&
eccKey->type == ECC_PRIVATEKEY) {
ret = 0; /* ECC Key Generation is done */
}
@ -7596,7 +7612,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
}
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
}
@ -7759,7 +7775,7 @@ static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse)
findEccPqc(&ecc_group, &oqs_group, kse->group);
ret = kyber_id2type(oqs_group, &type);
if (ret == NOT_COMPILED_IN) {
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
WOLFSSL_MSG("Invalid Kyber algorithm specified.");
ret = BAD_FUNC_ARG;
}
@ -8120,7 +8136,7 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
NULL, 0
);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -8392,7 +8408,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
}
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13GenSharedSecret(ssl, keyShareEntry);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
return ret;
}
ret = 0;
@ -8434,7 +8450,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
ssl->options.side
);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
}
@ -8915,7 +8931,7 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
#ifdef WOLFSSL_ASYNC_CRYPT
/* only perform find and clear TLSX if not returning from async */
if (ssl->error != WC_PENDING_E)
if (ssl->error != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
{
/* Check the selected group was supported by ClientHello extensions. */
@ -9386,7 +9402,7 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
int id;
findEccPqc(NULL, &namedGroup, namedGroup);
ret = kyber_id2type(namedGroup, &id);
if (ret == NOT_COMPILED_IN) {
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
return 0;
}
@ -9557,7 +9573,7 @@ int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl, TLSX** extensions)
kse = (KeyShareEntry*)extension->data;
/* We should not be computing keys if we are only going to advertise
* our choice here. */
if (kse != NULL && kse->lastRet == WC_PENDING_E) {
if (kse != NULL && kse->lastRet == WC_NO_ERR_TRACE(WC_PENDING_E)) {
WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
return BAD_KEY_SHARE_DATA;
}
@ -9729,16 +9745,20 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
if (extension && extension->resp == 1) {
/* Outside of the async case this path should not be taken. */
int ret = INCOMPLETE_DATA;
int ret;
#ifdef WOLFSSL_ASYNC_CRYPT
/* in async case make sure key generation is finalized */
KeyShareEntry* serverKSE = (KeyShareEntry*)extension->data;
if (serverKSE && serverKSE->lastRet == WC_PENDING_E) {
if (serverKSE && serverKSE->lastRet == WC_NO_ERR_TRACE(WC_PENDING_E)) {
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
*searched = 1;
ret = TLSX_KeyShare_GenKey((WOLFSSL*)ssl, serverKSE);
}
else
#endif
{
ret = INCOMPLETE_DATA;
}
return ret;
}
@ -9813,7 +9833,7 @@ int TLSX_KeyShare_Setup(WOLFSSL *ssl, KeyShareEntry* clientKSE)
serverKSE = (KeyShareEntry*)extension->data;
if (serverKSE != NULL) {
/* in async case make sure key generation is finalized */
if (serverKSE->lastRet == WC_PENDING_E)
if (serverKSE->lastRet == WC_NO_ERR_TRACE(WC_PENDING_E))
return TLSX_KeyShare_GenKey((WOLFSSL*)ssl, serverKSE);
else if (serverKSE->lastRet == 0)
return 0;
@ -9925,7 +9945,7 @@ int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, NULL);
/* Check for error */
if (ret != WC_NO_PENDING_E && ret < 0) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E) && ret < 0) {
return ret;
}
#endif
@ -11740,7 +11760,7 @@ static int TLSX_ECH_Write(WOLFSSL_ECH* ech, byte* writeBuf, word16* offset)
/* get size then write */
ret = GetEchConfigsEx(ech->echConfig, NULL, &configsLen);
if (ret != LENGTH_ONLY_E)
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return ret;
ret = GetEchConfigsEx(ech->echConfig, writeBuf, &configsLen);
@ -11877,7 +11897,7 @@ static int TLSX_ECH_GetSize(WOLFSSL_ECH* ech)
/* get the size of the raw configs */
ret = GetEchConfigsEx(ech->echConfig, NULL, &size);
if (ret != LENGTH_ONLY_E)
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return ret;
}
else if (ech->type == ECH_TYPE_INNER)
@ -11960,7 +11980,7 @@ static int TLSX_ExtractEch(WOLFSSL_ECH* ech, WOLFSSL_EchConfig* echConfig,
if (ret == 0)
ret = GetEchConfig(echConfig, NULL, &rawConfigLen);
if (ret == LENGTH_ONLY_E)
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E))
ret = 0;
/* create info */
@ -13443,7 +13463,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
ssl->arrays->psk_keySz == 0 ||
#endif
(ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
(int)ssl->arrays->psk_keySz != USE_HW_PSK)) {
(int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
#ifndef OPENSSL_EXTRA
ret = PSK_KEY_ERROR;
#endif

141
src/tls13.c
View File

@ -205,7 +205,7 @@ static int Tls13HKDFExpandLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
const byte* info, word32 infoLen,
int digest)
{
int ret = NOT_COMPILED_IN;
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
#if defined(HAVE_PK_CALLBACKS)
if (ssl->ctx && ssl->ctx->HKDFExpandLabelCb) {
@ -216,7 +216,7 @@ static int Tls13HKDFExpandLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
WOLFSSL_CLIENT_END /* ignored */);
}
if (ret != NOT_COMPILED_IN)
if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
return ret;
#endif
(void)ssl;
@ -257,7 +257,7 @@ static int Tls13HKDFExpandKeyLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
info, infoLen,
digest, side);
}
if (ret != NOT_COMPILED_IN)
if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
return ret;
#endif
@ -308,7 +308,7 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
const byte* protocol;
word32 protocolLen;
int digestAlg = -1;
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hashAlgo) {
#ifndef NO_WOLFSSL_SHA256
@ -364,6 +364,7 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
break;
#endif
default:
ret = BAD_FUNC_ARG;
digestAlg = -1;
break;
}
@ -1161,7 +1162,7 @@ int DeriveEarlySecret(WOLFSSL* ssl)
}
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13DeriveEarlySecret(ssl);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
#endif
PRIVATE_KEY_UNLOCK();
@ -1197,7 +1198,7 @@ int DeriveHandshakeSecret(WOLFSSL* ssl)
}
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13DeriveHandshakeSecret(ssl);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
#endif
@ -1232,7 +1233,7 @@ int DeriveMasterSecret(WOLFSSL* ssl)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13DeriveMasterSecret(ssl);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
#endif
@ -1355,7 +1356,7 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash,
#endif
int hashType = WC_SHA256;
int hashSz = WC_SHA256_DIGEST_SIZE;
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
if (ssl == NULL || key == NULL || hash == NULL) {
return BAD_FUNC_ARG;
@ -1392,6 +1393,7 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash,
break;
#endif /* WOLFSSL_SM3 */
default:
ret = BAD_FUNC_ARG;
break;
}
if (ret != 0)
@ -1466,7 +1468,7 @@ static const byte writeIVLabel[WRITE_IV_LABEL_SZ+1] = "iv";
*/
int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
{
int ret = BAD_FUNC_ARG; /* Assume failure */
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); /* Assume failure */
int i = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* key_dig;
@ -1477,10 +1479,10 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13DeriveKeys(ssl, secret, side);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
return ret;
}
ret = BAD_FUNC_ARG; /* Assume failure */
ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); /* Assume failure */
#endif
#ifdef WOLFSSL_SMALL_STACK
@ -1553,6 +1555,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
break;
default:
ret = BAD_FUNC_ARG;
break;
}
@ -2571,13 +2574,13 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
(void)nonceSz;
#ifdef WOLFSSL_ASYNC_CRYPT
if (ssl->error == WC_PENDING_E) {
if (ssl->error == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ssl->error = 0; /* clear async */
}
#endif
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13AesEncrypt(ssl, output, input, dataSz);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
if (ret > 0) {
ret = 0; /* tsip_Tls13AesEncrypt returns output size */
}
@ -2650,7 +2653,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
output + dataSz, macSz,
aad, aadSz);
}
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif
{
@ -2692,7 +2695,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
output + dataSz, macSz,
aad, aadSz);
}
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif
{
#if ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
@ -2754,7 +2757,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
ssl->encrypt.state = CIPHER_STATE_END;
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* if async is not okay, then block */
if (!asyncOkay) {
ret = wc_AsyncWait(ret, asyncDev, event_flags);
@ -2956,7 +2959,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13AesDecrypt(ssl, output, input, sz);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
#ifndef WOLFSSL_EARLY_DATA
if (ret < 0) {
ret = VERIFY_MAC_ERROR;
@ -2969,9 +2972,9 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* check for still pending */
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
ssl->error = 0; /* clear async */
@ -3052,7 +3055,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
(byte *)(input + dataSz), macSz,
aad, aadSz);
}
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif
{
@ -3061,7 +3064,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
input + dataSz, macSz, aad, aadSz);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl,
&ssl->decrypt.aes->asyncDev);
}
@ -3091,14 +3094,14 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
(byte *)(input + dataSz), macSz,
aad, aadSz);
}
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif
{
ret = wc_AesCcmDecrypt(ssl->decrypt.aes, output, input,
dataSz, ssl->decrypt.nonce, nonceSz,
input + dataSz, macSz, aad, aadSz);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl,
&ssl->decrypt.aes->asyncDev);
}
@ -3148,7 +3151,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
#ifdef WOLFSSL_ASYNC_CRYPT
/* If pending, leave now */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -3246,7 +3249,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
args = (BuildMsg13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.buildMsgState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
goto exit_buildmsg;
@ -3260,7 +3263,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
/* Reset state */
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_NO_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_NO_PENDING_E))
#endif
{
ret = 0;
@ -3380,7 +3383,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
(word16)args->headerSz, asyncOkay);
if (ret != 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
{
/* Zeroize plaintext. */
@ -3406,7 +3409,7 @@ exit_buildmsg:
WOLFSSL_LEAVE("BuildTls13Message", ret);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -3954,7 +3957,7 @@ static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk, int clientHello)
}
if (ssl->arrays->psk_keySz == 0 ||
(ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
(int)ssl->arrays->psk_keySz != USE_HW_PSK)) {
(int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
WOLFSSL_ERROR_VERBOSE(PSK_KEY_ERROR);
return PSK_KEY_ERROR;
}
@ -4316,7 +4319,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
args = (Sch13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
return ret;
@ -5059,10 +5062,10 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (Dsh13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0) {
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Mark message as not received so it can process again */
ssl->msgsReceived.got_server_hello = 0;
}
@ -5331,7 +5334,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ret != 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
/* Handle async operation */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Mark message as not received so it can process again */
ssl->msgsReceived.got_server_hello = 0;
}
@ -5860,7 +5863,7 @@ int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, byte* psk_key,
}
if (*found) {
if (*psk_keySz > MAX_PSK_KEY_LEN &&
*((int*)psk_keySz) != USE_HW_PSK) {
*((int*)psk_keySz) != WC_NO_ERR_TRACE(USE_HW_PSK)) {
WOLFSSL_MSG("Key len too long in FindPsk()");
ret = PSK_KEY_ERROR;
WOLFSSL_ERROR_VERBOSE(ret);
@ -6014,7 +6017,7 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz,
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
@ -6214,7 +6217,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if (ret != 0) {
#ifdef HAVE_SESSION_TICKET
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
CleanupClientTickets((PreSharedKey*)ext->data);
#endif
@ -6697,7 +6700,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (Dch13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0) {
goto exit_dch;
@ -7061,7 +7064,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (!args->usingPSK) {
if ((ret = MatchSuite(ssl, args->clSuites)) < 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
WOLFSSL_MSG("Unsupported cipher suite, ClientHello 1.3");
goto exit_dch;
@ -7078,7 +7081,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
ERROR_OUT(INVALID_PARAMETER, exit_dch);
ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
if (ret != WC_PENDING_E)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E))
ret = 0; /* for hello_retry return 0 */
}
if (ret != 0)
@ -7100,7 +7103,8 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
if (extension != NULL && extension->resp == 1) {
KeyShareEntry* serverKSE = (KeyShareEntry*)extension->data;
if (serverKSE != NULL && serverKSE->lastRet == WC_PENDING_E) {
if (serverKSE != NULL &&
serverKSE->lastRet == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = TLSX_KeyShare_GenKey(ssl, serverKSE);
if (ret != 0)
goto exit_dch;
@ -7233,7 +7237,7 @@ exit_dch:
WOLFSSL_LEAVE("DoTls13ClientHello", ret);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ssl->msgsReceived.got_client_hello = 0;
return ret;
}
@ -8203,7 +8207,7 @@ int CreateRSAEncodedSig(byte* sig, byte* sigData, int sigDataSz,
{
Digest digest;
int hashSz = 0;
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
byte* hash;
(void)sigAlgo;
@ -8248,6 +8252,10 @@ int CreateRSAEncodedSig(byte* sig, byte* sigData, int sigDataSz,
hashSz = WC_SHA512_DIGEST_SIZE;
break;
#endif
default:
ret = BAD_FUNC_ARG;
break;
}
if (ret != 0)
@ -8269,7 +8277,7 @@ static int CreateECCEncodedSig(byte* sigData, int sigDataSz, int hashAlgo)
{
Digest digest;
int hashSz = 0;
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
/* Digest the signature data. */
switch (hashAlgo) {
@ -8310,6 +8318,7 @@ static int CreateECCEncodedSig(byte* sigData, int sigDataSz, int hashAlgo)
break;
#endif
default:
ret = BAD_FUNC_ARG;
break;
}
@ -8816,7 +8825,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13SendCertVerify(ssl);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
goto exit_scv;
}
ret = 0;
@ -8842,7 +8851,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args = (Scv13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
goto exit_scv;
@ -9577,7 +9586,7 @@ exit_scv:
#ifdef WOLFSSL_ASYNC_CRYPT
/* Handle async operation */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif /* WOLFSSL_ASYNC_CRYPT */
@ -9829,7 +9838,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_Tls13CertificateVerify(ssl, input, inOutIdx, totalSz);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
goto exit_dcv;
}
ret = 0;
@ -9846,7 +9855,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
args = (Dcv13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
goto exit_dcv;
@ -10559,7 +10568,7 @@ exit_dcv:
#ifdef WOLFSSL_ASYNC_CRYPT
/* Handle async operation */
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Mark message as not received so it can process again */
ssl->msgsReceived.got_certificate_verify = 0;
@ -10570,7 +10579,7 @@ exit_dcv:
if (ret != 0) {
WOLFSSL_ERROR_VERBOSE(ret);
if (ret != INVALID_PARAMETER) {
if (ret != WC_NO_ERR_TRACE(INVALID_PARAMETER)) {
SendAlert(ssl, alert_fatal, decrypt_error);
}
}
@ -10644,11 +10653,11 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->options.serverState = SERVER_FINISHED_COMPLETE;
return ret;
}
if (ret == VERIFY_FINISHED_ERROR) {
if (ret == WC_NO_ERR_TRACE(VERIFY_FINISHED_ERROR)) {
SendAlert(ssl, alert_fatal, decrypt_error);
return ret;
}
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
/* other errors */
return ret;
}
@ -10821,7 +10830,7 @@ static int SendTls13Finished(WOLFSSL* ssl)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
if (ssl->options.side == WOLFSSL_CLIENT_END) {
ret = tsip_Tls13SendFinished(ssl, output, outputSz, input, 1);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
return ret;
}
ret = 0;
@ -11658,7 +11667,7 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
}
else
#ifdef WOLFSSL_ASYNC_CRYPT
if (ssl->error != WC_PENDING_E)
if (ssl->error != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
{
ssl->session->ticketNonce.data[0]++;
@ -12338,7 +12347,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* sanity check msg received */
if ((ret = SanityCheckTls13MsgReceived(ssl, type)) != 0) {
WOLFSSL_MSG("Sanity Check on handshake message type received failed");
if (ret == VERSION_ERROR)
if (ret == WC_NO_ERR_TRACE(VERSION_ERROR))
SendAlert(ssl, alert_fatal, wolfssl_alert_protocol_version);
else
SendAlert(ssl, alert_fatal, unexpected_message);
@ -12446,7 +12455,8 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif
) {
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
if (ret != WC_PENDING_E && ret != OCSP_WANT_READ)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E) &&
ret != WC_NO_ERR_TRACE(OCSP_WANT_READ))
#endif
{
ssl->options.cacheMessages = 0;
@ -12535,7 +12545,8 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_ASYNC_IO)
/* if async, offset index so this msg will be processed again */
/* NOTE: check this now before other calls can overwrite ret */
if ((ret == WC_PENDING_E || ret == OCSP_WANT_READ) && *inOutIdx > 0) {
if ((ret == WC_NO_ERR_TRACE(WC_PENDING_E) ||
ret == WC_NO_ERR_TRACE(OCSP_WANT_READ)) && *inOutIdx > 0) {
/* DTLS always stores a message in a buffer when async is enable, so we
* don't need to adjust for the extra bytes here (*inOutIdx is always
* == 0) */
@ -12543,7 +12554,9 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
/* make sure async error is cleared */
if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
if (ret == 0 &&
(ssl->error == WC_NO_ERR_TRACE(WC_PENDING_E) ||
ssl->error == WC_NO_ERR_TRACE(OCSP_WANT_READ))) {
ssl->error = 0;
}
#endif
@ -12562,7 +12575,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
tmp = SendAlert(ssl, alert_fatal, alertType);
/* propagate socket error instead of tls error to be sure the error is
* not ignored by DTLS code */
if (tmp == SOCKET_ERROR_E)
if (tmp == WC_NO_ERR_TRACE(SOCKET_ERROR_E))
ret = SOCKET_ERROR_E;
}
@ -12659,7 +12672,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (wolfSSL_connect_TLSv13(ssl) != WOLFSSL_SUCCESS) {
ret = ssl->error;
if (ret != WC_PENDING_E)
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E))
ret = POST_HAND_AUTH_ERROR;
}
}
@ -12804,7 +12817,7 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->arrays->pendingMsgSz - HANDSHAKE_HEADER_SZ,
ssl->arrays->pendingMsgSz);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* setup to process fragment again */
ssl->arrays->pendingMsgOffset -= inputLength;
*inOutIdx -= inputLength + ssl->keys.padSz;
@ -13349,7 +13362,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, NULL);
if (ret != WC_NO_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
/* Check for error */
if (ret < 0)
return ret;
@ -14563,7 +14576,7 @@ int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
return SIDE_ERROR;
if (ssl->options.handShakeState == NULL_STATE) {
if (ssl->error != WC_PENDING_E)
if (ssl->error != WC_NO_ERR_TRACE(WC_PENDING_E))
ssl->earlyData = expecting_early_data;
ret = wolfSSL_connect_TLSv13(ssl);
if (ret != WOLFSSL_SUCCESS)
@ -14627,7 +14640,7 @@ int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz)
return SIDE_ERROR;
if (ssl->options.handShakeState == NULL_STATE) {
if (ssl->error != WC_PENDING_E)
if (ssl->error != WC_NO_ERR_TRACE(WC_PENDING_E))
ssl->earlyData = expecting_early_data;
/* this used to be: ret = wolfSSL_accept_TLSv13(ssl);
* However, wolfSSL_accept_TLSv13() expects a certificate to

