Merge pull request #3236 from dgarske/retcheck

Various fixes and improvements (return codes, build warns and func doc)

IDE/Renesas/e2studio/RA6M3/server-wolfssl/src/wolfssl_thread_entry.c

@@ -142,7 +142,6 @@ void wolfssl_thread_entry(void *pvParameters) {
         }
         memset(buff, 0, sizeof(buff));
         ret = wolfSSL_read(ssl, buff, sizeof(buff) - 1);
-
         if (ret < 0)
             break;
 
@@ -156,6 +155,8 @@ void wolfssl_thread_entry(void *pvParameters) {
 
         /* Reply back to the client */
         ret = wolfSSL_write(ssl, buff, (int) strlen(buff));
+        if (ret < 0)
+            break;
 
         /* Cleanup after this connection */
         util_Cleanup(xConnectedSocket, ctx, ssl);

configure.ac

@@ -184,6 +184,7 @@ then
     enable_compkey=yes
     enable_curve25519=yes
     enable_curve448=yes
+    enable_ed448=yes
     enable_ed25519=yes
     enable_fpecc=yes
     enable_eccencrypt=yes

src/internal.c

@@ -17642,7 +17642,8 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
     if (ssl->earlyData != no_early_data) {
         if (ssl->options.handShakeState == HANDSHAKE_DONE) {
             WOLFSSL_MSG("handshake complete, trying to send early data");
-            return BUILD_MSG_ERROR;
+            ssl->error = BUILD_MSG_ERROR;
+            return WOLFSSL_FATAL_ERROR;
         }
     #ifdef WOLFSSL_EARLY_DATA_GROUP
         groupMsgs = 1;
@@ -17830,7 +17831,7 @@ int ReceiveData(WOLFSSL* ssl, byte* output, int sz, int peek)
                 return WOLFSSL_CBIO_ERR_WANT_READ;
             }
         #endif
-            return  err;
+            return err;
         }
     }
 
@@ -17840,7 +17841,7 @@ startScr:
         int err;
         WOLFSSL_MSG("Need to start scr, server requested");
         if ( (err = wolfSSL_Rehandshake(ssl)) != WOLFSSL_SUCCESS)
-            return  err;
+            return err;
         ssl->secure_renegotiation->startScr = 0;  /* only start once */
     }
 #endif
@@ -17850,14 +17851,14 @@ startScr:
             WOLFSSL_ERROR(ssl->error);
             if (ssl->error == ZERO_RETURN) {
                 WOLFSSL_MSG("Zero return, no more data coming");
-                return 0;         /* no more data coming */
+                return 0; /* no more data coming */
             }
             if (ssl->error == SOCKET_ERROR_E) {
                 if (ssl->options.connReset || ssl->options.isClosed) {
                     WOLFSSL_MSG("Peer reset or closed, connection done");
                     ssl->error = SOCKET_PEER_CLOSED_E;
                     WOLFSSL_ERROR(ssl->error);
-                    return 0;     /* peer reset or closed */
+                    return 0; /* peer reset or closed */
                 }
             }
             return ssl->error;

src/ssl.c

@@ -6309,7 +6309,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
         return WOLFSSL_SUCCESS;
 
 #ifdef WOLFSSL_SMALL_STACK
-    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, DYNAMIC_TYPE_DCERT);
     if (cert == NULL)
         return MEMORY_E;
 #endif
@@ -6325,7 +6325,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
 
     FreeDecodedCert(cert);
 #ifdef WOLFSSL_SMALL_STACK
-    XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
+    XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
 #endif
 
     return ret == 0 ? WOLFSSL_SUCCESS : ret;
@@ -25721,6 +25721,11 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp,
     return WOLFSSL_FAILURE;
 }
 
+/* Returns object data for an ASN1_OBJECT */
+/* If pp is NULL then only the size is returned */
+/* If pp has pointer to pointer then its used directly */
+/* If pp has pointer to pointer that is NULL then new variable is allocated */
+/* Failure returns WOLFSSL_FAILURE (0) */
 int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp)
 {
     byte *p;

wolfcrypt/benchmark/benchmark.c

@@ -5428,6 +5428,13 @@ exit:
     FREE_ARRAY(sig, BENCH_MAX_PENDING, HEAP_HINT);
     FREE_ARRAY(digest, BENCH_MAX_PENDING, HEAP_HINT);
 #endif
+
+    (void)pending;
+    (void)x;
+    (void)count;
+    (void)times;
+    (void)desc;
+    (void)start;
 }
 
 

wolfcrypt/src/ed448.c

@@ -837,7 +837,7 @@ int wc_ed448_check_key(ed448_key* key)
         ret = BAD_FUNC_ARG;
     }
 
-    if (!key->pubKeySet) {
+    if (ret == 0 && !key->pubKeySet) {
         ret = PUBLIC_KEY_E;
     }
     if (ret == 0) {

wolfcrypt/test/test.c

@@ -18360,6 +18360,11 @@ static int ecc_test_make_pub(WC_RNG* rng)
     XFILE file;
 #endif
 
+    (void)msg;
+    (void)verify;
+    (void)exportBuf;
+    (void)rng;
+
     wc_ecc_init_ex(&key, HEAP_HINT, devId);
 
 #ifndef NO_ECC256
@@ -20604,7 +20609,7 @@ static int ecc_test_nonblock(WC_RNG* rng)
 int ecc_test(void)
 {
     int ret;
-    WC_RNG  rng;
+    WC_RNG rng;
 
 #ifdef WOLFSSL_CERT_EXT
     ret = ecc_decode_test();
@@ -20617,8 +20622,10 @@ int ecc_test(void)
 #else
     ret = wc_InitRng(&rng);
 #endif
+#ifndef WC_NO_RNG
     if (ret != 0)
         return -9900;
+#endif
 
 #if defined(HAVE_ECC112) || defined(HAVE_ALL_CURVES)
     ret = ecc_test_curve(&rng, 14);
@@ -20935,7 +20942,8 @@ done:
 #endif /* HAVE_ECC_ENCRYPT */
 
 #if defined(USE_CERT_BUFFERS_256) && !defined(WOLFSSL_ATECC508A) && \
-    !defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256)
+    !defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
+    defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN)
 int ecc_test_buffers(void) {
     size_t bytes;
     ecc_key cliKey;

wolfssl/wolfcrypt/random.h

@@ -219,7 +219,7 @@ WOLFSSL_API int  wc_FreeRng(WC_RNG*);
 #define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN
 #define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN
 #define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN
-#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN
+#define wc_RNG_GenerateBlock(rng, b, s) ({(void)rng; (void)b; (void)s; NOT_COMPILED_IN;})
 #define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN
 #define wc_FreeRng(rng) (void)NOT_COMPILED_IN
 #endif