2
src/x509.c
View File

@ -3362,7 +3362,7 @@ static unsigned long X509NameHash(WOLFSSL_X509_NAME* name,
((unsigned long)digest[1] << 8) |
((unsigned long)digest[0]));
}
else if (rc == HASH_TYPE_E) {
else if (rc == WC_NO_ERR_TRACE(HASH_TYPE_E)) {
WOLFSSL_ERROR_MSG("Hash function not compiled in");
}
else {

28
src/x509_str.c
View File

@ -208,25 +208,26 @@ void wolfSSL_X509_STORE_CTX_trusted_stack(WOLFSSL_X509_STORE_CTX *ctx, WOLF_STAC
int GetX509Error(int e)
{
switch (e) {
case ASN_BEFORE_DATE_E:
case WC_NO_ERR_TRACE(ASN_BEFORE_DATE_E):
return WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID;
case ASN_AFTER_DATE_E:
case WC_NO_ERR_TRACE(ASN_AFTER_DATE_E):
return WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED;
case ASN_NO_SIGNER_E: /* get issuer error if no CA found locally */
case WC_NO_ERR_TRACE(ASN_NO_SIGNER_E):
/* get issuer error if no CA found locally */
return WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
case ASN_SELF_SIGNED_E:
case WC_NO_ERR_TRACE(ASN_SELF_SIGNED_E):
return WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
case ASN_PATHLEN_INV_E:
case ASN_PATHLEN_SIZE_E:
case WC_NO_ERR_TRACE(ASN_PATHLEN_INV_E):
case WC_NO_ERR_TRACE(ASN_PATHLEN_SIZE_E):
return WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED;
case ASN_SIG_OID_E:
case ASN_SIG_CONFIRM_E:
case ASN_SIG_HASH_E:
case ASN_SIG_KEY_E:
case WC_NO_ERR_TRACE(ASN_SIG_OID_E):
case WC_NO_ERR_TRACE(ASN_SIG_CONFIRM_E):
case WC_NO_ERR_TRACE(ASN_SIG_HASH_E):
case WC_NO_ERR_TRACE(ASN_SIG_KEY_E):
return WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE;
case CRL_CERT_REVOKED:
case WC_NO_ERR_TRACE(CRL_CERT_REVOKED):
return WOLFSSL_X509_V_ERR_CERT_REVOKED;
case CRL_MISSING:
case WC_NO_ERR_TRACE(CRL_MISSING):
return X509_V_ERR_UNABLE_TO_GET_CRL;
case 0:
case 1:
@ -270,7 +271,8 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
SetupStoreCtxError(ctx, ret);
#ifndef NO_ASN_TIME
if (ret != ASN_BEFORE_DATE_E && ret != ASN_AFTER_DATE_E) {
if (ret != WC_NO_ERR_TRACE(ASN_BEFORE_DATE_E) &&
ret != WC_NO_ERR_TRACE(ASN_AFTER_DATE_E)) {
/* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
ASN_BEFORE_DATE_E if there are no additional errors found in the
cert. Therefore, check if the cert is expired or not yet valid

32
support/gen-debug-trace-error-codes.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/sh
awk '
BEGIN {
print("/* automatically generated, do not edit */") > "wolfssl/debug-trace-error-codes.h";
print("#ifndef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H") >> "wolfssl/debug-trace-error-codes.h";
print("#define WOLFSSL_DEBUG_TRACE_ERROR_CODES_H") >> "wolfssl/debug-trace-error-codes.h";
print("") >> "wolfssl/debug-trace-error-codes.h";
print("/* automatically generated, do not edit */") > "wolfssl/debug-untrace-error-codes.h";
print("#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H") >> "wolfssl/debug-untrace-error-codes.h";
print("#undef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H") >> "wolfssl/debug-untrace-error-codes.h";
}
{
if (match($0, "^[[:space:]]+([A-Z][A-Z0-9_]+)[[:space:]]*=[[:space:]]*(-[0-9]+)[,[:space:]]", errcode_a)) {
if ((errcode_a[1] == "MIN_CODE_E") ||
(errcode_a[1] == "WC_LAST_E") ||
(errcode_a[1] == "MAX_CODE_E"))
{
next;
}
printf("#define %s WC_ERR_TRACE(%s)\n#define CONST_NUM_ERR_%s (%s)\n", errcode_a[1], errcode_a[1], errcode_a[1], errcode_a[2]) >> "wolfssl/debug-trace-error-codes.h";
printf("#undef %s\n#undef CONST_NUM_ERR_%s\n", errcode_a[1], errcode_a[1]) >> "wolfssl/debug-untrace-error-codes.h";
}
}
END {
print("") >> "wolfssl/debug-trace-error-codes.h";
print("#endif /* WOLFSSL_DEBUG_TRACE_ERROR_CODES_H */") >> "wolfssl/debug-trace-error-codes.h";
print("") >> "wolfssl/debug-untrace-error-codes.h";
print("#endif /* WOLFSSL_DEBUG_TRACE_ERROR_CODES_H */") >> "wolfssl/debug-untrace-error-codes.h";
}' wolfssl/wolfcrypt/error-crypt.h wolfssl/error-ssl.h

3
support/include.am
View File

@ -2,7 +2,8 @@
# All paths should be given relative to the root
#
EXTRA_DIST += support/wolfssl.pc
EXTRA_DIST += support/wolfssl.pc \
support/gen-debug-trace-error-codes.sh
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = support/wolfssl.pc

23
wolfcrypt/src/aes.c
View File

@ -727,7 +727,8 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
return MEMORY_E;
#endif
if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key) == BAD_FUNC_ARG) {
if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key)
== WC_NO_ERR_TRACE(BAD_FUNC_ARG)) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES);
#endif
@ -5514,7 +5515,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif
{
int crypto_cb_ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -5683,7 +5684,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif
{
int crypto_cb_ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -6073,7 +6074,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif
{
int crypto_cb_ret = wc_CryptoCb_AesCtrEncrypt(aes, out, in, sz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -8324,7 +8325,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
int crypto_cb_ret =
wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag,
authTagSz, authIn, authInSz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -8867,7 +8868,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
{
int ret;
#ifdef WOLFSSL_AESNI
int res = AES_GCM_AUTH_E;
int res = WC_NO_ERR_TRACE(AES_GCM_AUTH_E);
#endif
/* argument checks */
@ -8888,7 +8889,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
int crypto_cb_ret =
wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -10773,7 +10774,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
int crypto_cb_ret =
wc_CryptoCb_AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz,
authTag, authTagSz, authIn, authInSz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -10915,7 +10916,7 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
int crypto_cb_ret =
wc_CryptoCb_AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz,
authTag, authTagSz, authIn, authInSz);
if (crypto_cb_ret != CRYPTOCB_UNAVAILABLE)
if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return crypto_cb_ret;
/* fall-through when unavailable */
}
@ -11423,7 +11424,7 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
#endif
{
ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
ret = 0;
/* fall-through when unavailable */
@ -11475,7 +11476,7 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
#endif
{
ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
ret = 0;
/* fall-through when unavailable */

77
wolfcrypt/src/asn.c
View File

@ -6933,7 +6933,7 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz,
ret = GetOctetString(input, &idx, &length, sz);
if (ret < 0) {
if (ret == BUFFER_E)
if (ret == WC_NO_ERR_TRACE(BUFFER_E))
return ASN_PARSE_E;
/* Some private keys don't expect an octet string */
WOLFSSL_MSG("Couldn't find Octet string");
@ -8647,7 +8647,7 @@ int TraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz,
if (ret == 0) {
ret = wc_CreatePKCS8Key(NULL, &pkcs8KeySz, key, keySz, algId, curveOid,
curveOidSz);
if (ret == LENGTH_ONLY_E)
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E))
ret = 0;
}
if (ret == 0) {
@ -9957,7 +9957,7 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
/* If ASN_DH_KEY_E: Check if input started at beginning of key */
if (ret == ASN_DH_KEY_E) {
if (ret == WC_NO_ERR_TRACE(ASN_DH_KEY_E)) {
*inOutIdx = temp;
/* the version (0) - private only (for public skip) */
@ -10118,7 +10118,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
/* DH Parameters sequence with P and G */
total = 0;
ret = wc_DhParamsToDer(key, NULL, &total);
if (ret != LENGTH_ONLY_E)
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return ret;
idx += total;
@ -10767,7 +10767,7 @@ int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
}
}
/* An alternate pass if default certificate fails parsing */
if (ret == ASN_PARSE_E) {
if (ret == WC_NO_ERR_TRACE(ASN_PARSE_E)) {
*inOutIdx = (word32)temp;
if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
return ASN_PARSE_E;
@ -11800,7 +11800,7 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
#endif
PRIVATE_KEY_LOCK();
/* LENGTH_ONLY_E on success. */
if (ret == LENGTH_ONLY_E) {
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
ret = 0;
}
}
@ -17252,7 +17252,8 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
if (!sigCtx->pkCbRsa || ret == CRYPTOCB_UNAVAILABLE)
if (!sigCtx->pkCbRsa ||
ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
#endif /* WOLFSSL_RENESAS_FSPSM_TLS */
#endif /* HAVE_PK_CALLBACKS */
{
@ -17326,7 +17327,8 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
if (!sigCtx->pkCbEcc || ret == CRYPTOCB_UNAVAILABLE)
if (!sigCtx->pkCbEcc ||
ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
#endif /* WOLFSSL_RENESAS_FSPSM_TLS */
#endif /* HAVE_PK_CALLBACKS */
{
@ -17396,7 +17398,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
} /* switch (keyOID) */
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
goto exit_cs;
}
#endif
@ -17695,7 +17697,7 @@ exit_cs:
WOLFSSL_LEAVE("ConfirmSignature", ret);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
return ret;
#endif
@ -19851,7 +19853,7 @@ static int DecodeExtKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
while (idx < (word32)sz) {
ret = GetObjectId(input, &idx, &oid, oidCertKeyUseType, sz);
if (ret == ASN_UNKNOWN_OID_E)
if (ret == WC_NO_ERR_TRACE(ASN_UNKNOWN_OID_E))
continue;
else if (ret < 0)
return ret;
@ -19931,7 +19933,7 @@ static int DecodeExtKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
ret = GetASN_Items(keyPurposeIdASN, dataASN, keyPurposeIdASN_Length, 0,
input, &idx, sz);
/* Skip unknown OIDs. */
if (ret == ASN_UNKNOWN_OID_E) {
if (ret == WC_NO_ERR_TRACE(ASN_UNKNOWN_OID_E)) {
ret = 0;
}
else if (ret == 0) {
@ -21455,7 +21457,7 @@ static int DecodeCertExtensions(DecodedCert* cert)
ret = DecodeExtensionType(input + idx, (word32)length, oid, critical,
cert, NULL);
if (ret == ASN_CRIT_EXT_E) {
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E)) {
ret = 0;
criticalFail = 1;
}
@ -21545,7 +21547,7 @@ end:
}
/* Don't fail criticality until all other extensions have been checked.
*/
if (ret == ASN_CRIT_EXT_E) {
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E)) {
criticalRet = ASN_CRIT_EXT_E;
ret = 0;
}
@ -22081,7 +22083,7 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
/* Decode the extension data starting at [3]. */
ret = DecodeCertExtensions(cert);
if (criticalExt != NULL) {
if (ret == ASN_CRIT_EXT_E) {
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E)) {
/* Return critical extension not recognized. */
*criticalExt = ret;
ret = 0;
@ -22272,7 +22274,7 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt,
/* Decode and validate extensions. */
ret = DecodeCertExtensions(cert);
if (ret == ASN_CRIT_EXT_E) {
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E)) {
/* Return critical extension not recognized. */
*criticalExt = ret;
ret = 0;
@ -23415,7 +23417,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
cert->badDate = 0;
cert->criticalExt = 0;
if ((ret = DecodeToKey(cert, verify)) < 0) {
if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
if (ret == WC_NO_ERR_TRACE(ASN_BEFORE_DATE_E) ||
ret == WC_NO_ERR_TRACE(ASN_AFTER_DATE_E)) {
cert->badDate = ret;
if (verify == VERIFY_SKIP_DATE)
ret = 0;
@ -23578,7 +23581,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
cert->extensionsIdx = cert->srcIdx; /* for potential later use */
if ((ret = DecodeCertExtensions(cert)) < 0) {
if (ret == ASN_CRIT_EXT_E) {
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E)) {
cert->criticalExt = ret;
}
else {
@ -23612,7 +23615,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
cert->extensionsIdx = cert->srcIdx; /* for potential later use */
if ((ret = DecodeCertExtensions(cert)) < 0) {
if (ret == ASN_CRIT_EXT_E)
if (ret == WC_NO_ERR_TRACE(ASN_CRIT_EXT_E))
cert->criticalExt = ret;
else
return ret;
@ -23665,7 +23668,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
#endif
{
ret = DecodeCert(cert, verify, &cert->criticalExt);
if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
if (ret == WC_NO_ERR_TRACE(ASN_BEFORE_DATE_E) ||
ret == WC_NO_ERR_TRACE(ASN_AFTER_DATE_E)) {
cert->badDate = ret;
if (verify == VERIFY_SKIP_DATE)
ret = 0;
@ -23882,7 +23886,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
NULL, 0,
#endif
sce_tsip_encRsaKeyIdx)) != 0) {
if (ret != WC_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E)) {
WOLFSSL_MSG("Confirm signature failed");
}
WOLFSSL_ERROR_VERBOSE(ret);
@ -23955,7 +23959,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
NULL, 0,
#endif
sce_tsip_encRsaKeyIdx)) != 0) {
if (ret != WC_PENDING_E) {
if (ret != WC_NO_ERR_TRACE(WC_PENDING_E)) {
WOLFSSL_MSG("Confirm signature failed");
}
WOLFSSL_ERROR_VERBOSE(ret);
@ -24295,7 +24299,7 @@ int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
if (pDer) {
int dynType = 0;
DerBuffer* der;
@ -24326,6 +24330,8 @@ int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
der->buffer = (byte*)der + sizeof(DerBuffer);
der->length = length;
ret = 0; /* Success */
} else {
ret = BAD_FUNC_ARG;
}
return ret;
}
@ -24474,7 +24480,7 @@ static WC_INLINE const char* SkipEndOfLineChars(const char* line,
int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (type) {
case CA_TYPE: /* same as below */
@ -24650,6 +24656,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
ret = 0;
break;
default:
ret = BAD_FUNC_ARG;
break;
}
return ret;
@ -24952,7 +24959,7 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz,
#endif
outLen = 0;
if ((err = Base64_Encode(der, derSz, NULL, (word32*)&outLen))
!= LENGTH_ONLY_E) {
!= WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_ERROR_VERBOSE(err);
return err;
}
@ -25896,7 +25903,7 @@ static DNS_entry* FindAltName(struct DecodedCert* cert, int nameType,
/* returns 0 on success */
int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
{
int ret = ALT_NAME_E;
int ret = WC_NO_ERR_TRACE(ALT_NAME_E);
DNS_entry* id = NULL;
do {
@ -25933,7 +25940,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
/* returns 0 on success */
int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
{
int ret = ALT_NAME_E;
int ret = WC_NO_ERR_TRACE(ALT_NAME_E);
DNS_entry* id = NULL;
do {
@ -29881,7 +29888,7 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, word32 sz,
exit_ms:
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return ret;
}
#endif
@ -31575,7 +31582,7 @@ static int SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
MAX_ENCODED_SIG_SZ, rsaKey, eccKey, ed25519Key, ed448Key,
falconKey, dilithiumKey, sphincsKey, rng, (word32)sType, heap);
#ifdef WOLFSSL_ASYNC_CRYPT
if (sigSz == WC_PENDING_E) {
if (sigSz == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Not free'ing certSignCtx->sig here because it could still be in use
* with async operations. */
return sigSz;
@ -31688,7 +31695,7 @@ int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf,
MAX_ENCODED_SIG_SZ, rsaKey, eccKey, ed25519Key, ed448Key,
falconKey, dilithiumKey, sphincsKey, rng, (word32)sType, heap);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* Not free'ing certSignCtx->sig here because it could still be in use
* with async operations. */
return ret;
@ -34385,7 +34392,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
PRIVATE_KEY_UNLOCK();
ret = wc_ecc_export_x963(key, NULL, &pubSz);
PRIVATE_KEY_LOCK();
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
#ifndef WOLFSSL_NO_MALLOC
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@ -34509,7 +34516,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
PRIVATE_KEY_UNLOCK();
ret = wc_ecc_export_x963(key, NULL, &pubSz);
PRIVATE_KEY_LOCK();
if (ret == LENGTH_ONLY_E)
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E))
ret = 0;
}
}
@ -34611,7 +34618,7 @@ int wc_EccKeyDerSize(ecc_key* key, int pub)
ret = wc_BuildEccKeyDer(key, NULL, &sz, pub, 1);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
return (int)sz;
@ -34678,7 +34685,7 @@ static int eccToPKCS8(ecc_key* key, byte* output, word32* outLen,
/* get pkcs8 expected output size */
ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, tmpDer, tmpDerSz, algoID,
curveOID, oidSz);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
#ifndef WOLFSSL_NO_MALLOC
XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@ -39322,7 +39329,7 @@ static void PrintObjectIdText(Asn1* asn1, Asn1PrintOptions* opts)
/* Get the OID value for the OBJECT_ID. */
if (GetObjectId(asn1->data + asn1->offset, &i, &oid, oidIgnoreType,
asn1->item.len + 2) == ASN_PARSE_E) {
asn1->item.len + 2) == WC_NO_ERR_TRACE(ASN_PARSE_E)) {
known = 0;
}
else

8
wolfcrypt/src/cmac.c
View File

@ -134,7 +134,7 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
type, unused);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -202,7 +202,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
{
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
NULL, NULL, 0, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -270,7 +270,7 @@ int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
#endif
{
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -340,7 +340,7 @@ int wc_AesCmacGenerate_ex(Cmac* cmac,
ret = wc_CryptoCb_Cmac(cmac, key, keySz, in, inSz, out, outSz,
WC_CMAC_AES, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* Clear CRYPTOCB_UNAVAILABLE return code */

2
wolfcrypt/src/coding.c
View File

@ -181,7 +181,7 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte e1, e2, e3, e4;
if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (ret == BUFFER_E) {
if (ret == WC_NO_ERR_TRACE(BUFFER_E)) {
/* Running out of buffer here is not an error */
break;
}

88
wolfcrypt/src/cryptocb.c
View File

@ -260,9 +260,9 @@ static CryptoCb* wc_CryptoCb_FindDeviceByIndex(int startIdx)
static WC_INLINE int wc_CryptoCb_TranslateErrorCode(int ret)
{
if (ret == NOT_COMPILED_IN) {
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
/* backwards compatibility for older NOT_COMPILED_IN syntax */
ret = CRYPTOCB_UNAVAILABLE;
ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
}
return ret;
}
@ -344,8 +344,8 @@ int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
/* Success. Update dev->ctx */
dev->ctx = info.cmd.ctx;
}
else if ((rc == CRYPTOCB_UNAVAILABLE) ||
(rc == NOT_COMPILED_IN)) {
else if ((rc == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) ||
(rc == WC_NO_ERR_TRACE(NOT_COMPILED_IN))) {
/* Not implemented. Return success*/
rc = 0;
}
@ -391,7 +391,7 @@ void wc_CryptoCb_UnRegisterDevice(int devId)
int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -421,7 +421,7 @@ int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
#ifdef WOLFSSL_KEY_GEN
int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -449,7 +449,7 @@ int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
word32 pubKeySz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -474,7 +474,7 @@ int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
int wc_CryptoCb_RsaGetSize(const RsaKey* key, int* keySize)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -500,7 +500,7 @@ int wc_CryptoCb_RsaGetSize(const RsaKey* key, int* keySize)
#ifdef HAVE_ECC
int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -527,7 +527,7 @@ int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId)
int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
byte* out, word32* outlen)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (private_key == NULL)
@ -554,7 +554,7 @@ int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
word32 *outlen, WC_RNG* rng, ecc_key* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -583,7 +583,7 @@ int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen, int* res, ecc_key* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -612,7 +612,7 @@ int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
word32 pubKeySz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -640,7 +640,7 @@ int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize,
curve25519_key* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -666,7 +666,7 @@ int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize,
int wc_CryptoCb_Curve25519(curve25519_key* private_key,
curve25519_key* public_key, byte* out, word32* outlen, int endian)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (private_key == NULL)
@ -696,7 +696,7 @@ int wc_CryptoCb_Curve25519(curve25519_key* private_key,
int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize,
ed25519_key* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -723,7 +723,7 @@ int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen, byte* out,
word32 *outLen, ed25519_key* key, byte type,
const byte* context, byte contextLen)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -755,7 +755,7 @@ int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen,
const byte* msg, word32 msgLen, int* res, ed25519_key* key, byte type,
const byte* context, byte contextLen)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (key == NULL)
@ -805,7 +805,7 @@ int wc_CryptoCb_PqcKemGetDevId(int type, void* key)
int wc_CryptoCb_MakePqcKemKey(WC_RNG* rng, int type, int keySize, void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -839,7 +839,7 @@ int wc_CryptoCb_PqcEncapsulate(byte* ciphertext, word32 ciphertextLen,
byte* sharedSecret, word32 sharedSecretLen, WC_RNG* rng, int type,
void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -875,7 +875,7 @@ int wc_CryptoCb_PqcEncapsulate(byte* ciphertext, word32 ciphertextLen,
int wc_CryptoCb_PqcDecapsulate(const byte* ciphertext, word32 ciphertextLen,
byte* sharedSecret, word32 sharedSecretLen, int type, void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -934,7 +934,7 @@ int wc_CryptoCb_PqcSigGetDevId(int type, void* key)
int wc_CryptoCb_MakePqcSignatureKey(WC_RNG* rng, int type, int keySize,
void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -967,7 +967,7 @@ int wc_CryptoCb_MakePqcSignatureKey(WC_RNG* rng, int type, int keySize,
int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen,
WC_RNG* rng, int type, void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -1003,7 +1003,7 @@ int wc_CryptoCb_PqcSign(const byte* in, word32 inlen, byte* out, word32 *outlen,
int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen, const byte* msg,
word32 msglen, int* res, int type, void* key)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -1039,7 +1039,7 @@ int wc_CryptoCb_PqcVerify(const byte* sig, word32 siglen, const byte* msg,
int wc_CryptoCb_PqcSignatureCheckPrivKey(void* key, int type,
const byte* pubKey, word32 pubKeySz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
int devId = INVALID_DEVID;
CryptoCb* dev;
@ -1078,7 +1078,7 @@ int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1119,7 +1119,7 @@ int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1162,7 +1162,7 @@ int wc_CryptoCb_AesCcmEncrypt(Aes* aes, byte* out,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1203,7 +1203,7 @@ int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1243,7 +1243,7 @@ int wc_CryptoCb_AesCcmDecrypt(Aes* aes, byte* out,
int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1275,7 +1275,7 @@ int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1308,7 +1308,7 @@ int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1341,7 +1341,7 @@ int wc_CryptoCb_AesCtrEncrypt(Aes* aes, byte* out,
int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1373,7 +1373,7 @@ int wc_CryptoCb_AesEcbEncrypt(Aes* aes, byte* out,
int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1408,7 +1408,7 @@ int wc_CryptoCb_AesEcbDecrypt(Aes* aes, byte* out,
int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1440,7 +1440,7 @@ int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out,
int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out,
const byte* in, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1474,7 +1474,7 @@ int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out,
int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
word32 inSz, byte* digest)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1507,7 +1507,7 @@ int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
word32 inSz, byte* digest)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1540,7 +1540,7 @@ int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in,
word32 inSz, byte* digest)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1576,7 +1576,7 @@ int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in,
int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in,
word32 inSz, byte* digest)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1612,7 +1612,7 @@ int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in,
int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz,
byte* digest)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
if (hmac == NULL)
@ -1640,7 +1640,7 @@ int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz,
#ifndef WC_NO_RNG
int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1668,7 +1668,7 @@ int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */
@ -1692,7 +1692,7 @@ int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
const byte* in, word32 inSz, byte* out, word32* outSz, int type,
void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev;
/* locate registered callback */

4
wolfcrypt/src/curve25519.c
View File

@ -238,7 +238,7 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
#ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Curve25519Gen(rng, keysize, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -299,7 +299,7 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
if (private_key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Curve25519(private_key, public_key, out, outlen,
endian);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

4
wolfcrypt/src/des3.c
View File

@ -1602,7 +1602,7 @@
#ifdef WOLF_CRYPTO_CB
if (des->devId != INVALID_DEVID) {
int ret = wc_CryptoCb_Des3Encrypt(des, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -1653,7 +1653,7 @@
#ifdef WOLF_CRYPTO_CB
if (des->devId != INVALID_DEVID) {
int ret = wc_CryptoCb_Des3Decrypt(des, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

4
wolfcrypt/src/dilithium.c
View File

@ -75,7 +75,7 @@ int wc_dilithium_sign_msg(const byte* in, word32 inLen,
{
ret = wc_CryptoCb_PqcSign(in, inLen, out, outLen, rng,
WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
@ -179,7 +179,7 @@ int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, res,
WC_PQC_SIG_TYPE_DILITHIUM, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;

34
wolfcrypt/src/dsa.c
View File

@ -930,33 +930,39 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
#ifdef WOLFSSL_SMALL_STACK
if (k) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_forcezero(k);
XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (kInv) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_forcezero(kInv);
XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (r) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_clear(r);
XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (s) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_clear(s);
XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (H) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_clear(H);
XFREE(H, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
if (b) {
if ((ret != MP_INIT_E) && (ret != MEMORY_E))
if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
(ret != WC_NO_ERR_TRACE(MEMORY_E)))
mp_forcezero(b);
XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
@ -966,7 +972,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
XFREE(buffer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#else /* !WOLFSSL_SMALL_STACK */
if (ret != MP_INIT_E) {
if (ret != WC_NO_ERR_TRACE(MP_INIT_E)) {
ForceZero(buffer, halfSz);
mp_forcezero(kInv);
mp_forcezero(k);
@ -1106,37 +1112,37 @@ int wc_DsaVerify_ex(const byte* digest, word32 digestSz, const byte* sig,
#ifdef WOLFSSL_SMALL_STACK
if (s) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(s);
XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (r) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(r);
XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (u1) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(u1);
XFREE(u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (u2) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(u2);
XFREE(u2, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (w) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(w);
XFREE(w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (v) {
if (ret != MP_INIT_E)
if (ret != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(v);
XFREE(v, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
if (ret != MP_INIT_E) {
if (ret != WC_NO_ERR_TRACE(MP_INIT_E)) {
mp_clear(s);
mp_clear(r);
mp_clear(u1);

50
wolfcrypt/src/ecc.c
View File

@ -4681,7 +4681,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
#endif
{
err = wc_CryptoCb_Ecdh(private_key, public_key, out, outlen);
if (err != CRYPTOCB_UNAVAILABLE)
if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return err;
/* fall-through when unavailable */
}
@ -5069,7 +5069,7 @@ static int wc_ecc_shared_secret_gen_async(ecc_key* private_key,
err = wc_ecc_shared_secret_gen_sync(private_key, point, out, outlen);
}
if (err == WC_PENDING_E) {
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
private_key->state++;
}
@ -5162,7 +5162,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
RESTORE_VECTOR_REGISTERS();
/* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) {
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
return err;
}
@ -5679,7 +5679,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#endif
{
err = wc_CryptoCb_MakeEccKey(rng, keysize, key, curve_id);
if (err != CRYPTOCB_UNAVAILABLE)
if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return err;
/* fall-through when unavailable */
}
@ -6691,7 +6691,7 @@ static int wc_ecc_sign_hash_async(const byte* in, word32 inlen, byte* out,
}
/* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) {
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
key->state++;
return err;
}
@ -6733,7 +6733,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
#endif
{
err = wc_CryptoCb_EccSign(in, inlen, out, outlen, rng, key);
if (err != CRYPTOCB_UNAVAILABLE)
if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return err;
/* fall-through when unavailable */
}
@ -6923,7 +6923,7 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
err = wc_ecc_gen_k(rng, key->dp->size, b, curve->order);
}
while (err == MP_ZERO_E);
while (err == WC_NO_ERR_TRACE(MP_ZERO_E));
loop_check = 0;
}
#ifdef WOLFSSL_CHECK_MEM_ZERO
@ -7284,7 +7284,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#if defined(WOLFSSL_HAVE_SP_ECC)
err = ecc_sign_hash_sp(in, inlen, rng, key, r, s);
if (err != WC_KEY_SIZE_E) {
if (err != WC_NO_ERR_TRACE(WC_KEY_SIZE_E)) {
return err;
}
#else
@ -8472,7 +8472,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
#endif
{
err = wc_CryptoCb_EccVerify(sig, siglen, hash, hashlen, res, key);
if (err != CRYPTOCB_UNAVAILABLE)
if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return err;
/* fall-through when unavailable */
}
@ -8580,7 +8580,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
#ifdef WOLFSSL_ASYNC_CRYPT
/* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) {
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
if (!isPrivateKeyOnly) /* do not advance state if doing make pub key */
key->state++;
return err;
@ -9222,7 +9222,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
}
err = ecc_verify_hash_sp(r, s, hash, hashlen, res, key);
if (err != NOT_COMPILED_IN) {
if (err != WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
if (curveLoaded) {
wc_ecc_curve_free(curve);
FREE_CURVE_SPECS();
@ -11608,7 +11608,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
if (err == MP_OKAY) {
err = wc_ecc_check_key(key);
if (err == IS_POINT_E && (mp_iszero(key->pubkey.x) ||
if (err == WC_NO_ERR_TRACE(IS_POINT_E) && (mp_iszero(key->pubkey.x) ||
mp_iszero(key->pubkey.y))) {
err = BAD_FUNC_ARG;
}
@ -14184,7 +14184,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
&sharedSz);
#endif
}
while (ret == WC_PENDING_E);
while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
if (ret == 0) {
#ifdef WOLFSSL_ECIES_ISO18033
@ -14603,7 +14603,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret +
pubKeySz, &sharedSz);
#endif
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
}
if (ret == 0) {
#ifdef WOLFSSL_ECIES_ISO18033
@ -15236,57 +15236,57 @@ static int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
#ifdef WOLFSSL_SMALL_STACK
if (t1) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(t1);
XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (C) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(C);
XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (Q) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(Q);
XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (S) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(S);
XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (Z) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(Z);
XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (M) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(M);
XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (T) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(T);
XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (R) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(R);
XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (N) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(N);
XFREE(N, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (two) {
if (res != MP_INIT_E)
if (res != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(two);
XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
#else
if (res != MP_INIT_E) {
if (res != WC_NO_ERR_TRACE(MP_INIT_E)) {
mp_clear(t1);
mp_clear(C);
mp_clear(Q);

2
wolfcrypt/src/eccsi.c
View File

@ -1447,7 +1447,7 @@ static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
ecc_point* point, ecc_point* a, ecc_point* res, mp_digit mp, int map)
{
#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
int err = NOT_COMPILED_IN;
int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {

8
wolfcrypt/src/ed25519.c
View File

@ -320,7 +320,7 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
#ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Ed25519Gen(rng, keySz, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -400,7 +400,7 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Ed25519Sign(in, inLen, out, outLen, key, type,
context, contextLen);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -858,7 +858,7 @@ int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Ed25519Verify(sig, sigLen, msg, msgLen, res, key,
type, context, contextLen);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -1383,7 +1383,7 @@ int wc_ed25519_check_key(ed25519_key* key)
}
}
/* Bits are all one up to last byte - check less than -19. */
if ((ret == PUBLIC_KEY_E) && (key->p[0] < 0xed)) {
if ((ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) && (key->p[0] < 0xed)) {
ret = 0;
}
}

5
wolfcrypt/src/ed448.c
View File

@ -1354,7 +1354,7 @@ int wc_ed448_check_key(ed448_key* key)
break;
}
}
if (ret == PUBLIC_KEY_E) {
if (ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) {
/* Check against 0xFE. */
if (key->p[ED448_PUB_KEY_SIZE/2] < 0xfe) {
ret = 0;
@ -1368,7 +1368,8 @@ int wc_ed448_check_key(ed448_key* key)
}
}
/* Check last byte. */
if ((ret == PUBLIC_KEY_E) && (key->p[0] < 0xff)) {
if ((ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) &&
(key->p[0] < 0xff)) {
ret = 0;
}
}

9
wolfcrypt/src/error.c
View File

@ -34,6 +34,11 @@
#endif
#ifndef NO_ERROR_STRINGS
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H
#include <wolfssl/debug-untrace-error-codes.h>
#endif
WOLFSSL_ABI
const char* wc_GetErrorString(int error)
{
@ -631,6 +636,10 @@ const char* wc_GetErrorString(int error)
}
}
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
#include <wolfssl/debug-trace-error-codes.h>
#endif
void wc_ErrorString(int error, char* buffer)
{
XSTRNCPY(buffer, wc_GetErrorString(error), WOLFSSL_MAX_ERROR_SZ);

27
wolfcrypt/src/evp.c
View File

@ -8481,7 +8481,7 @@ void wolfSSL_EVP_init(void)
}
if (ret < 0) {
if (ret == AES_GCM_AUTH_E) {
if (ret == WC_NO_ERR_TRACE(AES_GCM_AUTH_E)) {
WOLFSSL_MSG("wolfSSL_EVP_Cipher failure: bad AES-GCM tag.");
}
WOLFSSL_MSG("wolfSSL_EVP_Cipher failure");
@ -8559,7 +8559,7 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
if (key->pkcs8HeaderSz) {
ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, NULL, (word32)derSz,
RSAk, NULL, 0);
if (ret == LENGTH_ONLY_E)
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E))
ret = 0;
}
#endif
@ -8933,7 +8933,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
ret = wc_DhParamsToDer(dhkey,NULL,&derSz);
}
if (derSz == 0 || ret != LENGTH_ONLY_E) {
if (derSz == 0 || ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_MSG("Failed to get size of DH Key");
return WOLFSSL_FAILURE;
}
@ -9076,7 +9076,7 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
#ifdef HAVE_PKCS8
if (key->pkcs8HeaderSz) {
/* when key has pkcs8 header the pkey should too */
if (wc_EccKeyToPKCS8(ecc, NULL, (word32*)&derSz) == LENGTH_ONLY_E) {
if (wc_EccKeyToPKCS8(ecc, NULL, (word32*)&derSz) == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap,
DYNAMIC_TYPE_OPENSSL);
if (derBuf) {
@ -9221,7 +9221,7 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void)
int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
WOLFSSL_ENTER("wolfSSL_EVP_MD_pkey_type");
@ -9245,6 +9245,9 @@ int wolfSSL_EVP_MD_pkey_type(const WOLFSSL_EVP_MD* type)
ret = NID_sha512WithRSAEncryption;
}
}
else {
ret = BAD_FUNC_ARG;
}
WOLFSSL_LEAVE("wolfSSL_EVP_MD_pkey_type", ret);
@ -12448,7 +12451,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
(word32)(BASE64_DECODE_BLOCK_SIZE - ctx->remaining), (word32)inl);
for ( i = 0; cpySz > 0 && inLen > 0; i++) {
if (Base64_SkipNewline(in, &inLen, &j) == ASN_INPUT_E) {
if (Base64_SkipNewline(in, &inLen, &j) == WC_NO_ERR_TRACE(ASN_INPUT_E)) {
return -1; /* detected an illegal char in input */
}
c = in[j++];
@ -12488,7 +12491,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
*/
while (inLen > 3) {
if ((res = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (res == BUFFER_E) {
if (res == WC_NO_ERR_TRACE(BUFFER_E)) {
break;
}
else {
@ -12502,7 +12505,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
}
inLen--;
if ((res = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (res == BUFFER_E) {
if (res == WC_NO_ERR_TRACE(BUFFER_E)) {
break;
}
else {
@ -12513,7 +12516,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
e[1] = in[j++];
inLen--;
if ((res = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (res == BUFFER_E) {
if (res == WC_NO_ERR_TRACE(BUFFER_E)) {
break;
}
else {
@ -12524,7 +12527,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
e[2] = in[j++];
inLen--;
if ((res = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (res == BUFFER_E) {
if (res == WC_NO_ERR_TRACE(BUFFER_E)) {
break;
}
else {
@ -12631,8 +12634,10 @@ int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
inLen = (word32)ctx->remaining;
if ((res = Base64_SkipNewline(ctx->data, &inLen, &j)) != 0) {
*outl = 0;
if (res == BUFFER_E) /* means no valid data to decode in buffer */
if (res == WC_NO_ERR_TRACE(BUFFER_E)) {
/* means no valid data to decode in buffer */
return 1; /* returns as success with no output */
}
else
return -1;
}

6
wolfcrypt/src/ext_kyber.c
View File

@ -329,7 +329,7 @@ int wc_KyberKey_MakeKey(KyberKey* key, WC_RNG* rng)
{
ret = wc_CryptoCb_MakePqcKemKey(rng, WC_PQC_KEM_TYPE_KYBER,
key->type, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
@ -440,7 +440,7 @@ int wc_KyberKey_Encapsulate(KyberKey* key, unsigned char* ct, unsigned char* ss,
) {
ret = wc_CryptoCb_PqcEncapsulate(ct, ctlen, ss, KYBER_SS_SZ, rng,
WC_PQC_KEM_TYPE_KYBER, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
@ -549,7 +549,7 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,
) {
ret = wc_CryptoCb_PqcDecapsulate(ct, ctlen, ss, KYBER_SS_SZ,
WC_PQC_KEM_TYPE_KYBER, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;

4
wolfcrypt/src/falcon.c
View File

@ -75,7 +75,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
{
ret = wc_CryptoCb_PqcSign(in, inLen, out, outLen, rng,
WC_PQC_SIG_TYPE_FALCON, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;
@ -173,7 +173,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
{
ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, res,
WC_PQC_SIG_TYPE_FALCON, key);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0;

20
wolfcrypt/src/hash.c
View File

@ -145,7 +145,7 @@ enum wc_HashType wc_HashTypeConvert(int hashType)
int wc_HashGetOID(enum wc_HashType hash_type)
{
int oid = HASH_TYPE_E; /* Default to hash type error */
int oid = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
switch(hash_type)
{
case WC_HASH_TYPE_MD2:
@ -317,7 +317,7 @@ enum wc_HashType wc_OidGetHash(int oid)
/* Get Hash digest size */
int wc_HashGetDigestSize(enum wc_HashType hash_type)
{
int dig_size = HASH_TYPE_E; /* Default to hash type error */
int dig_size = WC_NO_ERR_TRACE(HASH_TYPE_E);
switch(hash_type)
{
case WC_HASH_TYPE_MD2:
@ -436,7 +436,7 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
/* Get Hash block size */
int wc_HashGetBlockSize(enum wc_HashType hash_type)
{
int block_size = HASH_TYPE_E; /* Default to hash type error */
int block_size = WC_NO_ERR_TRACE(HASH_TYPE_E);
switch (hash_type)
{
case WC_HASH_TYPE_MD2:
@ -555,7 +555,7 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
int wc_Hash_ex(enum wc_HashType hash_type, const byte* data,
word32 data_len, byte* hash, word32 hash_len, void* heap, int devId)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
int dig_size;
/* Validate hash buffer size */
@ -689,7 +689,7 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
int devId)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL)
return BAD_FUNC_ARG;
@ -801,7 +801,7 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
word32 dataSz)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL || (data == NULL && dataSz > 0))
return BAD_FUNC_ARG;
@ -904,7 +904,7 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL || out == NULL)
return BAD_FUNC_ARG;
@ -1007,7 +1007,7 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL)
return BAD_FUNC_ARG;
@ -1124,7 +1124,7 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
#ifdef WOLFSSL_HASH_FLAGS
int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL)
return BAD_FUNC_ARG;
@ -1203,7 +1203,7 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
}
int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */
if (hash == NULL)
return BAD_FUNC_ARG;

4
wolfcrypt/src/hmac.c
View File

@ -711,7 +711,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#ifdef WOLF_CRYPTO_CB
if (hmac->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Hmac(hmac, hmac->macType, msg, length, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code */
@ -820,7 +820,7 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
#ifdef WOLF_CRYPTO_CB
if (hmac->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, hash);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

17
wolfcrypt/src/kdf.c
View File

@ -659,7 +659,7 @@ typedef union {
static
int _HashInit(byte hashId, _hash* hash)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hashId) {
#ifndef NO_SHA
@ -684,6 +684,9 @@ int _HashInit(byte hashId, _hash* hash)
ret = wc_InitSha512(&hash->sha512);
break;
#endif /* WOLFSSL_SHA512 */
default:
ret = BAD_FUNC_ARG;
break;
}
return ret;
@ -693,7 +696,7 @@ static
int _HashUpdate(byte hashId, _hash* hash,
const byte* data, word32 dataSz)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hashId) {
#ifndef NO_SHA
@ -718,6 +721,9 @@ int _HashUpdate(byte hashId, _hash* hash,
ret = wc_Sha512Update(&hash->sha512, data, dataSz);
break;
#endif /* WOLFSSL_SHA512 */
default:
ret = BAD_FUNC_ARG;
break;
}
return ret;
@ -726,7 +732,7 @@ int _HashUpdate(byte hashId, _hash* hash,
static
int _HashFinal(byte hashId, _hash* hash, byte* digest)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (hashId) {
#ifndef NO_SHA
@ -751,6 +757,9 @@ int _HashFinal(byte hashId, _hash* hash, byte* digest)
ret = wc_Sha512Final(&hash->sha512, digest);
break;
#endif /* WOLFSSL_SHA512 */
default:
ret = BAD_FUNC_ARG;
break;
}
return ret;
@ -1450,7 +1459,7 @@ int wc_KDA_KDF_onestep(const byte* z, word32 zSz, const byte* fixedInfo,
return BAD_FUNC_ARG;
hashOutSz = wc_HashGetDigestSize(hashType);
if (hashOutSz == HASH_TYPE_E)
if (hashOutSz == WC_NO_ERR_TRACE(HASH_TYPE_E))
return BAD_FUNC_ARG;
/* According to SP800_56C, table 1, the max input size (max_H_inputBits)

20
wolfcrypt/src/logging.c
View File

@ -126,7 +126,10 @@ THREAD_LS_T void *StackSizeCheck_stackOffsetPointer = 0;
/* Set these to default values initially. */
static wolfSSL_Logging_cb log_function = NULL;
static int loggingEnabled = 0;
#ifndef WOLFSSL_LOGGINGENABLED_DEFAULT
#define WOLFSSL_LOGGINGENABLED_DEFAULT 0
#endif
static int loggingEnabled = WOLFSSL_LOGGINGENABLED_DEFAULT;
THREAD_LS_T const char* log_prefix = NULL;
#if defined(WOLFSSL_APACHE_MYNEWT)
@ -714,7 +717,7 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
while (1) {
int ret = wc_PeekErrorNode(0, file, NULL, line);
if (ret == BAD_STATE_E) {
if (ret == WC_NO_ERR_TRACE(BAD_STATE_E)) {
WOLFSSL_MSG("Issue peeking at error node in queue");
return 0;
}
@ -744,7 +747,7 @@ unsigned long wc_GetErrorNodeErr(void)
ret = wc_PullErrorNode(NULL, NULL, NULL);
if (ret < 0) {
if (ret == BAD_STATE_E) {
if (ret == WC_NO_ERR_TRACE(BAD_STATE_E)) {
ret = 0; /* no errors in queue */
}
else {
@ -1230,7 +1233,9 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
idx = getErrorNodeCurrentIdx();
while (1) {
int ret = peekErrorNode(idx, file, NULL, line);
if (ret == BAD_MUTEX_E || ret == BAD_FUNC_ARG || ret == BAD_STATE_E) {
if (ret == WC_NO_ERR_TRACE(BAD_MUTEX_E) ||
ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG) ||
ret == WC_NO_ERR_TRACE(BAD_STATE_E)) {
ERRQ_UNLOCK();
WOLFSSL_MSG("Issue peeking at error node in queue");
return 0;
@ -1263,7 +1268,7 @@ unsigned long wc_GetErrorNodeErr(void)
ret = pullErrorNode(NULL, NULL, NULL);
if (ret < 0) {
if (ret == BAD_STATE_E) {
if (ret == WC_NO_ERR_TRACE(BAD_STATE_E)) {
ret = 0; /* no errors in queue */
}
else {
@ -1483,7 +1488,7 @@ void WOLFSSL_ERROR(int error)
#endif
{
#ifdef WOLFSSL_ASYNC_CRYPT
if (error != WC_PENDING_E)
if (error != WC_NO_ERR_TRACE(WC_PENDING_E))
#endif
{
char buffer[WOLFSSL_MAX_ERROR_SZ];
@ -1501,7 +1506,8 @@ void WOLFSSL_ERROR(int error)
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
/* If running in compatibility mode do not add want read and
want right to error queue */
if (error != WANT_READ && error != WANT_WRITE) {
if (error != WC_NO_ERR_TRACE(WANT_READ) &&
error != WC_NO_ERR_TRACE(WANT_WRITE)) {
#endif
if (error < 0)
error = error - (2 * error); /* get absolute value */

22
wolfcrypt/src/pkcs12.c
View File

@ -297,7 +297,7 @@ static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
#ifdef ASN_BER_TO_DER
if (pkcs12->indefinite) {
if (wc_BerToDer(input, safe->dataSz, NULL,
&pkcs12->safeDersz) != LENGTH_ONLY_E) {
&pkcs12->safeDersz) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_MSG("Not BER sequence");
return ASN_PARSE_E;
}
@ -711,7 +711,7 @@ int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12)
#ifdef ASN_BER_TO_DER
if (size == 0) {
if (wc_BerToDer(der, totalSz, NULL,
(word32*)&size) != LENGTH_ONLY_E) {
(word32*)&size) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
WOLFSSL_MSG("Not BER sequence");
return ASN_PARSE_E;
}
@ -1826,7 +1826,7 @@ static int wc_PKCS12_shroud_key(WC_PKCS12* pkcs12, WC_RNG* rng,
ret = UnTraditionalEnc(key, keySz, pkcs8Key, &sz, pass, passSz,
vPKCS, vAlgo, NULL, 0, itt, rng, heap);
}
if (ret == LENGTH_ONLY_E) {
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
*outSz = sz + MAX_LENGTH_SZ + 1;
return LENGTH_ONLY_E;
}
@ -1883,7 +1883,7 @@ static int wc_PKCS12_create_key_bag(WC_PKCS12* pkcs12, WC_RNG* rng,
/* get max size for shrouded key */
ret = wc_PKCS12_shroud_key(pkcs12, rng, NULL, &length, key, keySz,
algo, pass, passSz, iter);
if (ret != LENGTH_ONLY_E && ret < 0) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E) && ret < 0) {
return ret;
}
@ -2092,7 +2092,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
encSz = contentSz;
if ((ret = EncryptContent(NULL, contentSz, NULL, &encSz,
pass, passSz, vPKCS, vAlgo, NULL, 0, iter, rng, heap)) < 0) {
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
}
@ -2282,7 +2282,7 @@ static byte* PKCS12_create_key_content(WC_PKCS12* pkcs12, int nidKey,
/* get max size for key bag */
ret = wc_PKCS12_create_key_bag(pkcs12, rng, NULL, &keyBufSz, key, keySz,
algo, iter, pass, (int)passSz);
if (ret != LENGTH_ONLY_E && ret < 0) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E) && ret < 0) {
WOLFSSL_MSG("Error getting key bag size");
return NULL;
}
@ -2319,7 +2319,7 @@ static byte* PKCS12_create_key_content(WC_PKCS12* pkcs12, int nidKey,
#endif
ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, keyCiSz,
NULL, keyBufSz, algo, pass, (int)passSz, iter, WC_PKCS12_DATA);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
WOLFSSL_MSG("Error getting key encrypt content size");
return NULL;
@ -2404,7 +2404,7 @@ static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
/* get max size of buffer needed */
ret = wc_PKCS12_create_cert_bag(pkcs12, NULL, &certBufSz, cert, certSz);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return NULL;
}
@ -2416,7 +2416,7 @@ static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
while (current != NULL) {
ret = wc_PKCS12_create_cert_bag(pkcs12, NULL, &curBufSz,
current->buffer, current->bufferSz);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return NULL;
}
certBufSz += curBufSz;
@ -2468,7 +2468,7 @@ static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
/* get buffer size needed for content info */
ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, certCiSz,
NULL, certBufSz, algo, pass, (int)passSz, iter, type);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
WOLFSSL_LEAVE("wc_PKCS12_create()", ret);
return NULL;
@ -2524,7 +2524,7 @@ static int PKCS12_create_safe(WC_PKCS12* pkcs12, byte* certCi, word32 certCiSz,
/* add Content Info structs to safe, key first then cert */
ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, &safeDataSz,
NULL, innerDataSz, 0, NULL, 0, 0, WC_PKCS12_DATA);
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}

53
wolfcrypt/src/pkcs7.c
View File

@ -284,7 +284,7 @@ static int wc_PKCS7_AddDataToStream(PKCS7* pkcs7, byte* in, word32 inSz,
if (rdSz >= inSz) {
/* no more input to read, reset input index and request more data */
pkcs7->stream->idx = 0;
return WC_PKCS7_WANT_READ_E;
return WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E);
}
/* try to store input data into stream buffer */
@ -324,7 +324,7 @@ static int wc_PKCS7_AddDataToStream(PKCS7* pkcs7, byte* in, word32 inSz,
/* if not enough data was read in then request more */
if (pkcs7->stream->length < expected) {
pkcs7->stream->idx = 0;
return WC_PKCS7_WANT_READ_E;
return WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E);
}
/* adjust pointer to read from stored buffer */
@ -379,8 +379,8 @@ static int wc_PKCS7_SetMaxStream(PKCS7* pkcs7, byte* in, word32 defSz)
#ifdef ASN_BER_TO_DER
if (length == 0 && ret == 0) {
idx = 0;
if ((ret = wc_BerToDer(pt, maxIdx, NULL,
(word32*)&length)) != LENGTH_ONLY_E) {
if ((ret = wc_BerToDer(pt, maxIdx, NULL, (word32*)&length))
!= WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
}
@ -1787,7 +1787,8 @@ static int wc_PKCS7_ImportRSA(PKCS7* pkcs7, RsaKey* privKey)
#endif
}
#ifdef WOLF_CRYPTO_CB
else if (ret == ASN_PARSE_E && pkcs7->devId != INVALID_DEVID) {
else if (ret == WC_NO_ERR_TRACE(ASN_PARSE_E) &&
pkcs7->devId != INVALID_DEVID) {
/* if using crypto callbacks, try public key decode */
idx = 0;
ret = wc_RsaPublicKeyDecode(pkcs7->privateKey, &idx, privKey,
@ -1839,7 +1840,7 @@ static int wc_PKCS7_RsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd)
privKey, pkcs7->rng);
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
}
@ -1876,7 +1877,8 @@ static int wc_PKCS7_ImportECC(PKCS7* pkcs7, ecc_key* privKey)
}
}
#ifdef WOLF_CRYPTO_CB
else if (ret == ASN_PARSE_E && pkcs7->devId != INVALID_DEVID) {
else if (ret == WC_NO_ERR_TRACE(ASN_PARSE_E) &&
pkcs7->devId != INVALID_DEVID) {
/* if using crypto callbacks, try public key decode */
idx = 0;
ret = wc_EccPublicKeyDecode(pkcs7->privateKey, &idx, privKey,
@ -1929,7 +1931,7 @@ static int wc_PKCS7_EcdsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd)
&outSz, pkcs7->rng, privKey);
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
if (ret == 0)
ret = (int)outSz;
@ -2470,7 +2472,7 @@ static int wc_PKCS7_EncodeContentStreamHelper(PKCS7* pkcs7, int cipherType,
Aes* aes, byte* encContentOut, byte* contentData, int contentDataSz,
byte* out, word32* outIdx, ESD* esd)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
byte encContentOutOct[MAX_OCTET_STR_SZ];
word32 encContentOutOctSz = 0;
@ -2500,7 +2502,8 @@ static int wc_PKCS7_EncodeContentStreamHelper(PKCS7* pkcs7, int cipherType,
#ifdef WOLFSSL_ASYNC_CRYPT
/* async encrypt not available here, so block till done */
if (ret == WC_PENDING_E && cipherType != WC_CIPHER_NONE) {
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E) &&
cipherType != WC_CIPHER_NONE) {
ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE);
}
#endif
@ -4048,7 +4051,7 @@ static int wc_PKCS7_RsaVerify(PKCS7* pkcs7, byte* sig, int sigSz,
key);
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
FreeDecodedCert(dCert);
wc_FreeRsaKey(key);
@ -4175,7 +4178,7 @@ static int wc_PKCS7_EcdsaVerify(PKCS7* pkcs7, byte* sig, int sigSz,
ret = wc_ecc_verify_hash(sig, (word32)sigSz, hash, hashSz, &res, key);
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
FreeDecodedCert(dCert);
@ -5103,7 +5106,7 @@ static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz,
/* check if expected data is available in stream */
ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &msg, idx);
if (ret == WC_PKCS7_WANT_READ_E) {
if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
break; /* ask user more input */
}
@ -5130,7 +5133,7 @@ static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz,
/* check if expected data is available in stream */
ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &msg, idx);
if (ret == WC_PKCS7_WANT_READ_E) {
if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
break; /* ask user more input */
}
@ -5167,7 +5170,7 @@ static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz,
ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &msg, idx);
if (ret == WC_PKCS7_WANT_READ_E) {
if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
break;
}
@ -5374,7 +5377,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
word32 len = 0;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len);
if (ret != LENGTH_ONLY_E)
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return ret;
pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
@ -6503,7 +6506,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
#ifndef NO_PKCS7_STREAM
/* make sure that terminating zero's follow */
if ((ret == PKCS7_SIGNEEDS_CHECK || ret >= 0) &&
if ((ret == WC_NO_ERR_TRACE(PKCS7_SIGNEEDS_CHECK) || ret >= 0) &&
pkcs7->stream->indefLen == 1) {
int i;
for (i = 0; i < 3 * ASN_INDEF_END_SZ; i++) {
@ -6531,7 +6534,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
ret = BAD_FUNC_ARG;
}
if (ret != 0 && ret != WC_PKCS7_WANT_READ_E) {
if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
#ifndef NO_PKCS7_STREAM
wc_PKCS7_ResetStream(pkcs7);
#endif
@ -7909,7 +7912,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
encryptedKeySz, pubKey, &rng);
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
wc_FreeRsaKey(pubKey);
wc_FreeRng(&rng);
@ -10271,7 +10274,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
#endif
}
#ifdef WOLFSSL_ASYNC_CRYPT
} while (keySz == WC_PENDING_E);
} while (keySz == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
#ifdef WC_RSA_BLINDING
wc_FreeRng(&rng);
@ -11433,7 +11436,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
PRIVATE_KEY_UNLOCK();
ret = wc_ecc_export_x963(kari->senderKey, NULL, &tmpKeySz);
PRIVATE_KEY_LOCK();
if (ret != LENGTH_ONLY_E) {
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
@ -11860,7 +11863,7 @@ static int wc_PKCS7_ParseToRecipientInfoSet(PKCS7* pkcs7, byte* in,
len = 0;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len);
if (ret != LENGTH_ONLY_E)
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return ret;
pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (pkcs7->der == NULL)
@ -12445,7 +12448,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in,
}
#ifndef NO_PKCS7_STREAM
if (ret < 0 && ret != WC_PKCS7_WANT_READ_E) {
if (ret < 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
wc_PKCS7_ResetStream(pkcs7);
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
if (pkcs7->cachedEncryptedContent != NULL) {
@ -13635,7 +13638,7 @@ authenv_atrbend:
}
#ifdef WOLFSSL_SMALL_STACK
if (ret != 0 && ret != WC_PKCS7_WANT_READ_E) {
if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
if (decryptedKey != NULL) {
ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
}
@ -13643,7 +13646,7 @@ authenv_atrbend:
}
#endif
#ifndef NO_PKCS7_STREAM
if (ret != 0 && ret != WC_PKCS7_WANT_READ_E) {
if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
wc_PKCS7_ResetStream(pkcs7);
}
#endif

12
wolfcrypt/src/port/Renesas/renesas_common.c
View File

@ -89,7 +89,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
const unsigned char* keyDer, unsigned int keySz,
void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
WOLFSSL_ENTER("Renesas_cmn_RsaSignCb");
/* This is just a stub function that provides no logic */
@ -108,7 +108,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
const unsigned char* keyDer, unsigned int keySz,
void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
WOLFSSL_ENTER("Renesas_cmn_RsaSignCheckCb");
#if defined(WOLFSSL_RENESAS_TSIP)
@ -127,7 +127,7 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl,
const unsigned char* keyDer, unsigned int keySz,
void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
WOLFSSL_ENTER("Renesas_cmn_EccSignCb");
/* This is just a stub function that provides no logic */
@ -147,7 +147,7 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl,
*/
static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
{
int ret = NOT_COMPILED_IN; /* return this to bypass HW and use SW */
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); /* return this to bypass HW and use SW */
WOLFSSL_ENTER("Renesas_cmn_CryptoDevCb");
@ -367,7 +367,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
cbInfo->keyflgs_crypt.bits.rsapub1024_installedkey_set ) {
ret = wc_fspsm_MakeRsaKey(info->pk.rsa.key, 0, cbInfo);
if (ret == CRYPTOCB_UNAVAILABLE)
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
@ -882,7 +882,7 @@ WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl,
*/
WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(struct WOLFSSL* ssl, void* ctx)
{
int ret = WOLFSSL_NOT_IMPLEMENTED;
int ret = WC_NO_ERR_TRACE(WOLFSSL_NOT_IMPLEMENTED);
(void) ret;
(void) ctx;

2
wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
View File

@ -384,7 +384,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
void* ctx)
{
int ret = NOT_COMPILED_IN;
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
WOLFSSL_ENTER("wc_tsip_AesCipher");

22
wolfcrypt/src/port/aria/aria-cryptocb.c
View File

@ -447,7 +447,7 @@ int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
int wc_AriaCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE; /* return this to bypass HW and use SW */
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); /* return this to bypass HW and use SW */
(void)ctx;
if (info == NULL)
@ -544,15 +544,18 @@ int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
ret = wc_AriaInitSha(&(info->hash.sha256->hSession), MC_ALGID_SHA256);
}
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE)) {
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))) {
ret = wc_AriaShaUpdate(info->hash.sha256->hSession,
(byte *) info->hash.in, info->hash.inSz);
}
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE)) {
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))) {
MC_UINT digestSz = 32;
ret = wc_AriaShaFinal(info->hash.sha256->hSession,
info->hash.digest, &digestSz);
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)))
ret = wc_AriaFree(&(info->hash.sha256->hSession),NULL);
}
if (ret != 0)
@ -571,16 +574,21 @@ int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
ret = wc_AriaInitSha(&(info->hash.sha384->hSession), MC_ALGID_SHA384);
}
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE)) {
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))) {
ret = wc_AriaShaUpdate(info->hash.sha384->hSession,
(byte *) info->hash.in, info->hash.inSz);
}
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE)) {
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))) {
MC_UINT digestSz = 48;
ret = wc_AriaShaFinal(info->hash.sha384->hSession,
info->hash.digest, &digestSz);
if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
if ((ret == 0) ||
(ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)))
{
ret = wc_AriaFree(&(info->hash.sha384->hSession),NULL);
}
}
if (ret != 0) ret = CRYPTOCB_UNAVAILABLE;
/* reset devId */

2
wolfcrypt/src/port/arm/armv8-sha512.c
View File

@ -628,7 +628,7 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash,
#ifdef WOLF_CRYPTO_CB
if (sha512->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

2
wolfcrypt/src/port/caam/wolfcaam_hmac.c
View File

@ -59,7 +59,7 @@ int wc_CAAM_Hmac(Hmac* hmac, int macType, const byte* msg, int msgSz,
hmac->keyLen);
if (ret != 0) {
WOLFSSL_MSG("Error with set key");
if (ret == HASH_TYPE_E) {
if (ret == WC_NO_ERR_TRACE(HASH_TYPE_E)) {
ret = CRYPTOCB_UNAVAILABLE; /* that hash type is not supported*/
}
}

2
wolfcrypt/src/port/caam/wolfcaam_init.c
View File

@ -79,7 +79,7 @@ int wc_caamSetResource(IODevice ioDev)
/* used to route crypto operations through crypto callback */
static int wc_CAAM_router(int devId, wc_CryptoInfo* info, void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
(void)ctx;
(void)devId;

2
wolfcrypt/src/port/cavium/cavium_octeon_sync.c
View File

@ -775,7 +775,7 @@ static int Octeon_AesGcm_Decrypt(Aes* aes, byte* in, byte* out, word32 inSz,
static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
{
int ret = NOT_COMPILED_IN; /* return this to bypass HW and use SW */
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); /* return this to bypass HW and use SW */
if (info == NULL)
return BAD_FUNC_ARG;

10
wolfcrypt/src/port/devcrypto/devcrypto_rsa.c
View File

@ -322,7 +322,7 @@ static int _PublicOperation(const byte* in, word32 inlen, byte* out,
int wc_DevCrypto_RsaDecrypt(const byte* in, word32 inlen,
byte* out, word32 outlen, RsaKey* key, int type)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (type) {
case RSA_PUBLIC_DECRYPT:
@ -332,6 +332,9 @@ int wc_DevCrypto_RsaDecrypt(const byte* in, word32 inlen,
case RSA_PRIVATE_DECRYPT:
ret = _PrivateOperation(in, inlen, out, outlen, key);
break;
default:
ret = BAD_FUNC_ARG;
break;
}
return ret;
@ -341,7 +344,7 @@ int wc_DevCrypto_RsaDecrypt(const byte* in, word32 inlen,
int wc_DevCrypto_RsaEncrypt(const byte* in, word32 inlen, byte* out,
word32* outlen, RsaKey *key, int type)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
switch (type) {
case RSA_PUBLIC_ENCRYPT:
@ -351,6 +354,9 @@ int wc_DevCrypto_RsaEncrypt(const byte* in, word32 inlen, byte* out,
case RSA_PRIVATE_ENCRYPT:
ret = _PrivateOperation(in, inlen, out, *outlen, key);
break;
default:
ret = BAD_FUNC_ARG;
break;
}
if (ret == 0) {
*outlen = inlen;

2
wolfcrypt/src/port/intel/quickassist_sync.c
View File

@ -674,7 +674,7 @@ int IntelQaPoll(IntelQaDev* dev)
}
{
if (dev->ret != WC_PENDING_E) {
if (dev->ret != WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* perform cleanup */
IntelQaFreeFunc freeFunc = dev->freeFunc;
QLOG("IntelQaOpFree: Dev %p, FreeFunc %p\n", dev, freeFunc);

4
wolfcrypt/src/port/iotsafe/iotsafe.c
View File

@ -620,7 +620,7 @@ static int iotsafe_gen_keypair(byte *wr_slot, unsigned long id_size,
ecc_key *key)
{
char *resp;
int ret = WC_HW_E;
int ret = WC_NO_ERR_TRACE(WC_HW_E);
iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GEN_KEYPAIR, 0, 0);
iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_PRIVKEY_ID, id_size, wr_slot);
iotsafe_cmd_complete(csim_cmd);
@ -822,7 +822,7 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
{
byte mode_of_operation = IOTSAFE_MOO_SIGN_ONLY;
uint16_t hash_algo_be = XHTONS(hash_algo);
int ret = WC_HW_E;
int ret = WC_NO_ERR_TRACE(WC_HW_E);
char *resp;
char R[2 * IOTSAFE_ECC_KSIZE + 1];
char S[2 * IOTSAFE_ECC_KSIZE + 1];

2
wolfcrypt/src/port/kcapi/kcapi_dh.c
View File

@ -52,7 +52,7 @@ static int KcapiDh_SetParams(DhKey* key)
word32 len;
ret = wc_DhParamsToDer(key, NULL, &len);
if (ret == LENGTH_ONLY_E) {
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
ret = 0;
pkcs3 = (unsigned char*)XMALLOC(len, key->heap,
DYNAMIC_TYPE_TMP_BUFFER);

8
wolfcrypt/src/port/liboqs/liboqs.c
View File

@ -119,14 +119,14 @@ int wolfSSL_liboqsRngMutexLock(WC_RNG* rng)
int wolfSSL_liboqsRngMutexUnlock(void)
{
int ret = BAD_MUTEX_E;
liboqsCurrentRNG = &liboqsDefaultRNG;
if (liboqs_init) {
ret = wc_UnLockMutex(&liboqsRNGMutex);
return wc_UnLockMutex(&liboqsRNGMutex);
}
else {
return BAD_MUTEX_E;
}
return ret;
}
#endif /* HAVE_LIBOQS */

2
wolfcrypt/src/port/maxim/maxq10xx.c
View File

@ -1450,7 +1450,7 @@ int wolfSSL_MAXQ10XX_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
}
#endif /* WOLFSSL_MAXQ108X */
if (rc != 0 && rc != CRYPTOCB_UNAVAILABLE) {
if (rc != 0 && rc != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
rc = WC_HW_E;
}

2
wolfcrypt/src/port/st/stsafe.c
View File

@ -559,7 +559,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_ECC */
/* need to return negative here for error */
if (rc != 0 && rc != CRYPTOCB_UNAVAILABLE) {
if (rc != 0 && rc != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
WOLFSSL_MSG("STSAFE: CryptoCb failed");
#ifdef USE_STSAFE_VERBOSE
STSAFE_INTERFACE_PRINTF("STSAFE: CryptoCb failed %d\n", rc);

4
wolfcrypt/src/port/ti/ti-aes.c
View File

@ -465,7 +465,7 @@ static int AesAuthEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, &M, &L);
if (ret == BAD_FUNC_ARG) {
if (ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) {
return ret;
}
@ -565,7 +565,7 @@ static int AesAuthDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, &M, &L);
if (ret == BAD_FUNC_ARG) {
if (ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) {
return ret;
}

15
wolfcrypt/src/port/xilinx/xil-versal-trng.c
View File

@ -134,7 +134,7 @@ int wc_VersalTrngInit(byte* nonce, word32 nonceSz)
.PersStrPresent = XTRNGPSV_FALSE
};
#endif
int ret = WC_HW_E;
int ret = WC_NO_ERR_TRACE(WC_HW_E);
XTrngpsv_Config *cfg;
sword32 xret = 0;
if (trng.State == XTRNGPSV_HEALTHY) {
@ -142,22 +142,29 @@ int wc_VersalTrngInit(byte* nonce, word32 nonceSz)
}
cfg = XTrngpsv_LookupConfig(WOLFSSL_PSV_TRNG_DEV_ID);
if (!cfg) {
ret = WC_HW_E;
WOLFSSL_MSG("Could not lookup TRNG config");
goto out;
}
xret = XTrngpsv_CfgInitialize(&trng, cfg, cfg->BaseAddress);
if (xret)
if (xret) {
ret = WC_HW_E;
goto out;
}
xret = versal_trng_selftest();
if (xret)
if (xret) {
ret = WC_HW_E;
goto out;
}
#if !defined(HAVE_HASHDRBG)
if (nonce)
usercfg_add_nonce(&user_cfg, nonce, nonceSz);
#endif
xret = XTrngpsv_Instantiate(&trng, &user_cfg);
if (xret)
if (xret) {
ret = WC_HW_E;
goto out;
}
ret = 0;

16
wolfcrypt/src/random.c
View File

@ -1470,7 +1470,7 @@ int wc_Entropy_Get(int bits, unsigned char* entropy, word32 len)
Entropy_StopThread();
#endif
if (ret != BAD_MUTEX_E) {
if (ret != WC_NO_ERR_TRACE(BAD_MUTEX_E)) {
/* Unlock mutex now we are done. */
wc_UnLockMutex(&entropy_mutex);
}
@ -1502,7 +1502,7 @@ int wc_Entropy_OnDemandTest(void)
ret = Entropy_HealthTest_Startup();
}
if (ret != BAD_MUTEX_E) {
if (ret != WC_NO_ERR_TRACE(BAD_MUTEX_E)) {
/* Unlock mutex now we are done. */
wc_UnLockMutex(&entropy_mutex);
}
@ -1868,7 +1868,7 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
#endif
{
ret = wc_CryptoCb_RandomBlock(rng, output, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -2676,7 +2676,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#endif
{
ret = wc_CryptoCb_RandomSeed(os, output, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -3476,7 +3476,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
}
/* driver could be waiting for entropy */
if (ret != RAN_BLOCK_E && ret != 0) {
if (ret != WC_NO_ERR_TRACE(RAN_BLOCK_E) && ret != 0) {
return ret;
}
#ifndef WOLFSSL_IMXRT1170_CAAM
@ -3909,14 +3909,14 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int ret = WC_HW_E;
int ret = WC_NO_ERR_TRACE(WC_HW_E);
#ifndef WOLF_CRYPTO_CB_FIND
if (os->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_RandomSeed(os, output, sz);
if (ret == CRYPTOCB_UNAVAILABLE) {
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
ret = WC_HW_E;
}
}
@ -3954,7 +3954,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#endif
{
ret = wc_CryptoCb_RandomSeed(os, output, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code */

38
wolfcrypt/src/rsa.c
View File

@ -627,13 +627,13 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
#ifdef WOLFSSL_ASYNC_CRYPT
/* Do blocking async calls here, caller does not support WC_PENDING_E */
do {
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
if (ret >= 0)
#endif
ret = wc_RsaSSL_Sign((const byte*)msg, msgLen, sig, sigLen, key, rng);
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
if (ret > 0) {
@ -641,13 +641,13 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
#ifdef WOLFSSL_ASYNC_CRYPT
/* Do blocking async calls here, caller does not support WC_PENDING_E */
do {
if (ret == WC_PENDING_E)
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
if (ret >= 0)
#endif
ret = wc_RsaSSL_VerifyInline(sig, sigLen, &plain, key);
#ifdef WOLFSSL_ASYNC_CRYPT
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
}
@ -1784,7 +1784,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
byte **output, byte padValue)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
word16 i;
if (output == NULL || pkcsBlockLen < 2 || pkcsBlockLen > 0xFFFF) {
@ -2773,7 +2773,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
#ifdef WOLFSSL_HAVE_SP_RSA
ret = RsaFunction_SP(in, inLen, out, outLen, type, key, rng);
if (ret != WC_KEY_SIZE_E)
if (ret != WC_NO_ERR_TRACE(WC_KEY_SIZE_E))
return ret;
#endif /* WOLFSSL_HAVE_SP_RSA */
@ -2927,7 +2927,7 @@ int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
key->dataLen = *outSz;
ret = wc_RsaFunction(in, inLen, out, &key->dataLen, type, key, rng);
if (ret >= 0 || ret == WC_PENDING_E) {
if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
key->state = (type == RSA_PRIVATE_ENCRYPT ||
type == RSA_PUBLIC_ENCRYPT) ? RSA_STATE_ENCRYPT_RES:
RSA_STATE_DECRYPT_RES;
@ -3125,12 +3125,12 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
{
ret = wc_CryptoCb_Rsa(in, inLen, out, outLen, type, key, rng);
#ifndef WOLF_CRYPTO_CB_ONLY_RSA
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable and try using software */
#endif
#ifdef WOLF_CRYPTO_CB_ONLY_RSA
if (ret == CRYPTOCB_UNAVAILABLE) {
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
return NO_VALID_DEVID;
}
return ret;
@ -3182,7 +3182,7 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
&& ret != FP_WOULDBLOCK
#endif
) {
if (ret == MP_EXPTMOD_E) {
if (ret == WC_NO_ERR_TRACE(MP_EXPTMOD_E)) {
/* This can happen due to incorrectly set FP_MAX_BITS or missing XREALLOC */
WOLFSSL_MSG("RSA_FUNCTION MP_EXPTMOD_E: memory/config problem");
}
@ -3319,7 +3319,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
/* SCE supports 1024 and 2048 bits */
ret = wc_CryptoCb_Rsa(in, inLen, out,
&outLen, rsa_type, key, rng);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code and try using software */
@ -3344,7 +3344,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
ret = wc_RsaFunction(out, (word32)sz, out, &key->dataLen, rsa_type, key,
rng);
if (ret >= 0 || ret == WC_PENDING_E) {
if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
key->state = RSA_STATE_ENCRYPT_RES;
}
if (ret < 0) {
@ -3404,7 +3404,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
byte* label, word32 labelSz, int saltLen,
WC_RNG* rng)
{
int ret = RSA_WRONG_TYPE_E;
int ret = WC_NO_ERR_TRACE(RSA_WRONG_TYPE_E);
byte* pad = NULL;
if (in == NULL || inLen == 0 || out == NULL || key == NULL) {
@ -3476,7 +3476,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Rsa(in, inLen, out,
&outLen, rsa_type, key, rng);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code and try using software */
@ -3525,7 +3525,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
rng, pad_type != WC_RSA_OAEP_PAD);
#endif
if (ret >= 0 || ret == WC_PENDING_E) {
if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
key->state = RSA_STATE_DECRYPT_UNPAD;
}
if (ret < 0) {
@ -4238,7 +4238,7 @@ int wc_RsaEncryptSize(const RsaKey* key)
#ifdef WOLF_CRYPTO_CB
if (ret == 0 && key->devId != INVALID_DEVID) {
if (wc_CryptoCb_RsaGetSize(key, &ret) == CRYPTOCB_UNAVAILABLE) {
if (wc_CryptoCb_RsaGetSize(key, &ret) == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
ret = 2048/8; /* hardware handles, use 2048-bit as default */
}
}
@ -4305,7 +4305,7 @@ int wc_RsaExportKey(RsaKey* key,
byte* d, word32* dSz, byte* p, word32* pSz,
byte* q, word32* qSz)
{
int ret = BAD_FUNC_ARG;
int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
if (key && e && eSz && n && nSz && d && dSz && p && pSz && q && qSz)
ret = 0;
@ -4766,12 +4766,12 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
err = wc_CryptoCb_MakeRsaKey(key, size, e, rng);
#ifndef WOLF_CRYPTO_CB_ONLY_RSA
if (err != CRYPTOCB_UNAVAILABLE)
if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
goto out;
/* fall-through when unavailable */
#endif
#ifdef WOLF_CRYPTO_CB_ONLY_RSA
if (err == CRYPTOCB_UNAVAILABLE)
if (err == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
err = NO_VALID_DEVID;
goto out;
}

32
wolfcrypt/src/sakke.c
View File

@ -327,14 +327,18 @@ static int sakke_load_base_point(SakkeKey* key)
static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
int map)
{
int err = NOT_COMPILED_IN;
int err;
#ifdef WOLFSSL_SP_1024
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
err = sp_ecc_mulmod_base_1024(n, res, map, key->heap);
}
else
#endif
{
err = NOT_COMPILED_IN;
}
return err;
}
@ -353,14 +357,18 @@ static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n,
const ecc_point* a, ecc_point* res, int map)
{
int err = NOT_COMPILED_IN;
int err;
#ifdef WOLFSSL_SP_1024
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
err = sp_ecc_mulmod_base_add_1024(n, a, 0, res, map, key->heap);
}
else
#endif
{
err = NOT_COMPILED_IN;
}
return err;
}
@ -440,7 +448,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
static int sakke_mulmod_point(SakkeKey* key, const mp_int* n,
const ecc_point* p, byte* table, ecc_point* res, int map)
{
int err = NOT_COMPILED_IN;
int err;
#ifdef WOLFSSL_SP_1024
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
@ -452,7 +460,11 @@ static int sakke_mulmod_point(SakkeKey* key, const mp_int* n,
err = sp_ecc_mulmod_table_1024(n, p, table, res, map, key->heap);
}
}
else
#endif
{
err = NOT_COMPILED_IN;
}
return err;
}
@ -1351,7 +1363,7 @@ int wc_GenerateSakkeRskTable(const SakkeKey* key, const ecc_point* rsk,
static int sakke_pairing(const SakkeKey* key, const ecc_point* p,
const ecc_point* q, mp_int* r, const byte* table, word32 len)
{
int err = NOT_COMPILED_IN;
int err;
#ifdef WOLFSSL_SP_1024
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
@ -1363,6 +1375,9 @@ static int sakke_pairing(const SakkeKey* key, const ecc_point* p,
err = sp_Pairing_precomp_1024(p, q, r, table, len);
}
}
else {
err = NOT_COMPILED_IN;
}
#else
(void)key;
(void)p;
@ -1370,6 +1385,7 @@ static int sakke_pairing(const SakkeKey* key, const ecc_point* p,
(void)r;
(void)table;
(void)len;
err = NOT_COMPILED_IN;
#endif
return err;
@ -2523,14 +2539,18 @@ int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz)
static int sakke_modexp(const SakkeKey* key, const mp_int* b, mp_int* e,
mp_int* r)
{
int err = NOT_COMPILED_IN;
int err;
#ifdef WOLFSSL_SP_1024
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
err = sp_ModExp_Fp_star_1024(b, e, r);
}
else
#endif
{
err = NOT_COMPILED_IN;
}
return err;
}
@ -6551,7 +6571,7 @@ int wc_SetSakkePointITable(SakkeKey* key, byte* table, word32 len)
#ifdef WOLFSSL_HAVE_SP_ECC
if (err == 0) {
err = sp_ecc_gen_table_1024(key->i.i, NULL, &sz, NULL);
if (err == LENGTH_ONLY_E) {
if (err == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
err = 0;
}
}

4
wolfcrypt/src/sha.c
View File

@ -606,7 +606,7 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
#ifdef WOLF_CRYPTO_CB
if (sha->devId != INVALID_DEVID) {
ret = wc_CryptoCb_ShaHash(sha, data, len, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
ret = 0; /* reset ret */
/* fall-through when unavailable */
@ -825,7 +825,7 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
#ifdef WOLF_CRYPTO_CB
if (sha->devId != INVALID_DEVID) {
ret = wc_CryptoCb_ShaHash(sha, NULL, 0, hash);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

4
wolfcrypt/src/sha256.c
View File

@ -1499,7 +1499,7 @@ static int InitSha256(wc_Sha256* sha256)
#endif
{
int ret = wc_CryptoCb_Sha256Hash(sha256, data, len, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -1700,7 +1700,7 @@ static int InitSha256(wc_Sha256* sha256)
#endif
{
ret = wc_CryptoCb_Sha256Hash(sha256, NULL, 0, hash);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

4
wolfcrypt/src/sha3.c
View File

@ -851,7 +851,7 @@ static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
/* QAT only supports SHA3_256 */
if (p == WC_SHA3_256_COUNT) {
ret = IntelQaSymSha3(&sha3->asyncDev, NULL, data, len);
if (ret != NOT_COMPILED_IN)
if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
return ret;
/* fall-through when unavailable */
}
@ -887,7 +887,7 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
/* QAT SHA-3 only supported on v2 (8970 or later cards) */
if (len == WC_SHA3_256_DIGEST_SIZE) {
ret = IntelQaSymSha3(&sha3->asyncDev, hash, NULL, len);
if (ret != NOT_COMPILED_IN)
if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
return ret;
/* fall-through when unavailable */
}

8
wolfcrypt/src/sha512.c
View File

@ -1126,7 +1126,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
#endif
{
int ret = wc_CryptoCb_Sha512Hash(sha512, data, len, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -1358,7 +1358,7 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, size_t digestSz,
{
byte localHash[WC_SHA512_DIGEST_SIZE];
ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, localHash);
if (ret != CRYPTOCB_UNAVAILABLE) {
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
XMEMCPY(hash, localHash, digestSz);
return ret;
}
@ -1631,7 +1631,7 @@ int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
#endif
{
int ret = wc_CryptoCb_Sha384Hash(sha384, data, len, NULL);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}
@ -1683,7 +1683,7 @@ int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
#endif
{
ret = wc_CryptoCb_Sha384Hash(sha384, NULL, 0, hash);
if (ret != CRYPTOCB_UNAVAILABLE)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
}

8
wolfcrypt/src/signature.c
View File

@ -169,7 +169,7 @@ int wc_SignatureVerifyHash(
if (ret >= 0)
ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len,
&is_valid_sig, (ecc_key*)key);
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
if (ret != 0 || is_valid_sig != 1) {
ret = SIG_VERIFY_E;
}
@ -226,7 +226,7 @@ int wc_SignatureVerifyHash(
#endif
if (ret >= 0)
ret = wc_RsaSSL_VerifyInline(plain_data, sig_len, &plain_ptr, (RsaKey*)key);
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
if (ret >= 0 && plain_ptr) {
if ((word32)ret == hash_len &&
XMEMCMP(plain_ptr, hash_data, hash_len) == 0) {
@ -395,7 +395,7 @@ int wc_SignatureGenerateHash_ex(
if (ret >= 0)
ret = wc_ecc_sign_hash(hash_data, hash_len, sig, sig_len,
rng, (ecc_key*)key);
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#else
ret = SIG_TYPE_E;
#endif
@ -426,7 +426,7 @@ int wc_SignatureGenerateHash_ex(
if (ret >= 0)
ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
(RsaKey*)key, rng);
} while (ret == WC_PENDING_E);
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif /* WOLFSSL_CRYPTOCELL */
if (ret >= 0) {
*sig_len = (word32)ret;

10
wolfcrypt/src/srp.c
View File

@ -908,27 +908,27 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
if (digest)
XFREE(digest, srp->heap, DYNAMIC_TYPE_SRP);
if (u) {
if (r != MP_INIT_E)
if (r != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(u);
XFREE(u, srp->heap, DYNAMIC_TYPE_SRP);
}
if (s) {
if (r != MP_INIT_E)
if (r != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(s);
XFREE(s, srp->heap, DYNAMIC_TYPE_SRP);
}
if (temp1) {
if (r != MP_INIT_E)
if (r != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(temp1);
XFREE(temp1, srp->heap, DYNAMIC_TYPE_SRP);
}
if (temp2) {
if (r != MP_INIT_E)
if (r != WC_NO_ERR_TRACE(MP_INIT_E))
mp_clear(temp2);
XFREE(temp2, srp->heap, DYNAMIC_TYPE_SRP);
}
#else
if (r != MP_INIT_E) {
if (r != WC_NO_ERR_TRACE(MP_INIT_E)) {
mp_clear(u);
mp_clear(s);
mp_clear(temp1);

4
wolfcrypt/src/wc_encrypt.c
View File

@ -244,7 +244,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz,
const byte* password, int passwordSz, int hashType)
{
int ret = NOT_COMPILED_IN;
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
#ifdef WOLFSSL_SMALL_STACK
byte* key = NULL;
#else
@ -318,7 +318,7 @@ int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz,
int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz,
const byte* password, int passwordSz, int hashType)
{
int ret = NOT_COMPILED_IN;
int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
#ifdef WOLFSSL_SMALL_STACK
byte* key = NULL;
#else

16
wolfcrypt/src/wc_pkcs11.c
View File

@ -1355,7 +1355,7 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
int keyType;
ret = Pkcs11HmacTypes(hmac->macType, &mechType, &keyType);
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
break;
if (ret == 0)
@ -1367,7 +1367,7 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
(unsigned char*)hmac->id,
hmac->idLen, hmac->label,
hmac->labelLen, CKA_SIGN);
if (ret == WC_HW_E) {
if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
ret = Pkcs11CreateSecretKey(&privKey, &session,
CKK_GENERIC_SECRET,
(unsigned char*)hmac->keyRaw,
@ -1414,7 +1414,7 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
}
}
#endif
if (ret == 0 || ret == NOT_COMPILED_IN) {
if (ret == 0 || ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
/* Try ECDSA mechanism next. */
ret2 = Pkcs11MechAvail(&session, CKM_ECDSA);
if (ret2 == 0) {
@ -1428,7 +1428,7 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
}
}
/* OK for this to fail if set for ECDH. */
if (ret == NOT_COMPILED_IN)
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
ret = ret2;
}
if (ret == 0 && clear)
@ -2514,7 +2514,7 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
PRIVATE_KEY_UNLOCK();
ret = wc_ecc_export_x963(info->pk.ecdh.public_key, NULL, &pointLen);
PRIVATE_KEY_LOCK();
if (ret == LENGTH_ONLY_E) {
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
point = (unsigned char*)XMALLOC(pointLen,
info->pk.ecdh.public_key->heap,
DYNAMIC_TYPE_ECC_BUFFER);
@ -3604,7 +3604,7 @@ static int Pkcs11Hmac(Pkcs11Session* session, wc_CryptoInfo* info)
ret = Pkcs11CreateSecretKey(&key, session, keyType,
(unsigned char*)hmac->keyRaw, hmac->keyLen,
NULL, 0, NULL, 0, CKA_SIGN);
if (ret == WC_HW_E) {
if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
ret = Pkcs11CreateSecretKey(&key, session, CKK_GENERIC_SECRET,
(unsigned char*)hmac->keyRaw, hmac->keyLen,
NULL, 0, NULL, 0, CKA_SIGN);
@ -3614,7 +3614,7 @@ static int Pkcs11Hmac(Pkcs11Session* session, wc_CryptoInfo* info)
else if (ret == 0 && hmac->labelLen != 0) {
ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, keyType, session,
hmac->label, hmac->labelLen);
if (ret == WC_HW_E) {
if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY,
CKK_GENERIC_SECRET, session,
hmac->label, hmac->labelLen);
@ -3623,7 +3623,7 @@ static int Pkcs11Hmac(Pkcs11Session* session, wc_CryptoInfo* info)
else if (ret == 0) {
ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, keyType, session,
hmac->id, hmac->idLen);
if (ret == WC_HW_E) {
if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY,
CKK_GENERIC_SECRET, session, hmac->id,
hmac->idLen);

11
wolfcrypt/src/wc_port.c
View File

@ -1303,7 +1303,7 @@ int wolfSSL_CryptHwMutexInit(void)
}
int wolfSSL_CryptHwMutexLock(void)
{
int ret = BAD_MUTEX_E;
int ret;
/* Make sure HW Mutex has been initialized */
ret = wolfSSL_CryptHwMutexInit();
if (ret == 0) {
@ -1313,11 +1313,12 @@ int wolfSSL_CryptHwMutexLock(void)
}
int wolfSSL_CryptHwMutexUnLock(void)
{
int ret = BAD_MUTEX_E;
if (wcCryptHwMutexInit) {
ret = wc_UnLockMutex(&wcCryptHwMutex);
return wc_UnLockMutex(&wcCryptHwMutex);
}
else {
return BAD_MUTEX_E;
}
return ret;
}
#endif /* WOLFSSL_CRYPT_HW_MUTEX */
@ -1699,7 +1700,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
int maxq_CryptHwMutexTryLock()
{
int ret = BAD_MUTEX_E;
int ret;
/* Make sure HW Mutex has been initialized */
ret = wolfSSL_CryptHwMutexInit();
if (ret == 0) {

10
wolfcrypt/src/wc_xmss.c
View File

@ -385,10 +385,11 @@ static const wc_XmssString wc_xmss_alg[] = {
static int wc_xmss_str_to_params(const char *s, word32* oid,
const XmssParams** params)
{
int ret = NOT_COMPILED_IN;
int ret;
#if WOLFSSL_XMSS_MIN_HEIGHT <= 20
unsigned int i;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
for (i = 0; i < WC_XMSS_ALG_LEN; i++) {
if (XSTRCMP(s, wc_xmss_alg[i].str) == 0) {
*oid = wc_xmss_alg[i].oid;
@ -401,6 +402,7 @@ static int wc_xmss_str_to_params(const char *s, word32* oid,
(void)s;
(void)oid;
(void)params;
ret = NOT_COMPILED_IN;
#endif
return ret;
@ -612,10 +614,11 @@ static const wc_XmssString wc_xmssmt_alg[] = {
static int wc_xmssmt_str_to_params(const char *s, word32* oid,
const XmssParams** params)
{
int ret = NOT_COMPILED_IN;
int ret;
#if WOLFSSL_XMSS_MAX_HEIGHT >= 20
unsigned int i;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
for (i = 0; i < WC_XMSSMT_ALG_LEN; i++) {
if (XSTRCMP(s, wc_xmssmt_alg[i].str) == 0) {
*oid = wc_xmssmt_alg[i].oid;
@ -628,6 +631,7 @@ static int wc_xmssmt_str_to_params(const char *s, word32* oid,
(void)s;
(void)oid;
(void)params;
ret = NOT_COMPILED_IN;
#endif
return ret;
@ -756,7 +760,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig,
#else
ret = wc_xmssmt_sign(state, msg, msgLen, key->sk, sig);
#endif
if (ret == KEY_EXHAUSTED_E) {
if (ret == WC_NO_ERR_TRACE(KEY_EXHAUSTED_E)) {
/* Signature space exhausted. */
key->state = WC_XMSS_STATE_NOSIGS;
WOLFSSL_MSG("error: no XMSS signatures remaining");

2
wolfcrypt/src/wolfevent.c
View File

@ -55,7 +55,7 @@ int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context)
int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags)
{
int ret = BAD_COND_E;
int ret = WC_NO_ERR_TRACE(BAD_COND_E);
/* Check hardware */
#ifdef WOLFSSL_ASYNC_CRYPT

7
wolfssl/error-ssl.h
View File

@ -30,6 +30,10 @@
extern "C" {
#endif
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H
#include <wolfssl/debug-untrace-error-codes.h>
#endif
enum wolfSSL_ErrorCodes {
INPUT_CASE_ERROR = -301, /* process input state error */
PREFIX_ERROR = -302, /* bad index to key rounds */
@ -211,6 +215,9 @@ enum wolfSSL_ErrorCodes {
WOLFSSL_LOCAL
void SetErrorString(int err, char* buff);
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
#include <wolfssl/debug-trace-error-codes.h>
#endif
#ifdef __cplusplus
} /* extern "C" */

6
wolfssl/include.am
View File

@ -31,3 +31,9 @@ noinst_HEADERS+= wolfssl/options.h
else
nobase_include_HEADERS+= wolfssl/options.h
endif
wolfssl/debug-trace-error-codes.h wolfssl/debug-untrace-error-codes.h: wolfssl/wolfcrypt/error-crypt.h wolfssl/error-ssl.h
@support/gen-debug-trace-error-codes.sh
DISTCLEANFILES += wolfssl/debug-trace-error-codes.h \
wolfssl/debug-untrace-error-codes.h

16
wolfssl/wolfcrypt/error-crypt.h
View File

@ -294,6 +294,22 @@ WOLFSSL_API void wc_ErrorString(int err, char* buff);
WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error);
#endif
#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && !defined(BUILDING_WOLFSSL)
#undef WOLFSSL_DEBUG_TRACE_ERROR_CODES
#endif
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
#define WC_NO_ERR_TRACE(label) (CONST_NUM_ERR_ ## label)
#ifndef WC_ERR_TRACE
#define WC_ERR_TRACE(label) \
( fprintf(stderr, \
"ERR TRACE: %s L %d " #label " (%d)\n", \
__FILE__, __LINE__, label), label)
#endif
#include <wolfssl/debug-trace-error-codes.h>
#else
#define WC_NO_ERR_TRACE(label) (label)
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif