diff --git a/.github/workflows/build_all_apps.yml b/.github/workflows/build_all_apps.yml index 2faef6792..9b5ffdc83 100644 --- a/.github/workflows/build_all_apps.yml +++ b/.github/workflows/build_all_apps.yml @@ -128,9 +128,7 @@ env: \"app-terra\", \"app-symbol\", \"app-arweave\", -\"app-ravencoin\", \"app-vechain\", -\"app-avalanche-legacy\", \"app-decred\", \"app-cryptocom\", \"app-icp\", diff --git a/Makefile.app_params b/Makefile.app_params new file mode 100644 index 000000000..c2fe0fe83 --- /dev/null +++ b/Makefile.app_params @@ -0,0 +1,121 @@ +#******************************************************************************* +# Ledger SDK +# (c) 2023 Ledger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#******************************************************************************* + +# Command to print ICONNAME hexadecimal bitmap on stdout +# according to the hardware target. +ifeq ($(TARGET_NAME),TARGET_STAX) +ICONHEX_CMD=python3 $(BOLOS_SDK)/lib_nbgl/tools/icon2glyph.py --hexbitmaponly $(ICONNAME) +else +ICONHEX_CMD=python3 $(BOLOS_SDK)/icon3.py --hexbitmaponly $(ICONNAME) +endif + + +######################################### +# Parse APP_LOAD_PARAMS # +######################################### +# This is necessary when makefile.standard_app is not completely used. +# Correctly implemented apps should not set anything in APP_LOAD_PARAMS anymore +# Potential presents info are: +# --appFlags +# --curve +# --path +# --path_slip21 +# --tlvraw +# --dep +# --nocrc +# Other info are considered an error and will be silently discarded. + +ifneq ($(APP_LOAD_PARAMS),) + EXTRACTED_APP_FLAGS := $(shell python3 $(BOLOS_SDK)/extract_param.py --appFlags $(APP_LOAD_PARAMS)) + APP_FLAGS_APP_LOAD_PARAMS += $(EXTRACTED_APP_FLAGS) + + EXTRACTED_CURVE := $(shell python3 $(BOLOS_SDK)/extract_param.py --curve $(APP_LOAD_PARAMS)) + CURVE_APP_LOAD_PARAMS += $(EXTRACTED_CURVE) + + EXTRACTED_PATH := $(shell python3 $(BOLOS_SDK)/extract_param.py --path $(APP_LOAD_PARAMS)) + PATH_APP_LOAD_PARAMS += $(EXTRACTED_PATH) + + EXTRACTED_PATH_SLIP21 := $(shell python3 $(BOLOS_SDK)/extract_param.py --path_slip21 $(APP_LOAD_PARAMS)) + PATH_SLIP21_APP_LOAD_PARAMS += $(EXTRACTED_PATH_SLIP21) + + EXTRACTED_TLVRAW := $(shell python3 $(BOLOS_SDK)/extract_param.py --tlvraw $(APP_LOAD_PARAMS)) + TLVRAW_APP_LOAD_PARAMS += $(EXTRACTED_TLVRAW) + + EXTRACTED_DEP := $(shell python3 $(BOLOS_SDK)/extract_param.py --dep $(APP_LOAD_PARAMS)) + DEP_APP_LOAD_PARAMS += $(EXTRACTED_DEP) + + ifneq ($(findstring --nocrc,$(APP_LOAD_PARAMS)),) + ENABLE_NOCRC_APP_LOAD_PARAMS = 1 + endif +endif + + +######################################### +# Generate install_params # +######################################### +# Compute params to call install_params.py +# Consider only one path_slip21 can be added, whereas LedgerBlue seems to +# support multiple, but has the path can hold a " " in it, it mess with the +# foreach, so we choose to restrict to only one path_slip21. +APP_INSTALL_PARAMS = --appName $(APPNAME) +APP_INSTALL_PARAMS += --appVersion $(APPVERSION) +APP_INSTALL_PARAMS += `ICONHEX=\`$(ICONHEX_CMD) 2>/dev/null\` ; [ ! -z "$$ICONHEX" ] && echo "--icon $$ICONHEX"` +APP_INSTALL_PARAMS += $(foreach curve, $(CURVE_APP_LOAD_PARAMS), --curve $(curve)) +APP_INSTALL_PARAMS += $(foreach path, $(PATH_APP_LOAD_PARAMS), --path $(path)) +ifneq ($(PATH_SLIP21_APP_LOAD_PARAMS),) + APP_INSTALL_PARAMS += --path_slip21 $(PATH_SLIP21_APP_LOAD_PARAMS) +endif +APP_INSTALL_PARAMS += $(foreach tlvraw, $(TLVRAW_APP_LOAD_PARAMS), --tlvraw $(tlvraw)) +APP_INSTALL_PARAMS += $(foreach dep, $(DEP_APP_LOAD_PARAMS), --dep $(dep)) + +# Compute install_params tlv binary blob then expose it via a define to +# src/app_metadata.c so that it is inserted in the binary at link time +APP_INSTALL_PARAMS_DATA := $(shell python3 $(BOLOS_SDK)/install_params.py $(APP_INSTALL_PARAMS)) +DEFINES += APP_INSTALL_PARAMS_DATA=$(APP_INSTALL_PARAMS_DATA) + +######################################### +# Generate APP_LOAD_PARAMS # +######################################### +# Rewrite APP_LOAD_PARAMS with params needed for generating the sideloading +# APDUs. +# This variable is then used in some Makefiles target as Ledgerblue.loadapp +# script parameters. +APP_LOAD_PARAMS = --targetId $(TARGET_ID) +APP_LOAD_PARAMS += --targetVersion="$(TARGET_VERSION)" +APP_LOAD_PARAMS += --apiLevel $(API_LEVEL) +APP_LOAD_PARAMS += --fileName bin/app.hex +APP_LOAD_PARAMS += --appName $(APPNAME) +ifneq ($(APP_FLAGS_APP_LOAD_PARAMS),) + APP_LOAD_PARAMS += --appFlags $(APP_FLAGS_APP_LOAD_PARAMS) +endif +APP_LOAD_PARAMS += --delete +APP_LOAD_PARAMS += --tlv +APP_LOAD_PARAMS += --dataSize $$((0x`cat debug/app.map | grep _envram_data | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x' ` - 0x`cat debug/app.map | grep _nvram_data | tr -s ' ' | cut -f2 -d' ' | cut -f2 -d'x'`)) +APP_LOAD_PARAMS += --installparamsSize $$((0x`cat debug/app.map | grep _einstall_parameters | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x'` - 0x`cat debug/app.map | grep _install_parameters | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x'`)) + +ifeq ($(ENABLE_NOCRC_APP_LOAD_PARAMS), 1) + APP_LOAD_PARAMS += --nocrc +endif + +COMMON_DELETE_PARAMS = --targetId $(TARGET_ID) --appName $(APPNAME) + +# Extra load parameters for loadApp script +ifneq ($(SCP_PRIVKEY),) + PARAM_SCP += --rootPrivateKey $(SCP_PRIVKEY) + APP_LOAD_PARAMS += $(PARAM_SCP) + COMMON_DELETE_PARAMS += $(PARAM_SCP) +endif diff --git a/Makefile.defines b/Makefile.defines index 7e6611bde..d056522fc 100644 --- a/Makefile.defines +++ b/Makefile.defines @@ -43,26 +43,17 @@ endif ifeq ($(SDK_HASH),) SDK_HASH := "None" endif -# Expose API_LEVEL, SDK_VERSION and SDK_HASH to the app. -DEFINES += API_LEVEL=$(API_LEVEL) -DEFINES += SDK_VERSION=\"$(SDK_VERSION)\" -DEFINES += SDK_HASH=\"$(SDK_HASH)\" -# extra load parameters for loadApp script -ifneq ($(SCP_PRIVKEY),) -PARAM_SCP+=--rootPrivateKey $(SCP_PRIVKEY) -endif +# APPNAME exposed to the app as a CFLAG because it might contain spaces +CFLAGS += -DAPPNAME=\"$(APPNAME)\" -# Command to print ICONNAME hexadecimal bitmap on stdout -# according to the hardware target. -ifeq ($(TARGET_NAME),TARGET_STAX) -ICONHEX_CMD=python3 $(BOLOS_SDK)/lib_nbgl/tools/icon2glyph.py --hexbitmaponly $(ICONNAME) -else -ICONHEX_CMD=python3 $(BOLOS_SDK)/icon3.py --hexbitmaponly $(ICONNAME) -endif +# API_LEVEL exposed to the app as an integer +DEFINES += API_LEVEL=$(API_LEVEL) -COMMON_LOAD_PARAMS=--tlv --targetId $(TARGET_ID) --targetVersion="$(TARGET_VERSION)" --apiLevel $(API_LEVEL) --delete --fileName bin/app.hex --appName $(APPNAME) --appVersion $(APPVERSION) --dataSize $$((0x`cat debug/app.map |grep _envram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'` - 0x`cat debug/app.map |grep _nvram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'`)) `ICONHEX=\`$(ICONHEX_CMD) 2>/dev/null\` ; [ ! -z "$$ICONHEX" ] && echo "--icon $$ICONHEX"` $(PARAM_SCP) -COMMON_DELETE_PARAMS=--targetId $(TARGET_ID) --appName $(APPNAME) $(PARAM_SCP) +# Define list of other items to be exposed to the app as strings +# TARGET_ID is not in this list: it is already defined in bolos_target.h. +APP_METADATA_LIST := TARGET TARGET_NAME APPVERSION SDK_NAME SDK_VERSION SDK_HASH +DEFINES += $(foreach item,$(APP_METADATA_LIST), $(item)=\"$($(item))\") BUILD_DIR := build TARGET_BUILD_DIR := $(BUILD_DIR)/$(TARGET) @@ -172,8 +163,8 @@ LDFLAGS += -L$(BOLOS_SDK)/arch/st33k1/lib/ AFLAGS += -mcpu=cortex-m35p+nodsp -mthumb endif -NO_UI ?= 0 -ifeq ($(NO_UI), 0) +DISABLE_UI ?= 0 +ifeq ($(DISABLE_UI),0) ifeq ($(TARGET_NAME),TARGET_STAX) DEFINES += HAVE_BAGL_FONT_INTER_REGULAR_24PX DEFINES += HAVE_BAGL_FONT_INTER_SEMIBOLD_24PX diff --git a/Makefile.rules b/Makefile.rules index 5d06dc155..ed8f8db51 100644 --- a/Makefile.rules +++ b/Makefile.rules @@ -16,14 +16,12 @@ #******************************************************************************* # temporary redef, to ensure wider compliance of the SDK with pre-1.6 apps -ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOS TARGET_NANOX TARGET_NANOS2)) -ifeq ($(NO_UI), 0) -SDK_SOURCE_PATH += lib_bagl lib_ux -endif -else ifeq ($(TARGET_NAME),TARGET_STAX) -ifeq ($(NO_UI), 0) -SDK_SOURCE_PATH += lib_nbgl lib_ux_stax -endif +ifeq ($(DISABLE_UI),0) + ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOS TARGET_NANOX TARGET_NANOS2)) + SDK_SOURCE_PATH += lib_bagl lib_ux + else ifeq ($(TARGET_NAME),TARGET_STAX) + SDK_SOURCE_PATH += lib_nbgl lib_ux_stax + endif endif # adding the correct target header to sources diff --git a/Makefile.rules_generic b/Makefile.rules_generic index d5300fc6f..598a53d45 100644 --- a/Makefile.rules_generic +++ b/Makefile.rules_generic @@ -15,6 +15,10 @@ # limitations under the License. #******************************************************************************* +# Include Makefile.app_params here so that it is: +# - included on all apps Makefile, without changing them +# - included after apps Makefile changes on APP_LOAD_PARAMS +include $(BOLOS_SDK)/Makefile.app_params # consider every intermediate target as final to avoid deleting intermediate files .SECONDARY: @@ -88,7 +92,14 @@ $(OBJ_DIR)/%.o: %.S $(BUILD_DEPENDENCIES) prepare @echo "[AS] $@" $(L)$(call as_cmdline,$(INCLUDES_PATH), $(DEFINES),$<,$@) -ifeq ($(SCRIPT_LD),) +ifeq (,$(filter $(DEFINES),BOLOS_OS_UPGRADER_APP)) +ifneq ($(SCRIPT_LD),) +ifneq ($(ENABLE_SDK_WERROR),0) +$(error Deprecated SCRIPT_LD setting) +else +$(warning Deprecated SCRIPT_LD setting) +endif +endif LDFLAGS += -L$(BOLOS_SDK)/target/$(TARGET) ifeq ($(IS_PLUGIN),) SCRIPT_LD := $(BOLOS_SDK)/target/$(TARGET)/script.ld @@ -96,8 +107,6 @@ else SCRIPT_LD := $(BOLOS_SDK)/target/$(TARGET)/plugin_script.ld $(info Using plugin link script: $(SCRIPT_LD)) endif -else -$(info Using custom link script: $(SCRIPT_LD)) endif LDFLAGS += -T$(SCRIPT_LD) @@ -111,15 +120,6 @@ $(BIN_DIR)/app.elf: $(LINK_DEPENDENCIES) $(L)$(call link_cmdline,$(OBJECT_FILES) $(LDLIBS),$(BIN_DIR)/app.elf) $(L)$(GCCPATH)arm-none-eabi-objcopy -O ihex -S $(BIN_DIR)/app.elf $(BIN_DIR)/app.hex $(L)$(GCCPATH)arm-none-eabi-objdump -S -d $(BIN_DIR)/app.elf > $(DBG_DIR)/app.asm - $(L)$(call objcopy_add_section_cmdline,$(TARGET), ledger.target) - $(L)$(call objcopy_add_section_cmdline,$(TARGET_NAME), ledger.target_name) - $(L)$(call objcopy_add_section_cmdline,$(TARGET_ID), ledger.target_id) - $(L)$(call objcopy_add_section_cmdline,$(APPNAME), ledger.app_name) - $(L)$(call objcopy_add_section_cmdline,$(APPVERSION), ledger.app_version) - $(L)$(call objcopy_add_section_cmdline,$(API_LEVEL), ledger.api_level) - $(L)$(call objcopy_add_section_cmdline,$(SDK_NAME), ledger.sdk_name) - $(L)$(call objcopy_add_section_cmdline,$(SDK_VERSION), ledger.sdk_version) - $(L)$(call objcopy_add_section_cmdline,$(SDK_HASH), ledger.sdk_hash) # This targets are generated along $(OBJ_DIR)/app.elf but we can't make them co-target # otherwise building with `make -j` fails due to multiple threads running simultaneously @@ -151,7 +151,14 @@ debug/app.map debug/app.asm: debug/app.%: $(DBG_DIR)/app.% # link_cmdline(objects,dest) Macro that is used to format arguments for the linker link_cmdline = $(LD) $(LDFLAGS) -o $(2) $(1) ifneq ($(APP_STACK_SIZE),) -link_cmdline += -Wl,--defsym=stack_size=$(APP_STACK_SIZE) +ifneq ($(ENABLE_SDK_WERROR),0) +$(error Deprecated APP_STACK_SIZE define, use APP_STACK_MIN_SIZE if really needed) +else +$(warning Deprecated APP_STACK_SIZE define, use APP_STACK_MIN_SIZE if really needed) +endif +endif +ifneq ($(APP_STACK_MIN_SIZE),) +link_cmdline += -Wl,--defsym=stack_min_size=$(APP_STACK_MIN_SIZE) endif # cc_cmdline(include,defines,src,dest) Macro that is used to format arguments for the compiler @@ -160,14 +167,6 @@ cc_cmdline = $(CC) -c $(CFLAGS) -MMD -MT $(OBJ_DIR)/$(basename $(notdir $(4))).o as_cmdline = $(AS) -c $(AFLAGS) $(addprefix -D,$(2)) $(addprefix -I,$(1)) -o $(4) $(3) -# objcopy_add_section_cmdline(data,section_name) -TMPFILE := $(shell mktemp) -objcopy_add_section_cmdline = echo $(1) > $(TMPFILE) && \ - $(GCCPATH)arm-none-eabi-objcopy --add-section $(2)="$(TMPFILE)" \ - --set-section-flags $(2)=noload,readonly \ - $(BIN_DIR)/app.elf $(BIN_DIR)/app.elf && \ - rm $(TMPFILE) - ### END GCC COMPILER RULES # Run Clang Static Analyzer diff --git a/Makefile.standard_app b/Makefile.standard_app index 573e41cd6..dc41951c9 100644 --- a/Makefile.standard_app +++ b/Makefile.standard_app @@ -56,6 +56,13 @@ ifneq ($(DEBUG), 0) else DEFINES += PRINTF=mcu_usb_printf endif + ifneq ($(DISABLE_DEBUG_LEDGER_ASSERT), 1) + DEFINES += HAVE_LEDGER_ASSERT_DISPLAY + DEFINES += LEDGER_ASSERT_CONFIG_FILE_INFO + endif + ifneq ($(DISABLE_DEBUG_THROW), 1) + DEFINES += HAVE_DEBUG_THROWS + endif else DEFINES += PRINTF\(...\)= endif @@ -75,9 +82,6 @@ endif # STANDARD DEFINES # ##################################################################### DEFINES += $(DEFINES_LIB) -# Added directly as a CFLAG because it might contain spaces -CFLAGS += -DAPPNAME=\"$(APPNAME)\" -DEFINES += APPVERSION=\"$(APPVERSION)\" DEFINES += MAJOR_VERSION=$(APPVERSION_M) MINOR_VERSION=$(APPVERSION_N) PATCH_VERSION=$(APPVERSION_P) DEFINES += IO_HID_EP_LENGTH=64 @@ -86,20 +90,13 @@ ifeq ($(DISABLE_STANDARD_APP_DEFINES), 1) DISABLE_STANDARD_USB = 1 DISABLE_STANDARD_WEBUSB = 1 DISABLE_STANDARD_BAGL_UX_FLOW = 1 + DISABLE_STANDARD_SEPROXYHAL = 1 endif ifneq ($(DISABLE_STANDARD_SNPRINTF), 1) DEFINES += HAVE_SPRINTF HAVE_SNPRINTF_FORMAT_U endif -ifneq ($(DEBUG), 0) - # Since the PRINTF implementation uses the USB code - ifneq ($(TARGET_NAME),TARGET_NANOS) - DISABLE_STANDARD_USB = 0 - endif - DISABLE_SEPROXYHAL = 0 -endif - ifneq ($(DISABLE_STANDARD_USB), 1) DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=4 HAVE_USB_APDU DEFINES += USB_SEGMENT_SIZE=64 @@ -119,7 +116,7 @@ ifneq ($(TARGET_NAME), TARGET_STAX) endif endif -ifneq ($(DISABLE_SEPROXYHAL), 1) +ifneq ($(DISABLE_STANDARD_SEPROXYHAL), 1) DEFINES += OS_IO_SEPROXYHAL endif @@ -175,22 +172,14 @@ ifeq ($(HAVE_APPLICATION_FLAG_LIBRARY), 1) STANDARD_APP_FLAGS := $(shell echo $$(($(STANDARD_APP_FLAGS) + 0x800))) endif -APP_FLAGS = $(shell printf '0x%x' $$(( $(STANDARD_APP_FLAGS) + $(CUSTOM_APP_FLAGS) )) ) - -APP_LOAD_PARAMS += --appFlags $(APP_FLAGS) - -APP_LOAD_PARAMS += $(foreach curve, $(CURVE_APP_LOAD_PARAMS), --curve $(curve)) - -APP_LOAD_PARAMS += $(foreach path, $(PATH_APP_LOAD_PARAMS), --path $(path)) - -APP_LOAD_PARAMS += $(COMMON_LOAD_PARAMS) - # Pending review flag ifeq ($(ENABLE_PENDING_REVIEW_SCREEN), 1) - APP_LOAD_PARAMS += --tlvraw 9F:01 + TLVRAW_APP_LOAD_PARAMS += 9F:01 DEFINES += HAVE_PENDING_REVIEW_SCREEN endif +APP_FLAGS_APP_LOAD_PARAMS = $(shell printf '0x%x' $$(( $(STANDARD_APP_FLAGS) + $(CUSTOM_APP_FLAGS) )) ) + ##################################################################### # COMPILER SETTINGS # ##################################################################### diff --git a/extract_param.py b/extract_param.py new file mode 100644 index 000000000..0dc614a5f --- /dev/null +++ b/extract_param.py @@ -0,0 +1,20 @@ +""" +Helper to extract APP_LOAD_PARAMS parameters values. +It takes as a first parameter the parameter name to be search and output the +corresponding values from the rest of the script parameters. +""" + +from sys import argv + +if __name__ == '__main__': + + assert len(argv) > 2 + searching = argv[1] + + res = [] + args = argv[2:] + + for i, arg in enumerate(args): + if arg == searching and len(args) > i: + res.append(repr(args[i + 1])) + print(" ".join(res)) diff --git a/include/checks.h b/include/checks.h index f0e9851af..157e44003 100644 --- a/include/checks.h +++ b/include/checks.h @@ -23,7 +23,6 @@ #define CHECK_NOT_AUDITED_TLV_TAG 0x9F #define CHECK_NOT_AUDITED_TLV_VAL 0x01 -#define CHECK_NOT_AUDITED_MAX_LEN 0x40 void check_audited_app(void); #endif // !defined(HAVE_BOLOS) && defined(HAVE_PENDING_REVIEW_SCREEN) diff --git a/include/ledger_assert.h b/include/ledger_assert.h new file mode 100644 index 000000000..15387e5c4 --- /dev/null +++ b/include/ledger_assert.h @@ -0,0 +1,156 @@ +#pragma once + +#include + +#ifdef LEDGER_ASSERT_CONFIG_FILE_INFO +#define LEDGER_ASSERT_CONFIG_MESSAGE_INFO 1 +#define LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO 1 +#endif + +#ifdef LEDGER_ASSERT_CONFIG_MESSAGE_INFO +#define LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO 1 +#endif + +#if defined(LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO) && defined(HAVE_LEDGER_ASSERT_DISPLAY) +#define LR_AND_PC_SIZE 30 +void assert_display_lr_and_pc(int lr, int pc); +#define ASSERT_DISPLAY_LR_AND_PC(lr, pc) assert_display_lr_and_pc(lr, pc) +#else +#define LR_AND_PC_SIZE 0 +#define ASSERT_DISPLAY_LR_AND_PC(lr, pc) \ + do { \ + } while (0) +#endif + +#if defined(LEDGER_ASSERT_CONFIG_MESSAGE_INFO) && defined(HAVE_LEDGER_ASSERT_DISPLAY) +#define MESSAGE_SIZE 20 +void assert_display_message(const char *message); +#define ASSERT_DISPLAY_MESSAGE(message) assert_display_message(message) +#else +#define MESSAGE_SIZE 0 +#define ASSERT_DISPLAY_MESSAGE(message) \ + do { \ + } while (0) +#endif + +#if defined(LEDGER_ASSERT_CONFIG_FILE_INFO) && defined(HAVE_LEDGER_ASSERT_DISPLAY) +#define FILE_SIZE 50 +void assert_display_file_info(const char *file, unsigned int line); +#define ASSERT_DISPLAY_FILE_INFO(file, line) assert_display_file_info(file, line) +#else +#define FILE_SIZE 0 +#define ASSERT_DISPLAY_FILE_INFO(file, line) \ + do { \ + } while (0) +#endif + +#ifdef HAVE_LEDGER_ASSERT_DISPLAY +#define ASSERT_BUFFER_LEN LR_AND_PC_SIZE + MESSAGE_SIZE + FILE_SIZE +void __attribute__((noreturn)) assert_display_exit(void); + +#define LEDGER_ASSERT_EXIT() assert_display_exit() +#else +void assert_exit(bool confirm); +#define LEDGER_ASSERT_EXIT() assert_exit(true) +#endif + +#if defined(LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO) && defined(HAVE_PRINTF) +void assert_print_lr_and_pc(int lr, int pc); +#define ASSERT_PRINT_LR_AND_PC(lr, pc) assert_print_lr_and_pc(lr, pc) +#else +#define ASSERT_PRINT_LR_AND_PC(lr, pc) \ + do { \ + } while (0) +#endif + +#if defined(LEDGER_ASSERT_CONFIG_MESSAGE_INFO) && defined(HAVE_PRINTF) +void assert_print_message(const char *message); +#define ASSERT_PRINT_MESSAGE(message) assert_print_message(message) +#else +#define ASSERT_PRINT_MESSAGE(message) \ + do { \ + } while (0) +#endif + +#if defined(LEDGER_ASSERT_CONFIG_FILE_INFO) && defined(HAVE_PRINTF) +void assert_print_file_info(const char *file, int line); +#define ASSERT_PRINT_FILE_INFO(file, line) assert_print_file_info(file, line) +#else +#define ASSERT_PRINT_FILE_INFO(file, line) \ + do { \ + } while (0) +#endif + +#ifdef LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO +#define LEDGER_ASSERT_LR_AND_PC() \ + do { \ + int _lr_address = 0; \ + int _pc_address = 0; \ + \ + __asm volatile("mov %0, lr" : "=r"(_lr_address)); \ + __asm volatile("mov %0, pc" : "=r"(_pc_address)); \ + ASSERT_PRINT_LR_AND_PC(_lr_address, _pc_address); \ + ASSERT_DISPLAY_LR_AND_PC(_lr_address, _pc_address); \ + } while (0) +#elif defined(HAVE_PRINTF) +#define LEDGER_ASSERT_LR_AND_PC() PRINTF("LEDGER_ASSERT FAILED\n") +#else +#define LEDGER_ASSERT_LR_AND_PC() \ + do { \ + } while (0) +#endif + +#ifdef LEDGER_ASSERT_CONFIG_MESSAGE_INFO +#define LEDGER_ASSERT_MESSAGE(message) \ + do { \ + ASSERT_PRINT_MESSAGE(message); \ + ASSERT_DISPLAY_MESSAGE(message); \ + } while (0) +#else +#define LEDGER_ASSERT_MESSAGE(message) \ + do { \ + } while (0) +#endif + +#ifdef LEDGER_ASSERT_CONFIG_FILE_INFO +#define LEDGER_ASSERT_FILE_INFO() \ + do { \ + ASSERT_PRINT_FILE_INFO(__FILE__, __LINE__); \ + ASSERT_DISPLAY_FILE_INFO(__FILE__, __LINE__); \ + } while (0) +#else +#define LEDGER_ASSERT_FILE_INFO() \ + do { \ + } while (0) +#endif + +#define LEDGER_ASSERT(test, message) \ + do { \ + if (!(test)) { \ + LEDGER_ASSERT_LR_AND_PC(); \ + LEDGER_ASSERT_MESSAGE(message); \ + LEDGER_ASSERT_FILE_INFO(); \ + LEDGER_ASSERT_EXIT(); \ + } \ + } while (0) + +#if defined(HAVE_DEBUG_THROWS) && defined(HAVE_PRINTF) +void throw_print_lr(int e, int lr); +#define THROW_PRINT_LR(e, lr_val) throw_print_lr(e, lr_val) +#else +#define THROW_PRINT_LR(e, lr_val) \ + do { \ + } while (0) +#endif + +#if defined(HAVE_DEBUG_THROWS) +void __attribute__((noreturn)) assert_display_exit(void); +void throw_display_lr(int e, int lr); +#define DEBUG_THROW(e) \ + do { \ + unsigned int lr_val; \ + __asm volatile("mov %0, lr" : "=r"(lr_val)); \ + throw_display_lr(e, lr_val); \ + THROW_PRINT_LR(e, lr_val); \ + } while (0) +#endif diff --git a/include/os.h b/include/os.h index 0a6ae4d9d..27633c383 100644 --- a/include/os.h +++ b/include/os.h @@ -131,6 +131,10 @@ int snprintf(char *str, size_t str_size, const char *format, ...); #endif // APPLE #endif // HAVE_SPRINTF +#ifndef HAVE_BOLOS +int compute_address_location(int address); +#endif + // syscall test // SYSCALL void dummy_1(unsigned int* p PLENGTH(2+len+15+ len + 16 + sizeof(io_send_t) + 1 ), // unsigned int len); diff --git a/include/ox_aes.h b/include/ox_aes.h index 724f1640a..1226c2f58 100644 --- a/include/ox_aes.h +++ b/include/ox_aes.h @@ -93,8 +93,8 @@ typedef struct cx_aes_key_s cx_aes_key_t; * - CX_OK on success * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_aes_set_key_hw(const cx_aes_key_t *key PLENGTH(sizeof(cx_aes_key_t)), - uint32_t mode); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_aes_set_key_hw(const cx_aes_key_t *key PLENGTH(sizeof(cx_aes_key_t)), uint32_t mode); /** * @brief Resets the AES context. @@ -112,7 +112,7 @@ SYSCALL void cx_aes_reset_hw(void); * - CX_OK on success * - INVALID_PARAMETER */ -SYSCALL cx_err_t cx_aes_block_hw(const unsigned char *inblock PLENGTH(16), - unsigned char *outblock PLENGTH(16)); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_aes_block_hw(const unsigned char *inblock PLENGTH(16), + unsigned char *outblock PLENGTH(16)); #endif diff --git a/include/ox_bls.h b/include/ox_bls.h index 6467cbf38..9d0a24105 100644 --- a/include/ox_bls.h +++ b/include/ox_bls.h @@ -61,16 +61,16 @@ * - CX_EC_INVALID_POINT * - CX_EC_INFINITE_POINT */ -SYSCALL cx_err_t cx_bls12381_key_gen(uint8_t mode, - const uint8_t *secret, - size_t secret_len, - const uint8_t *salt, - size_t salt_len, - uint8_t *key_info, - size_t key_info_len, - cx_ecfp_384_private_key_t *private_key, - uint8_t *public_key, - size_t public_key_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bls12381_key_gen(uint8_t mode, + const uint8_t *secret, + size_t secret_len, + const uint8_t *salt, + size_t salt_len, + uint8_t *key_info, + size_t key_info_len, + cx_ecfp_384_private_key_t *private_key, + uint8_t *public_key, + size_t public_key_len); /** * @brief Hash a message to be signed with BLS12-381 signature scheme. @@ -96,12 +96,12 @@ SYSCALL cx_err_t cx_bls12381_key_gen(uint8_t mode, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_hash_to_field(const uint8_t *msg, - size_t msg_len, - const uint8_t *dst, - size_t dst_len, - uint8_t *hash, - size_t hash_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_hash_to_field(const uint8_t *msg, + size_t msg_len, + const uint8_t *dst, + size_t dst_len, + uint8_t *hash, + size_t hash_len); /** * @brief Sign the hash of a message. @@ -131,11 +131,11 @@ SYSCALL cx_err_t cx_hash_to_field(const uint8_t *msg, * - CX_INTERNAL_ERROR * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t ox_bls12381_sign(const cx_ecfp_384_private_key_t *key, - const uint8_t *message, - size_t message_len, - uint8_t *signature, - size_t signature_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t ox_bls12381_sign(const cx_ecfp_384_private_key_t *key, + const uint8_t *message, + size_t message_len, + uint8_t *signature, + size_t signature_len); /** * @brief Aggregate multiple signatures. @@ -159,11 +159,11 @@ SYSCALL cx_err_t ox_bls12381_sign(const cx_ecfp_384_private_key_t *key, * - CX_INTERNAL_ERROR * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bls12381_aggregate(const uint8_t *in, - size_t in_len, - bool first, - uint8_t *aggregated_signature, - size_t signature_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bls12381_aggregate(const uint8_t *in, + size_t in_len, + bool first, + uint8_t *aggregated_signature, + size_t signature_len); #endif // HAVE_BLS #endif // OX_BLS_H diff --git a/include/ox_bn.h b/include/ox_bn.h index 9ba70f438..2fc59bf14 100644 --- a/include/ox_bn.h +++ b/include/ox_bn.h @@ -81,7 +81,7 @@ typedef struct { * - CX_OK on success * - CX_BN_LOCKED if already locked. */ -SYSCALL cx_err_t cx_bn_lock(size_t word_nbytes, uint32_t flags); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_lock(size_t word_nbytes, uint32_t flags); /** * @brief Releases the BN lock. @@ -114,7 +114,7 @@ SYSCALL bool cx_bn_is_locked(void); * - CX_OK on success * - CX_NOT_LOCKED */ -cx_err_t cx_bn_locked(void); +WARN_UNUSED_RESULT cx_err_t cx_bn_locked(void); /* ========================================================================= */ /* === ALLOCA === */ @@ -137,7 +137,7 @@ cx_err_t cx_bn_locked(void); * - CX_BN_MEMORY_FULL * - CX_BN_INVALID_PARAMETER_SIZE */ -SYSCALL cx_err_t cx_bn_alloc(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), size_t nbytes); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_alloc(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), size_t nbytes); /** * @brief Allocates memory for a new BN and @@ -160,10 +160,10 @@ SYSCALL cx_err_t cx_bn_alloc(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), size_t nbytes) * - CX_BN_MEMORY_FULL * - CX_BN_INVALID_PARAMETER_SIZE */ -SYSCALL cx_err_t cx_bn_alloc_init(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), - size_t nbytes, - const uint8_t *value PLENGTH(value_nbytes), - size_t value_nbytes); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_alloc_init(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), + size_t nbytes, + const uint8_t *value PLENGTH(value_nbytes), + size_t value_nbytes); /** * @brief Releases a BN and gives back its attached memory to the system. @@ -175,7 +175,7 @@ SYSCALL cx_err_t cx_bn_alloc_init(cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), * - CX_BN_INVALID_PARAMETER_SIZE * - CX_BN_INVALID_PARAMETER_VALUE */ -SYSCALL cx_err_t cx_bn_destroy(cx_bn_t *x PLENGTH(sizeof(cx_bn_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_destroy(cx_bn_t *x PLENGTH(sizeof(cx_bn_t))); /** * @brief Gets the size in bytes of a BN. @@ -188,7 +188,7 @@ SYSCALL cx_err_t cx_bn_destroy(cx_bn_t *x PLENGTH(sizeof(cx_bn_t))); * - CX_OK on success * - CX_BN_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_nbytes(const cx_bn_t x, size_t *nbytes); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_nbytes(const cx_bn_t x, size_t *nbytes); /* ========================================================================= */ /* === R/W === */ @@ -207,9 +207,9 @@ SYSCALL cx_err_t cx_bn_nbytes(const cx_bn_t x, size_t *nbytes); * - CX_BN_INVALID_PARAMETER_SIZE * - CX_BN_INVALID_PARAMETER_VALUE */ -SYSCALL cx_err_t cx_bn_init(cx_bn_t x, - const uint8_t *value PLENGTH(value_nbytes), - size_t value_nbytes); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_init(cx_bn_t x, + const uint8_t *value PLENGTH(value_nbytes), + size_t value_nbytes); /** * @brief Generates a random number and @@ -221,7 +221,7 @@ SYSCALL cx_err_t cx_bn_init(cx_bn_t x, * - CX_OK on success * - CX_BN_INVALID_PARAMETER_VALUE */ -SYSCALL cx_err_t cx_bn_rand(cx_bn_t x); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_rand(cx_bn_t x); /** * @brief Copies the BN value. @@ -235,7 +235,7 @@ SYSCALL cx_err_t cx_bn_rand(cx_bn_t x); * - CX_BN_INVALID_PARAMETER_SIZE * - CX_BN_INVALID_PARAMETER_VALUE */ -SYSCALL cx_err_t cx_bn_copy(cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_copy(cx_bn_t a, const cx_bn_t b); /** * @brief Sets the value of a BN with a 32-bit unsigned value. @@ -249,7 +249,7 @@ SYSCALL cx_err_t cx_bn_copy(cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_set_u32(cx_bn_t x, uint32_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_set_u32(cx_bn_t x, uint32_t n); /** * @brief Gets the 32-bit value corresponding to a BN. @@ -263,7 +263,7 @@ SYSCALL cx_err_t cx_bn_set_u32(cx_bn_t x, uint32_t n); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_get_u32(const cx_bn_t x, uint32_t *n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_get_u32(const cx_bn_t x, uint32_t *n); /** * @brief Stores (serializes) a BN value as @@ -284,7 +284,9 @@ SYSCALL cx_err_t cx_bn_get_u32(const cx_bn_t x, uint32_t *n); * - CX_BN_INVALID_PARAMETER_SIZE * - CX_BN_INVALID_PARAMETER_VALUE */ -SYSCALL cx_err_t cx_bn_export(const cx_bn_t x, uint8_t *bytes PLENGTH(nbytes), size_t nbytes); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_export(const cx_bn_t x, + uint8_t *bytes PLENGTH(nbytes), + size_t nbytes); /* ========================================================================= */ /* === TEST === */ @@ -307,7 +309,7 @@ SYSCALL cx_err_t cx_bn_export(const cx_bn_t x, uint8_t *bytes PLENGTH(nbytes), s * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_cmp(const cx_bn_t a, const cx_bn_t b, int *diff); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_cmp(const cx_bn_t a, const cx_bn_t b, int *diff); /** * @brief Compares a BN value with an unsigned integer. @@ -326,7 +328,7 @@ SYSCALL cx_err_t cx_bn_cmp(const cx_bn_t a, const cx_bn_t b, int *diff); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_cmp_u32(const cx_bn_t a, uint32_t b, int *diff); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_cmp_u32(const cx_bn_t a, uint32_t b, int *diff); /** * @brief Tests whether a BN value is odd. @@ -342,7 +344,7 @@ SYSCALL cx_err_t cx_bn_cmp_u32(const cx_bn_t a, uint32_t b, int *diff); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_is_odd(const cx_bn_t n, bool *odd); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_is_odd(const cx_bn_t n, bool *odd); /* ========================================================================= */ /* === BIT MANIPULATION === */ @@ -364,7 +366,7 @@ SYSCALL cx_err_t cx_bn_is_odd(const cx_bn_t n, bool *odd); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_xor(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_xor(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /** * @brief Performs the bitwise 'OR' of two BN values. @@ -382,7 +384,7 @@ SYSCALL cx_err_t cx_bn_xor(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_or(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_or(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /** * @brief Performs the bitwise 'AND' of two BN values. @@ -400,7 +402,7 @@ SYSCALL cx_err_t cx_bn_or(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_and(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_and(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /** * @brief Tests the bit value at the specified index. @@ -421,7 +423,7 @@ SYSCALL cx_err_t cx_bn_and(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_tst_bit(const cx_bn_t x, uint32_t pos, bool *set); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_tst_bit(const cx_bn_t x, uint32_t pos, bool *set); /** * @brief Sets the bit value at the specified index. @@ -438,7 +440,7 @@ SYSCALL cx_err_t cx_bn_tst_bit(const cx_bn_t x, uint32_t pos, bool *set); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_set_bit(cx_bn_t x, uint32_t pos); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_set_bit(cx_bn_t x, uint32_t pos); /** * @brief Clears the bit value at the specified index. @@ -455,7 +457,7 @@ SYSCALL cx_err_t cx_bn_set_bit(cx_bn_t x, uint32_t pos); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_clr_bit(cx_bn_t x, uint32_t pos); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_clr_bit(cx_bn_t x, uint32_t pos); /** * @brief Performs a right shift. @@ -469,7 +471,7 @@ SYSCALL cx_err_t cx_bn_clr_bit(cx_bn_t x, uint32_t pos); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_shr(cx_bn_t x, uint32_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_shr(cx_bn_t x, uint32_t n); /** * @brief Performs a left shift. @@ -483,7 +485,7 @@ SYSCALL cx_err_t cx_bn_shr(cx_bn_t x, uint32_t n); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_shl(cx_bn_t x, uint32_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_shl(cx_bn_t x, uint32_t n); /** * @brief Counts the number of bits set to 1 of the BN value. @@ -497,7 +499,7 @@ SYSCALL cx_err_t cx_bn_shl(cx_bn_t x, uint32_t n); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_cnt_bits(cx_bn_t n, uint32_t *nbits); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_cnt_bits(cx_bn_t n, uint32_t *nbits); /* ========================================================================= */ /* === NON MODULAR ARITHMETIC === */ @@ -519,7 +521,7 @@ SYSCALL cx_err_t cx_bn_cnt_bits(cx_bn_t n, uint32_t *nbits); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_add(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_add(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /** * @brief Performs a subtraction **r = a - b**. @@ -537,7 +539,7 @@ SYSCALL cx_err_t cx_bn_add(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_sub(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_sub(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /** * @brief Performs a multiplication **r = a * b**. @@ -557,7 +559,7 @@ SYSCALL cx_err_t cx_bn_sub(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_bn_mul(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mul(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); /* ========================================================================= */ /* === Z/pZ MODULAR ARITHMETIC === */ @@ -584,7 +586,10 @@ SYSCALL cx_err_t cx_bn_mul(cx_bn_t r, const cx_bn_t a, const cx_bn_t b); * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_add(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_add(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t b, + const cx_bn_t n); /** * @brief Performs a modular subtraction **r = a - b mod n**. @@ -607,7 +612,10 @@ SYSCALL cx_err_t cx_bn_mod_add(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, cons * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_sub(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_sub(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t b, + const cx_bn_t n); /** * @brief Performs a modular multiplication **r = a * b mod n**. @@ -631,7 +639,10 @@ SYSCALL cx_err_t cx_bn_mod_sub(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, cons * - CX_INVALID_PARAMETER_VALUE * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_mul(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_mul(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t b, + const cx_bn_t n); /** * @brief Performs a reduction **r = d mod n**. @@ -650,7 +661,7 @@ SYSCALL cx_err_t cx_bn_mod_mul(cx_bn_t r, const cx_bn_t a, const cx_bn_t b, cons * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_reduce(cx_bn_t r, const cx_bn_t d, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_reduce(cx_bn_t r, const cx_bn_t d, const cx_bn_t n); /** * @brief Computes *r* such that **r² = a mod n** if *a* is a quadratic residue. @@ -673,7 +684,10 @@ SYSCALL cx_err_t cx_bn_reduce(cx_bn_t r, const cx_bn_t d, const cx_bn_t n); * - CX_MEMORY_FULL * - CX_NO_RESIDUE */ -SYSCALL cx_err_t cx_bn_mod_sqrt(cx_bn_t r, const cx_bn_t a, const cx_bn_t n, uint32_t sign); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_sqrt(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t n, + uint32_t sign); /** * @brief Performs a modular exponentiation **r = a^e mod n**. @@ -695,7 +709,10 @@ SYSCALL cx_err_t cx_bn_mod_sqrt(cx_bn_t r, const cx_bn_t a, const cx_bn_t n, uin * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_pow_bn(cx_bn_t r, const cx_bn_t a, const cx_bn_t e, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_pow_bn(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t e, + const cx_bn_t n); /** * @brief Performs a modular exponentiation **r = a^e mod n**. @@ -719,11 +736,11 @@ SYSCALL cx_err_t cx_bn_mod_pow_bn(cx_bn_t r, const cx_bn_t a, const cx_bn_t e, c * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_pow(cx_bn_t r, - const cx_bn_t a, - const uint8_t *e PLENGTH(e_len), - uint32_t e_len, - const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_pow(cx_bn_t r, + const cx_bn_t a, + const uint8_t *e PLENGTH(e_len), + uint32_t e_len, + const cx_bn_t n); /** * @brief Performs a modular exponentiation **r = a^e mod n**. @@ -751,11 +768,11 @@ SYSCALL cx_err_t cx_bn_mod_pow(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_pow2(cx_bn_t r, - const cx_bn_t a, - const uint8_t *e PLENGTH(e_len), - uint32_t e_len, - const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_pow2(cx_bn_t r, + const cx_bn_t a, + const uint8_t *e PLENGTH(e_len), + uint32_t e_len, + const cx_bn_t n); /** * @brief Computes the modular inverse **r = a^(-1) mod n**, @@ -775,7 +792,9 @@ SYSCALL cx_err_t cx_bn_mod_pow2(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_mod_invert_nprime(cx_bn_t r, const cx_bn_t a, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_invert_nprime(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t n); /** * @brief Computes the modular inverse **r = a^(-1) mod n**, @@ -799,7 +818,7 @@ SYSCALL cx_err_t cx_bn_mod_invert_nprime(cx_bn_t r, const cx_bn_t a, const cx_bn * - CX_INTERNAL_ERROR * - CX_NOT_INVERTIBLE */ -SYSCALL cx_err_t cx_bn_mod_u32_invert(cx_bn_t r, uint32_t a, cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_mod_u32_invert(cx_bn_t r, uint32_t a, cx_bn_t n); /* ========================================================================= */ /* === MONTGOMERY MODULAR ARITHMETIC === */ @@ -817,8 +836,8 @@ SYSCALL cx_err_t cx_bn_mod_u32_invert(cx_bn_t r, uint32_t a, cx_bn_t n); * - CX_NOT_LOCKED * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_mont_alloc(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), - size_t length); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_alloc(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), size_t length); /** * @brief Initializes a Montgomery context with the modulus. @@ -835,8 +854,8 @@ SYSCALL cx_err_t cx_mont_alloc(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_c * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_mont_init(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), - const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_init(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), const cx_bn_t n); /** * @brief Initializes a Montgomery context with the modulus and @@ -858,9 +877,10 @@ SYSCALL cx_err_t cx_mont_init(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ct * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_mont_init2(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), - const cx_bn_t n, - const cx_bn_t h); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_init2(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t)), + const cx_bn_t n, + const cx_bn_t h); /** * @brief Computes the Montgomery representation of a BN value. @@ -880,7 +900,7 @@ SYSCALL cx_err_t cx_mont_init2(cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_c * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_mont_to_montgomery(cx_bn_t x, const cx_bn_t z, const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); @@ -905,7 +925,7 @@ cx_mont_to_montgomery(cx_bn_t x, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_mont_from_montgomery(cx_bn_t z, const cx_bn_t x, const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); @@ -929,10 +949,11 @@ cx_mont_from_montgomery(cx_bn_t z, * - CX_NOT_LOCKED * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_mont_mul(cx_bn_t r, - const cx_bn_t a, - const cx_bn_t b, - const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_mul(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t b, + const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); /** * @brief Performs a modular exponentiation **r = a^e mod n**. @@ -959,11 +980,12 @@ SYSCALL cx_err_t cx_mont_mul(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_mont_pow(cx_bn_t r, - const cx_bn_t a, - const uint8_t *e PLENGTH(e_len), - uint32_t e_len, - const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_pow(cx_bn_t r, + const cx_bn_t a, + const uint8_t *e PLENGTH(e_len), + uint32_t e_len, + const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); /** * @brief Performs a modular exponentiation **r = a^e mod n**. @@ -988,10 +1010,11 @@ SYSCALL cx_err_t cx_mont_pow(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_mont_pow_bn(cx_bn_t r, - const cx_bn_t a, - const cx_bn_t e, - const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_mont_pow_bn(cx_bn_t r, + const cx_bn_t a, + const cx_bn_t e, + const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); /** * @brief Computes the modular inverse **r = a^(-1) mod n** for @@ -1014,7 +1037,7 @@ SYSCALL cx_err_t cx_mont_pow_bn(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_mont_invert_nprime(cx_bn_t r, const cx_bn_t a, const cx_bn_mont_ctx_t *ctx PLENGTH(sizeof(cx_bn_mont_ctx_t))); @@ -1038,7 +1061,7 @@ cx_mont_invert_nprime(cx_bn_t r, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_is_prime(const cx_bn_t n, bool *prime); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_is_prime(const cx_bn_t n, bool *prime); /** * @brief Gets the first prime number after a @@ -1053,7 +1076,7 @@ SYSCALL cx_err_t cx_bn_is_prime(const cx_bn_t n, bool *prime); * - CX_MEMORY_FULL * - CX_OVERFLOW */ -SYSCALL cx_err_t cx_bn_next_prime(cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_next_prime(cx_bn_t n); /** * @brief Generates a random number *r* in the range ]0,n[. @@ -1070,7 +1093,7 @@ SYSCALL cx_err_t cx_bn_next_prime(cx_bn_t n); * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_rng(cx_bn_t r, const cx_bn_t n); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_rng(cx_bn_t r, const cx_bn_t n); /** * @brief Performs a multiplication over GF(2^n). @@ -1093,10 +1116,10 @@ SYSCALL cx_err_t cx_bn_rng(cx_bn_t r, const cx_bn_t n); * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_bn_gf2_n_mul(cx_bn_t bn_r, - const cx_bn_t bn_a, - const cx_bn_t bn_b, - const cx_bn_t bn_n, - const cx_bn_t bn_h); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_bn_gf2_n_mul(cx_bn_t bn_r, + const cx_bn_t bn_a, + const cx_bn_t bn_b, + const cx_bn_t bn_n, + const cx_bn_t bn_h); #endif /* CX_BN_H */ diff --git a/include/ox_ec.h b/include/ox_ec.h index 09cd5fbaa..67b56970e 100644 --- a/include/ox_ec.h +++ b/include/ox_ec.h @@ -400,7 +400,7 @@ typedef enum cx_curve_dom_param_s cx_curve_dom_param_t; * - CX_OK on success * - CX_EC_INVALID_CURVE */ -SYSCALL cx_err_t cx_ecdomain_size(cx_curve_t curve, size_t *length); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecdomain_size(cx_curve_t curve, size_t *length); /** * @brief Gets the byte length of each parameter of the curve. @@ -413,7 +413,7 @@ SYSCALL cx_err_t cx_ecdomain_size(cx_curve_t curve, size_t *length); * - CX_OK on success * - CX_EC_INVALID_CURVE */ -SYSCALL cx_err_t cx_ecdomain_parameters_length(cx_curve_t cv, size_t *length); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecdomain_parameters_length(cx_curve_t cv, size_t *length); /** * @brief Gets a specific parameter of the curve. @@ -431,10 +431,10 @@ SYSCALL cx_err_t cx_ecdomain_parameters_length(cx_curve_t cv, size_t *length); * - CX_EC_INVALID_CURVE * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_ecdomain_parameter(cx_curve_t cv, - cx_curve_dom_param_t id, - uint8_t *p PLENGTH(p_len), - uint32_t p_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecdomain_parameter(cx_curve_t cv, + cx_curve_dom_param_t id, + uint8_t *p PLENGTH(p_len), + uint32_t p_len); /** * @brief Stores a specific parameter of the curve as a BN. @@ -452,7 +452,9 @@ SYSCALL cx_err_t cx_ecdomain_parameter(cx_curve_t cv, * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_SIZE */ -SYSCALL cx_err_t cx_ecdomain_parameter_bn(cx_curve_t cv, cx_curve_dom_param_t id, cx_bn_t p); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecdomain_parameter_bn(cx_curve_t cv, + cx_curve_dom_param_t id, + cx_bn_t p); /** * @brief Gets the generator of the curve. @@ -470,10 +472,10 @@ SYSCALL cx_err_t cx_ecdomain_parameter_bn(cx_curve_t cv, cx_curve_dom_param_t id * - CX_EC_INVALID_CURVE * - CX_INVALID_PARAMETER */ -SYSCALL cx_err_t cx_ecdomain_generator(cx_curve_t cv, - uint8_t *Gx PLENGTH(len), - uint8_t *Gy PLENGTH(len), - size_t len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecdomain_generator(cx_curve_t cv, + uint8_t *Gx PLENGTH(len), + uint8_t *Gy PLENGTH(len), + size_t len); /** * @brief Gets the generator of the curve and stores it in the point structure. @@ -490,8 +492,8 @@ SYSCALL cx_err_t cx_ecdomain_generator(cx_curve_t cv, * - CX_INVALID_PARAMETER_SIZE * - CX_EC_INVALID_POINT */ -SYSCALL cx_err_t cx_ecdomain_generator_bn(cx_curve_t cv, - cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecdomain_generator_bn(cx_curve_t cv, cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); /** * @brief Allocates memory for a point on the curve. @@ -507,7 +509,8 @@ SYSCALL cx_err_t cx_ecdomain_generator_bn(cx_curve_t cv, * - CX_INVALID_PARAMETER * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_alloc(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), cx_curve_t cv); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecpoint_alloc(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + cx_curve_t cv); /** * @brief Destroys a point on the curve. @@ -521,7 +524,8 @@ SYSCALL cx_err_t cx_ecpoint_alloc(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), * - CX_INVALID_PARAMETER * - CX_INTERNAL_ERROR */ -SYSCALL cx_err_t cx_ecpoint_destroy(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_destroy(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); /** * @brief Initializes a point on the curve. @@ -544,11 +548,11 @@ SYSCALL cx_err_t cx_ecpoint_destroy(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t) * - CX_INVALID_PARAMETER * - CX_EC_INVALID_CURVE */ -SYSCALL cx_err_t cx_ecpoint_init(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *x PLENGTH(x_len), - size_t x_len, - const uint8_t *y PLENGTH(y_len), - size_t y_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecpoint_init(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *x PLENGTH(x_len), + size_t x_len, + const uint8_t *y PLENGTH(y_len), + size_t y_len); /** * @brief Initializes a point on the curve with the BN indexes of the coordinates. @@ -567,9 +571,8 @@ SYSCALL cx_err_t cx_ecpoint_init(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), * - CX_INVALID_PARAMETER * - CX_EC_INVALID_CURVE */ -SYSCALL cx_err_t cx_ecpoint_init_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const cx_bn_t x, - const cx_bn_t y); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_init_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), const cx_bn_t x, const cx_bn_t y); /** * @brief Exports a point. @@ -596,11 +599,12 @@ SYSCALL cx_err_t cx_ecpoint_init_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t) * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_export(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - uint8_t *x PLENGTH(x_len), - size_t x_len, - uint8_t *y PLENGTH(y_len), - size_t y_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_export(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + uint8_t *x PLENGTH(x_len), + size_t x_len, + uint8_t *y PLENGTH(y_len), + size_t y_len); /** * @brief Exports a point using BN indexes of the coordinates. @@ -619,9 +623,10 @@ SYSCALL cx_err_t cx_ecpoint_export(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoi * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_export_bn(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), - cx_bn_t *y PLENGTH(sizeof(cx_bn_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_export_bn(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + cx_bn_t *x PLENGTH(sizeof(cx_bn_t)), + cx_bn_t *y PLENGTH(sizeof(cx_bn_t))); /** * @brief Computes the compressed form of a point. @@ -653,10 +658,11 @@ SYSCALL cx_err_t cx_ecpoint_export_bn(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ec * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_compress(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - uint8_t *xy_compressed PLENGTH(xy_compressed_len), - size_t xy_compressed_len, - uint32_t *sign); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_compress(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + uint8_t *xy_compressed PLENGTH(xy_compressed_len), + size_t xy_compressed_len, + uint32_t *sign); /** * @brief Computes the affine coordinates of a point given its compressed form. @@ -680,10 +686,11 @@ SYSCALL cx_err_t cx_ecpoint_compress(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ec * - CX_NO_RESIDUE * */ -SYSCALL cx_err_t cx_ecpoint_decompress(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *xy_compressed PLENGTH(xy_compressed_len), - size_t xy_compressed_len, - uint32_t sign); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_decompress(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *xy_compressed PLENGTH(xy_compressed_len), + size_t xy_compressed_len, + uint32_t sign); /** * @brief Adds two points on a curve. @@ -709,9 +716,10 @@ SYSCALL cx_err_t cx_ecpoint_decompress(cx_ecpoint_t *P PLENGTH(size * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_add(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), - const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_add(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), + const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t))); /** * @brief Computes the opposite of a point. @@ -732,7 +740,7 @@ SYSCALL cx_err_t cx_ecpoint_add(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_ * - CX_MEMORY_FULL * - CX_EC_INFINITE_POINT */ -SYSCALL cx_err_t cx_ecpoint_neg(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecpoint_neg(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); /** * @brief Performs a secure scalar multiplication. @@ -753,9 +761,10 @@ SYSCALL cx_err_t cx_ecpoint_neg(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t))); * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_rnd_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *k PLENGTH(k_len), - size_t k_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_rnd_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *k PLENGTH(k_len), + size_t k_len); /** * @brief Performs a secure scalar multiplication given the BN index of the scalar. @@ -774,8 +783,9 @@ SYSCALL cx_err_t cx_ecpoint_rnd_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecp * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_rnd_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const cx_bn_t bn_k PLENGTH(sizeof(cx_bn_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_rnd_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const cx_bn_t bn_k PLENGTH(sizeof(cx_bn_t))); /** * @brief Performs a secure scalar multiplication with a fixed scalar length. @@ -796,9 +806,10 @@ SYSCALL cx_err_t cx_ecpoint_rnd_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(c * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_rnd_fixed_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *k PLENGTH(k_len), - size_t k_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_rnd_fixed_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *k PLENGTH(k_len), + size_t k_len); /** * @brief Performs a scalar multiplication. @@ -823,9 +834,10 @@ SYSCALL cx_err_t cx_ecpoint_rnd_fixed_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof( * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *k PLENGTH(k_len), - size_t k_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *k PLENGTH(k_len), + size_t k_len); /** * @brief Performs a scalar multiplication given the BN index of the scalar. @@ -848,8 +860,9 @@ SYSCALL cx_err_t cx_ecpoint_scalarmul(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const cx_bn_t bn_k PLENGTH(sizeof(cx_bn_t))); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const cx_bn_t bn_k PLENGTH(sizeof(cx_bn_t))); /** * @brief Performs a double scalar multiplication. @@ -880,13 +893,14 @@ SYSCALL cx_err_t cx_ecpoint_scalarmul_bn(cx_ecpoint_t *P PLENGTH(sizeof(cx_ec * - CX_MEMORY_FULL * - CX_EC_INFINITE_POINT */ -SYSCALL cx_err_t cx_ecpoint_double_scalarmul(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), - cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), - const uint8_t *k PLENGTH(k_len), - size_t k_len, - const uint8_t *r PLENGTH(r_len), - size_t r_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_double_scalarmul(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), + cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), + const uint8_t *k PLENGTH(k_len), + size_t k_len, + const uint8_t *r PLENGTH(r_len), + size_t r_len); /** * @brief Performs a double scalar multiplication @@ -914,11 +928,12 @@ SYSCALL cx_err_t cx_ecpoint_double_scalarmul(cx_ecpoint_t *R PLENGTH(sizeof(cx_ * - CX_MEMORY_FULL * - CX_EC_INFINITE_POINT */ -SYSCALL cx_err_t cx_ecpoint_double_scalarmul_bn(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), - cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), - const cx_bn_t bn_k, - const cx_bn_t bn_r); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_double_scalarmul_bn(cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), + cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), + const cx_bn_t bn_k, + const cx_bn_t bn_r); /** * @brief Compares two points on the same curve. @@ -939,9 +954,10 @@ SYSCALL cx_err_t cx_ecpoint_double_scalarmul_bn(cx_ecpoint_t *R PLENGTH(sizeof(c * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_cmp(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), - const cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), - bool *is_equal); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_cmp(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_t)), + const cx_ecpoint_t *Q PLENGTH(sizeof(cx_ecpoint_t)), + bool *is_equal); /** * @brief Checks whether a given point is on the curve. @@ -960,8 +976,8 @@ SYSCALL cx_err_t cx_ecpoint_cmp(const cx_ecpoint_t *P PLENGTH(sizeof(cx_ecpoint_ * - CX_EC_INFINITE_POINT * - CX_MEMORY_FULL */ -SYSCALL cx_err_t cx_ecpoint_is_on_curve(const cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), - bool *is_on_curve); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_is_on_curve(const cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), bool *is_on_curve); /** * @brief Checks whether a given point is the point at infinity. @@ -980,8 +996,9 @@ SYSCALL cx_err_t cx_ecpoint_is_on_curve(const cx_ecpoint_t *R PLENGTH(sizeof(cx_ * - CX_INVALID_PARAMETER * - CX_EC_INVALID_CURVE */ -SYSCALL cx_err_t cx_ecpoint_is_at_infinity(const cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), - bool *is_at_infinity); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_ecpoint_is_at_infinity(const cx_ecpoint_t *R PLENGTH(sizeof(cx_ecpoint_t)), + bool *is_at_infinity); #ifdef HAVE_X25519 /** @@ -1006,7 +1023,9 @@ SYSCALL cx_err_t cx_ecpoint_is_at_infinity(const cx_ecpoint_t *R PLENGTH(sizeof( * - CX_MEMORY_FULL * */ -SYSCALL cx_err_t cx_ecpoint_x25519(const cx_bn_t bn_u, const uint8_t *k, size_t k_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecpoint_x25519(const cx_bn_t bn_u, + const uint8_t *k, + size_t k_len); #endif // HAVE_X25519 #ifdef HAVE_X448 @@ -1032,7 +1051,9 @@ SYSCALL cx_err_t cx_ecpoint_x25519(const cx_bn_t bn_u, const uint8_t *k, size_t * - CX_MEMORY_FULL * */ -SYSCALL cx_err_t cx_ecpoint_x448(const cx_bn_t bn_u, const uint8_t *k, size_t k_len); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_ecpoint_x448(const cx_bn_t bn_u, + const uint8_t *k, + size_t k_len); #endif // HAVE_X448 #endif diff --git a/include/ox_vss.h b/include/ox_vss.h index 836f73638..cd68fb68d 100644 --- a/include/ox_vss.h +++ b/include/ox_vss.h @@ -49,16 +49,17 @@ typedef struct { * @param[in] threshold Threshold of the secret sharing. * @return Error code */ -SYSCALL cx_err_t cx_vss_generate_shares(cx_vss_share_t *shares PLENGTH(shares_number), - cx_vss_commitment_t *commits PLENGTH(threshold), - const uint8_t *point, - size_t point_len, - const uint8_t *seed PLENGTH(seed_len), - size_t seed_len, - const uint8_t *secret PLENGTH(secret_len), - size_t secret_len, - uint8_t shares_number, - uint8_t threshold); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_vss_generate_shares(cx_vss_share_t *shares PLENGTH(shares_number), + cx_vss_commitment_t *commits PLENGTH(threshold), + const uint8_t *point, + size_t point_len, + const uint8_t *seed PLENGTH(seed_len), + size_t seed_len, + const uint8_t *secret PLENGTH(secret_len), + size_t secret_len, + uint8_t shares_number, + uint8_t threshold); /** * @brief This function combines the given shares to get a secret. @@ -69,10 +70,11 @@ SYSCALL cx_err_t cx_vss_generate_shares(cx_vss_share_t *shares PLENGTH(sha * @param[in] threshold Threshold of the secret sharing. * @return Error code */ -SYSCALL cx_err_t cx_vss_combine_shares(uint8_t *secret PLENGTH(secret_len), - size_t secret_len, - cx_vss_share_t *shares PLENGTH(sizeof(cx_vss_share_t)), - uint8_t threshold); +SYSCALL WARN_UNUSED_RESULT cx_err_t +cx_vss_combine_shares(uint8_t *secret PLENGTH(secret_len), + size_t secret_len, + cx_vss_share_t *shares PLENGTH(sizeof(cx_vss_share_t)), + uint8_t threshold); /** * @brief This function verifies whether the coefficients commitments match @@ -86,11 +88,11 @@ SYSCALL cx_err_t cx_vss_combine_shares(uint8_t *secret PLENGTH(secret_len * @param[out] verified The commitments match. * @return Error code. */ -SYSCALL cx_err_t cx_vss_verify_commits(cx_vss_commitment_t *commitments, - uint8_t threshold, - cx_vss_commitment_t *share_commitment, - uint32_t share_index, - bool *verified); +SYSCALL WARN_UNUSED_RESULT cx_err_t cx_vss_verify_commits(cx_vss_commitment_t *commitments, + uint8_t threshold, + cx_vss_commitment_t *share_commitment, + uint32_t share_index, + bool *verified); #endif /* OX_VSS_H */ #endif // HAVE_VSS diff --git a/install_params.py b/install_params.py new file mode 100644 index 000000000..3110d9238 --- /dev/null +++ b/install_params.py @@ -0,0 +1,192 @@ +""" +/******************************************************************************* + * Ledger - Secure firmware + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ +""" + +import struct +import argparse +import binascii + + +BOLOS_TAG_APPNAME = 1 +BOLOS_TAG_APPVERSION = 2 +BOLOS_TAG_ICON = 3 +BOLOS_TAG_DERIVEPATH = 4 +BOLOS_TAG_DEPENDENCY = 6 + + +CURVE_SECP256K1 = 1 << 0 +CURVE_PRIME256R1 = 1 << 1 +CURVE_ED25519 = 1 << 2 +CURVE_SLIP21 = 1 << 3 +CURVE_BLS12381G1 = 1 << 4 + + +def auto_int(x): + return int(x, 0) + + +def string_to_bytes(x): + return bytes(x, 'ascii') + + +def encodelv(value): + length = len(value) + res = b"" + if length < 128: + res += struct.pack(">B", length) + elif length < 256: + res += struct.pack(">B", 0x81) + res += struct.pack(">B", length) + elif length < 65536: + res += struct.pack(">B", 0x82) + res += struct.pack(">H", length) + else: + raise Exception("Unimplemented LV encoding") + res += value + return res + + +def encodetlv(tag, value): + res = struct.pack(">B", tag) + res += encodelv(value) + return res + + +def get_curve_mask(curves, slip21_paths): + if curves: + curve_mask = 0x00 + for curve in curves: + if curve == 'secp256k1': + curve_mask |= CURVE_SECP256K1 + elif curve == 'secp256r1': + curve_mask |= CURVE_PRIME256R1 + elif curve == 'ed25519': + curve_mask |= CURVE_ED25519 + elif curve == 'bls12381g1': + curve_mask |= CURVE_BLS12381G1 + else: + raise Exception("Unknown curve " + curve) + + if slip21_paths: + curve_mask |= CURVE_SLIP21 + else: + curve_mask = 0xff + + return curve_mask + + +def parse_bip32_path(path): + elements = path.split('/') + result = struct.pack('>B', len(elements)) + for element in elements: + if element.endswith("\'"): + value = 0x80000000 | int(element[:-1]) + else: + value = int(element) + result += struct.pack(">I", value) + return result + + +def parse_slip21_path(path): + result = struct.pack('>B', 0x80 | (len(path) + 1)) + result = result + b'\x00' + string_to_bytes(path) + return result + + +def get_serialized_path(curves, bip32_paths, slip21_paths): + curve_mask = get_curve_mask(args.curve, args.path_slip21) + serialized_path = struct.pack('>B', curve_mask) + + serialized_bip32_paths = b"" + if bip32_paths: + for path in bip32_paths: + if path: + serialized_bip32_paths += parse_bip32_path(path) + serialized_path += serialized_bip32_paths + + serialized_slip21_path = b"" + if slip21_paths: + for path in slip21_paths: + if path: + serialized_slip21_path += parse_slip21_path(path) + if not serialized_bip32_paths: + # Unrestricted, authorize all paths for regular derivation + serialized_slip21_path += struct.pack('>B', 0) + serialized_path += serialized_slip21_path + + return serialized_path + + +def get_argparser(): + parser = argparse.ArgumentParser(description="Generate application install_params TLV bytes.") + parser.add_argument("--appName", help="The name to give the application after loading it", required=True) + parser.add_argument("--appVersion", help="The application version (as a string)") + parser.add_argument("--icon", help="The icon content to use (hex encoded)") + parser.add_argument("--curve", help="""A curve on which BIP 32 derivation is locked ("secp256k1", "secp256r1", +"ed25519" or "bls12381g1"), can be repeated""", action='append') + parser.add_argument("--path", help="""A BIP 32 path to which derivation is locked (format decimal a'/b'/c), can be +repeated""", action='append') + parser.add_argument("--path_slip21", help="""A SLIP 21 path to which derivation is locked""", action='append') + parser.add_argument("--tlvraw", help="Add a custom install param with the hextag:hexvalue encoding", action='append') + parser.add_argument("--dep", help="Add a dependency over an appname[:appversion]", action='append') + + return parser + + +if __name__ == '__main__': + + args = get_argparser().parse_args() + + # Build install parameters + install_params = b"" + + # express dependency + if args.dep: + for dep in args.dep: + app_name, app_version = dep, None + + # split if version is specified + if ":" in dep: + app_name, app_version = dep.split(":") + + dep_value = encodelv(string_to_bytes(app_name)) + if app_version: + dep_value += encodelv(string_to_bytes(app_version)) + install_params += encodetlv(BOLOS_TAG_DEPENDENCY, dep_value) + + # Add raw install parameters as requested + if args.tlvraw: + for tlvraw in args.tlvraw: + hextag, hexvalue = tlvraw.split(":") + install_params += encodetlv(int(hextag, 16), binascii.unhexlify(hexvalue)) + + # App name is mandatory + install_params += encodetlv(BOLOS_TAG_APPNAME, string_to_bytes(args.appName)) + + if args.appVersion: + install_params += encodetlv(BOLOS_TAG_APPVERSION, string_to_bytes(args.appVersion)) + + if args.icon: + install_params += encodetlv(BOLOS_TAG_ICON, bytes.fromhex(args.icon)) + + serialized_path = get_serialized_path(args.curve, args.path, args.path_slip21) + if len(serialized_path) > 0: + install_params += encodetlv(BOLOS_TAG_DERIVEPATH, serialized_path) + + output = ",".join(f"0x{i:02x}" for i in install_params) + print(output) diff --git a/lib_cxng/include/lcx_aead.h b/lib_cxng/include/lcx_aead.h index dfaead27f..806c24ea6 100644 --- a/lib_cxng/include/lcx_aead.h +++ b/lib_cxng/include/lcx_aead.h @@ -31,11 +31,11 @@ * @version 1.0 **/ -#if defined(HAVE_AEAD) - #ifndef LCX_AEAD_H #define LCX_AEAD_H +#if defined(HAVE_AEAD) + #include "cx_errors.h" #include #if defined(HAVE_AES_GCM) @@ -141,7 +141,7 @@ typedef struct { * * @return Error code. */ -cx_err_t cx_aead_init(cx_aead_context_t *ctx); +WARN_UNUSED_RESULT cx_err_t cx_aead_init(cx_aead_context_t *ctx); /** * @brief AEAD set up. @@ -158,7 +158,7 @@ cx_err_t cx_aead_init(cx_aead_context_t *ctx); * * @return Error code */ -cx_err_t cx_aead_setup(cx_aead_context_t *ctx, cx_aead_type_t type); +WARN_UNUSED_RESULT cx_err_t cx_aead_setup(cx_aead_context_t *ctx, cx_aead_type_t type); /** * @brief Sets the cipher key. @@ -176,7 +176,10 @@ cx_err_t cx_aead_setup(cx_aead_context_t *ctx, cx_aead_type_t type); * * @return Error code */ -cx_err_t cx_aead_set_key(cx_aead_context_t *ctx, const uint8_t *key, size_t key_len, uint32_t mode); +WARN_UNUSED_RESULT cx_err_t cx_aead_set_key(cx_aead_context_t *ctx, + const uint8_t *key, + size_t key_len, + uint32_t mode); /** * @brief Sets the initialization vector. @@ -191,7 +194,9 @@ cx_err_t cx_aead_set_key(cx_aead_context_t *ctx, const uint8_t *key, size_t key_ * * @return Error code. */ -cx_err_t cx_aead_set_iv(cx_aead_context_t *ctx, const uint8_t *iv, size_t iv_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_set_iv(cx_aead_context_t *ctx, + const uint8_t *iv, + size_t iv_len); /** * @brief Adds associated data to the context. @@ -207,7 +212,9 @@ cx_err_t cx_aead_set_iv(cx_aead_context_t *ctx, const uint8_t *iv, size_t iv_len * * @return Error code. */ -cx_err_t cx_aead_update_ad(cx_aead_context_t *ctx, const uint8_t *ad, size_t ad_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_update_ad(cx_aead_context_t *ctx, + const uint8_t *ad, + size_t ad_len); /** * @brief Updates the data to encrypt or decrypt. @@ -229,11 +236,8 @@ cx_err_t cx_aead_update_ad(cx_aead_context_t *ctx, const uint8_t *ad, size_t ad_ * @return Error code. * */ -cx_err_t cx_aead_update(cx_aead_context_t *ctx, - uint8_t *in, - size_t in_len, - uint8_t *out, - size_t *out_len); +WARN_UNUSED_RESULT cx_err_t +cx_aead_update(cx_aead_context_t *ctx, uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len); /** * @brief Writes the tag of the AEAD cipher. @@ -248,7 +252,7 @@ cx_err_t cx_aead_update(cx_aead_context_t *ctx, * * @return Error code. */ -cx_err_t cx_aead_write_tag(cx_aead_context_t *ctx, uint8_t *tag, size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_write_tag(cx_aead_context_t *ctx, uint8_t *tag, size_t tag_len); /** * @brief Checks the tag of the AEAD cipher. @@ -263,7 +267,9 @@ cx_err_t cx_aead_write_tag(cx_aead_context_t *ctx, uint8_t *tag, size_t tag_len) * * @return Error code. */ -cx_err_t cx_aead_check_tag(cx_aead_context_t *ctx, const uint8_t *tag, size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_check_tag(cx_aead_context_t *ctx, + const uint8_t *tag, + size_t tag_len); /** * @brief All-in-one authenticated encryption. @@ -295,17 +301,17 @@ cx_err_t cx_aead_check_tag(cx_aead_context_t *ctx, const uint8_t *tag, size_t ta * * @return Error code. */ -cx_err_t cx_aead_encrypt(cx_aead_context_t *ctx, - const uint8_t *iv, - size_t iv_len, - const uint8_t *ad, - size_t ad_len, - uint8_t *in, - size_t in_len, - uint8_t *out, - size_t *out_len, - uint8_t *tag, - size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_encrypt(cx_aead_context_t *ctx, + const uint8_t *iv, + size_t iv_len, + const uint8_t *ad, + size_t ad_len, + uint8_t *in, + size_t in_len, + uint8_t *out, + size_t *out_len, + uint8_t *tag, + size_t tag_len); /** * @brief All-in-one authenticated decryption. @@ -338,17 +344,18 @@ cx_err_t cx_aead_encrypt(cx_aead_context_t *ctx, * * @return Error code. */ -cx_err_t cx_aead_decrypt(cx_aead_context_t *ctx, - const uint8_t *iv, - size_t iv_len, - const uint8_t *ad, - size_t ad_len, - uint8_t *in, - size_t in_len, - uint8_t *out, - size_t *out_len, - const uint8_t *tag, - size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aead_decrypt(cx_aead_context_t *ctx, + const uint8_t *iv, + size_t iv_len, + const uint8_t *ad, + size_t ad_len, + uint8_t *in, + size_t in_len, + uint8_t *out, + size_t *out_len, + const uint8_t *tag, + size_t tag_len); -#endif #endif // HAVE_AEAD + +#endif // LCX_AED_H diff --git a/lib_cxng/include/lcx_aes.h b/lib_cxng/include/lcx_aes.h index 017dcaa3b..682a48157 100644 --- a/lib_cxng/include/lcx_aes.h +++ b/lib_cxng/include/lcx_aes.h @@ -28,11 +28,11 @@ * for more details. */ -#ifdef HAVE_AES - #ifndef LCX_AES_H #define LCX_AES_H +#ifdef HAVE_AES + #include "cx_errors.h" #include "lcx_wrappers.h" #include "lcx_common.h" @@ -54,7 +54,9 @@ * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_aes_init_key_no_throw(const uint8_t *rawkey, size_t key_len, cx_aes_key_t *key); +WARN_UNUSED_RESULT cx_err_t cx_aes_init_key_no_throw(const uint8_t *rawkey, + size_t key_len, + cx_aes_key_t *key); /** * @deprecated @@ -112,14 +114,14 @@ DEPRECATED static inline size_t cx_aes_init_key(const unsigned char *rawkey, * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_aes_iv_no_throw(const cx_aes_key_t *key, - uint32_t mode, - const uint8_t *iv, - size_t iv_len, - const uint8_t *in, - size_t in_len, - uint8_t *out, - size_t *out_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_iv_no_throw(const cx_aes_key_t *key, + uint32_t mode, + const uint8_t *iv, + size_t iv_len, + const uint8_t *in, + size_t in_len, + uint8_t *out, + size_t *out_len); /** * @deprecated @@ -179,12 +181,12 @@ DEPRECATED static inline size_t cx_aes_iv(const cx_aes_key_t *key, * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_aes_no_throw(const cx_aes_key_t *key, - uint32_t mode, - const uint8_t *in, - size_t in_len, - uint8_t *out, - size_t *out_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_no_throw(const cx_aes_key_t *key, + uint32_t mode, + const uint8_t *in, + size_t in_len, + uint8_t *out, + size_t *out_len); /** * @deprecated @@ -216,7 +218,9 @@ DEPRECATED static inline size_t cx_aes(const cx_aes_key_t *key, * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_aes_enc_block(const cx_aes_key_t *key, const uint8_t *inblock, uint8_t *outblock); +WARN_UNUSED_RESULT cx_err_t cx_aes_enc_block(const cx_aes_key_t *key, + const uint8_t *inblock, + uint8_t *outblock); /** * @brief Decrypts a 16-byte block using AES algorithm. @@ -232,8 +236,10 @@ cx_err_t cx_aes_enc_block(const cx_aes_key_t *key, const uint8_t *inblock, uint8 * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_aes_dec_block(const cx_aes_key_t *key, const uint8_t *inblock, uint8_t *outblock); - -#endif +WARN_UNUSED_RESULT cx_err_t cx_aes_dec_block(const cx_aes_key_t *key, + const uint8_t *inblock, + uint8_t *outblock); #endif // HAVE_AES + +#endif // LCX_AES_H diff --git a/lib_cxng/include/lcx_aes_gcm.h b/lib_cxng/include/lcx_aes_gcm.h index d7fd233ab..8ce2a145a 100644 --- a/lib_cxng/include/lcx_aes_gcm.h +++ b/lib_cxng/include/lcx_aes_gcm.h @@ -30,11 +30,11 @@ * @version 1.0 **/ -#if defined(HAVE_AES) && defined(HAVE_AES_GCM) - #ifndef LCX_AES_GCM_H #define LCX_AES_GCM_H +#if defined(HAVE_AES) && defined(HAVE_AES_GCM) + #include "ox.h" #include @@ -53,35 +53,48 @@ typedef struct { uint8_t flag; ///< Indicates either the IV has already been processed or not } cx_aes_gcm_context_t; -void cx_aes_gcm_init(cx_aes_gcm_context_t *ctx); -cx_err_t cx_aes_gcm_set_key(cx_aes_gcm_context_t *ctx, const uint8_t *raw_key, size_t key_len); -cx_err_t cx_aes_gcm_start(cx_aes_gcm_context_t *ctx, - uint32_t mode, - const uint8_t *iv, - size_t iv_len); -cx_err_t cx_aes_gcm_update_aad(cx_aes_gcm_context_t *ctx, const uint8_t *aad, size_t aad_len); -cx_err_t cx_aes_gcm_update(cx_aes_gcm_context_t *ctx, const uint8_t *in, uint8_t *out, size_t len); -cx_err_t cx_aes_gcm_finish(cx_aes_gcm_context_t *ctx, uint8_t *tag, size_t tag_len); -cx_err_t cx_aes_gcm_encrypt_and_tag(cx_aes_gcm_context_t *ctx, - uint8_t *in, - size_t len, - const uint8_t *iv, - size_t iv_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *out, - uint8_t *tag, - size_t tag_len); -cx_err_t cx_aes_gcm_decrypt_and_auth(cx_aes_gcm_context_t *ctx, - uint8_t *in, - size_t len, - const uint8_t *iv, - size_t iv_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *out, - const uint8_t *tag, - size_t tag_len); -cx_err_t cx_aes_gcm_check_tag(cx_aes_gcm_context_t *ctx, const uint8_t *tag, size_t tag_len); -#endif +void cx_aes_gcm_init(cx_aes_gcm_context_t *ctx); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_set_key(cx_aes_gcm_context_t *ctx, + const uint8_t *raw_key, + size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_start(cx_aes_gcm_context_t *ctx, + uint32_t mode, + const uint8_t *iv, + size_t iv_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_update_aad(cx_aes_gcm_context_t *ctx, + const uint8_t *aad, + size_t aad_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_update(cx_aes_gcm_context_t *ctx, + const uint8_t *in, + uint8_t *out, + size_t len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_finish(cx_aes_gcm_context_t *ctx, + uint8_t *tag, + size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_encrypt_and_tag(cx_aes_gcm_context_t *ctx, + uint8_t *in, + size_t len, + const uint8_t *iv, + size_t iv_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *out, + uint8_t *tag, + size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_decrypt_and_auth(cx_aes_gcm_context_t *ctx, + uint8_t *in, + size_t len, + const uint8_t *iv, + size_t iv_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *out, + const uint8_t *tag, + size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_gcm_check_tag(cx_aes_gcm_context_t *ctx, + const uint8_t *tag, + size_t tag_len); + #endif // HAVE_AES && HAVE_AES_GCM + +#endif // LCX_AES_GCM_H diff --git a/lib_cxng/include/lcx_aes_siv.h b/lib_cxng/include/lcx_aes_siv.h index 266ebbdfe..3b64340fd 100644 --- a/lib_cxng/include/lcx_aes_siv.h +++ b/lib_cxng/include/lcx_aes_siv.h @@ -53,7 +53,7 @@ typedef struct _cx_aes_siv_context { * @param[in] ctx Pointer to the AES-SIV context. * @return Error code. */ -cx_err_t cx_aes_siv_init(cx_aes_siv_context_t *ctx); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_init(cx_aes_siv_context_t *ctx); /** * @brief Sets the key to compute AES-SIV. @@ -71,7 +71,9 @@ cx_err_t cx_aes_siv_init(cx_aes_siv_context_t *ctx); * @param[in] key_bitlen Size of the key in bits. * @return Error code */ -cx_err_t cx_aes_siv_set_key(cx_aes_siv_context_t *ctx, const uint8_t *key, size_t key_bitlen); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_set_key(cx_aes_siv_context_t *ctx, + const uint8_t *key, + size_t key_bitlen); /** * @brief Starts the S2V algorithm following RFC5297 specification. @@ -85,10 +87,10 @@ cx_err_t cx_aes_siv_set_key(cx_aes_siv_context_t *ctx, const uint8_t *key, size_ * be 16 bytes. * @return Error code */ -cx_err_t cx_aes_siv_start(cx_aes_siv_context_t *ctx, - uint32_t mode, - const uint8_t *iv, - size_t iv_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_start(cx_aes_siv_context_t *ctx, + uint32_t mode, + const uint8_t *iv, + size_t iv_len); /** * @brief Processes additional data. @@ -98,7 +100,9 @@ cx_err_t cx_aes_siv_start(cx_aes_siv_context_t *ctx, * @param[in] aad_len Length of the additional data. * @return Error code. */ -cx_err_t cx_aes_siv_update_aad(cx_aes_siv_context_t *ctx, const uint8_t *aad, size_t aad_len); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_update_aad(cx_aes_siv_context_t *ctx, + const uint8_t *aad, + size_t aad_len); /** * @brief Processes plaintext or ciphertext with AES-CTR. @@ -110,10 +114,10 @@ cx_err_t cx_aes_siv_update_aad(cx_aes_siv_context_t *ctx, const uint8_t *aad, si * @param[in] len Length of the input. * @return Error code. */ -cx_err_t cx_aes_siv_update(cx_aes_siv_context_t *ctx, - const uint8_t *input, - uint8_t *output, - size_t len); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_update(cx_aes_siv_context_t *ctx, + const uint8_t *input, + uint8_t *output, + size_t len); /** * @brief Finishes the S2V algorithm and prepares for the @@ -126,10 +130,10 @@ cx_err_t cx_aes_siv_update(cx_aes_siv_context_t *ctx, * is given by the caller in case of decryption. * @return Error code. */ -cx_err_t cx_aes_siv_finish(cx_aes_siv_context_t *ctx, - const uint8_t *input, - size_t in_len, - uint8_t *tag); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_finish(cx_aes_siv_context_t *ctx, + const uint8_t *input, + size_t in_len, + uint8_t *tag); /** * @brief All-in-one encryption. @@ -145,13 +149,13 @@ cx_err_t cx_aes_siv_finish(cx_aes_siv_context_t *ctx, * will contain *16* bytes. * @return Error code. */ -cx_err_t cx_aes_siv_encrypt(cx_aes_siv_context_t *ctx, - const uint8_t *input, - size_t in_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *output, - uint8_t *tag); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_encrypt(cx_aes_siv_context_t *ctx, + const uint8_t *input, + size_t in_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *output, + uint8_t *tag); /** * @brief All-in-one decryption. @@ -167,13 +171,13 @@ cx_err_t cx_aes_siv_encrypt(cx_aes_siv_context_t *ctx, * The buffer must contain *16* bytes. * @return Error code */ -cx_err_t cx_aes_siv_decrypt(cx_aes_siv_context_t *ctx, - const uint8_t *input, - size_t in_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *output, - uint8_t *tag); +WARN_UNUSED_RESULT cx_err_t cx_aes_siv_decrypt(cx_aes_siv_context_t *ctx, + const uint8_t *input, + size_t in_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *output, + uint8_t *tag); #endif /* LCX_AES_SIV_H */ diff --git a/lib_cxng/include/lcx_blake2.h b/lib_cxng/include/lcx_blake2.h index f93a517d0..3acd3e6eb 100644 --- a/lib_cxng/include/lcx_blake2.h +++ b/lib_cxng/include/lcx_blake2.h @@ -24,10 +24,11 @@ * produces digests of any size between 1 and 64 bytes. It is specified at https://blake2.net. */ -#ifdef HAVE_BLAKE2 #ifndef LCX_BLAKE2_H #define LCX_BLAKE2_H +#ifdef HAVE_BLAKE2 + #include "lcx_wrappers.h" #include "lcx_hash.h" #include @@ -78,7 +79,7 @@ typedef struct cx_blake2b_s cx_blake2b_t; * - CX_OK * - CX_INVALID_PARAMETER */ -cx_err_t cx_blake2b_init_no_throw(cx_blake2b_t *hash, size_t out_len); +WARN_UNUSED_RESULT cx_err_t cx_blake2b_init_no_throw(cx_blake2b_t *hash, size_t out_len); /** * @deprecated @@ -111,12 +112,12 @@ DEPRECATED static inline int cx_blake2b_init(cx_blake2b_t *hash, unsigned int ou * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_blake2b_init2_no_throw(cx_blake2b_t *hash, - size_t out_len, - uint8_t *salt, - size_t salt_len, - uint8_t *perso, - size_t perso_len); +WARN_UNUSED_RESULT cx_err_t cx_blake2b_init2_no_throw(cx_blake2b_t *hash, + size_t out_len, + uint8_t *salt, + size_t salt_len, + uint8_t *perso, + size_t perso_len); /** * @deprecated @@ -133,6 +134,6 @@ DEPRECATED static inline int cx_blake2b_init2(cx_blake2b_t *hash, return CX_BLAKE2B; } -#endif - #endif // HAVE_BLAKE2 + +#endif // LCX_BLAKE2_H diff --git a/lib_cxng/include/lcx_blake3.h b/lib_cxng/include/lcx_blake3.h index fa4571c63..9d9bfd540 100644 --- a/lib_cxng/include/lcx_blake3.h +++ b/lib_cxng/include/lcx_blake3.h @@ -101,11 +101,11 @@ typedef struct { * * @return Error code. */ -cx_err_t cx_blake3_init(cx_blake3_t *hash, - uint8_t mode, - const unsigned char *key, - const void *context, - unsigned int context_len); +WARN_UNUSED_RESULT cx_err_t cx_blake3_init(cx_blake3_t *hash, + uint8_t mode, + const unsigned char *key, + const void *context, + unsigned int context_len); /** * @brief Computes the digest of a message using blake3. @@ -124,12 +124,12 @@ cx_err_t cx_blake3_init(cx_blake3_t *hash, * * @return Error code */ -cx_err_t cx_blake3(cx_blake3_t *hash, - uint8_t mode, - const void *input, - size_t input_len, - uint8_t *out, - size_t out_len); +WARN_UNUSED_RESULT cx_err_t cx_blake3(cx_blake3_t *hash, + uint8_t mode, + const void *input, + size_t input_len, + uint8_t *out, + size_t out_len); /** * @brief Adds more data to process to the context. @@ -142,7 +142,9 @@ cx_err_t cx_blake3(cx_blake3_t *hash, * * @return Error code. */ -cx_err_t cx_blake3_update(cx_blake3_t *hash, const void *input, size_t input_len); +WARN_UNUSED_RESULT cx_err_t cx_blake3_update(cx_blake3_t *hash, + const void *input, + size_t input_len); /** * @brief Finalizes the hash. @@ -155,7 +157,7 @@ cx_err_t cx_blake3_update(cx_blake3_t *hash, const void *input, size_t input_len * * @return Error code. */ -cx_err_t cx_blake3_final(cx_blake3_t *hash, uint8_t *output, size_t out_len); +WARN_UNUSED_RESULT cx_err_t cx_blake3_final(cx_blake3_t *hash, uint8_t *output, size_t out_len); #endif // LCX_BLAKE3_H #endif // HAVE_BLAKE3 diff --git a/lib_cxng/include/lcx_chacha.h b/lib_cxng/include/lcx_chacha.h index 171fa6a09..0589d083c 100644 --- a/lib_cxng/include/lcx_chacha.h +++ b/lib_cxng/include/lcx_chacha.h @@ -15,7 +15,6 @@ * See the License for the specific language governing permissions and * limitations under the License. ********************************************************************************/ -#if defined(HAVE_CHACHA) /** * @file lcx_chacha.h @@ -34,6 +33,8 @@ #ifndef LCX_CHACHA_H #define LCX_CHACHA_H +#if defined(HAVE_CHACHA) + #include "ox.h" #include @@ -79,7 +80,9 @@ void cx_chacha_init(cx_chacha_context_t *ctx, uint32_t nrounds); * * @return Error code */ -cx_err_t cx_chacha_set_key(cx_chacha_context_t *ctx, const uint8_t *key, size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_chacha_set_key(cx_chacha_context_t *ctx, + const uint8_t *key, + size_t key_len); /** * @brief Set the nonce and initial counter value. @@ -101,7 +104,9 @@ cx_err_t cx_chacha_set_key(cx_chacha_context_t *ctx, const uint8_t *key, size_t * * @return Error code */ -cx_err_t cx_chacha_start(cx_chacha_context_t *ctx, const uint8_t *iv, size_t iv_len); +WARN_UNUSED_RESULT cx_err_t cx_chacha_start(cx_chacha_context_t *ctx, + const uint8_t *iv, + size_t iv_len); /** * @brief Update the stream: encrypt or decrypt data. @@ -122,10 +127,10 @@ cx_err_t cx_chacha_start(cx_chacha_context_t *ctx, const uint8_t *iv, size_t iv_ * * @return Error code */ -cx_err_t cx_chacha_update(cx_chacha_context_t *ctx, - const uint8_t *input, - uint8_t *output, - size_t len); +WARN_UNUSED_RESULT cx_err_t cx_chacha_update(cx_chacha_context_t *ctx, + const uint8_t *input, + uint8_t *output, + size_t len); /** * @brief Encrypt or decrypt data with Chacha and a given key and nonce. @@ -150,14 +155,15 @@ cx_err_t cx_chacha_update(cx_chacha_context_t *ctx, * * @return Error code. */ -cx_err_t cx_chacha_cipher(uint32_t nrounds, - const uint8_t *key, - size_t key_len, - const uint8_t *iv, - size_t iv_len, - const uint8_t *input, - uint8_t *output, - size_t len); +WARN_UNUSED_RESULT cx_err_t cx_chacha_cipher(uint32_t nrounds, + const uint8_t *key, + size_t key_len, + const uint8_t *iv, + size_t iv_len, + const uint8_t *input, + uint8_t *output, + size_t len); -#endif /* LCX_CHACHA_H */ #endif // HAVE_CHACHA + +#endif // LCX_CHACHA_H diff --git a/lib_cxng/include/lcx_chacha_poly.h b/lib_cxng/include/lcx_chacha_poly.h index 74f2eec87..efa3659a8 100644 --- a/lib_cxng/include/lcx_chacha_poly.h +++ b/lib_cxng/include/lcx_chacha_poly.h @@ -15,8 +15,6 @@ * See the License for the specific language governing permissions and * limitations under the License. ********************************************************************************/ -#if defined(HAVE_CHACHA_POLY) -#if defined(HAVE_POLY1305) && defined(HAVE_CHACHA) /** * @file lcx_chacha_poly.h @@ -31,6 +29,9 @@ #ifndef LCX_CHACHA_POLY_H #define LCX_CHACHA_POLY_H +#if defined(HAVE_CHACHA_POLY) +#if defined(HAVE_POLY1305) && defined(HAVE_CHACHA) + #include "lcx_chacha.h" #include "lcx_poly1305.h" #include "ox.h" @@ -47,46 +48,54 @@ typedef struct { void cx_chachapoly_init(cx_chachapoly_context_t *ctx); -cx_err_t cx_chachapoly_set_key(cx_chachapoly_context_t *ctx, const uint8_t *key, size_t key_len); - -cx_err_t cx_chachapoly_start(cx_chachapoly_context_t *ctx, - uint32_t mode, - const uint8_t *iv, - size_t iv_len); - -cx_err_t cx_chachapoly_update_aad(cx_chachapoly_context_t *ctx, const uint8_t *aad, size_t aad_len); - -cx_err_t cx_chachapoly_update(cx_chachapoly_context_t *ctx, - const uint8_t *input, - uint8_t *output, - size_t len); - -cx_err_t cx_chachapoly_finish(cx_chachapoly_context_t *ctx, uint8_t *tag, size_t tag_len); - -cx_err_t cx_chachapoly_encrypt_and_tag(cx_chachapoly_context_t *ctx, - const uint8_t *input, - size_t len, - const uint8_t *iv, - size_t iv_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *output, - uint8_t *tag, - size_t tag_len); - -cx_err_t cx_chachapoly_decrypt_and_auth(cx_chachapoly_context_t *ctx, - const uint8_t *input, - size_t len, - const uint8_t *iv, - size_t iv_len, - const uint8_t *aad, - size_t aad_len, - uint8_t *output, - const uint8_t *tag, - size_t tag_len); - -cx_err_t cx_chachapoly_check_tag(cx_chachapoly_context_t *ctx, const uint8_t *tag, size_t tag_len); +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_set_key(cx_chachapoly_context_t *ctx, + const uint8_t *key, + size_t key_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_start(cx_chachapoly_context_t *ctx, + uint32_t mode, + const uint8_t *iv, + size_t iv_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_update_aad(cx_chachapoly_context_t *ctx, + const uint8_t *aad, + size_t aad_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_update(cx_chachapoly_context_t *ctx, + const uint8_t *input, + uint8_t *output, + size_t len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_finish(cx_chachapoly_context_t *ctx, + uint8_t *tag, + size_t tag_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_encrypt_and_tag(cx_chachapoly_context_t *ctx, + const uint8_t *input, + size_t len, + const uint8_t *iv, + size_t iv_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *output, + uint8_t *tag, + size_t tag_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_decrypt_and_auth(cx_chachapoly_context_t *ctx, + const uint8_t *input, + size_t len, + const uint8_t *iv, + size_t iv_len, + const uint8_t *aad, + size_t aad_len, + uint8_t *output, + const uint8_t *tag, + size_t tag_len); + +WARN_UNUSED_RESULT cx_err_t cx_chachapoly_check_tag(cx_chachapoly_context_t *ctx, + const uint8_t *tag, + size_t tag_len); -#endif /* LCX_CHACHA_POLY_H */ #endif // HAVE_POLY1305 && HAVE_CHACHA #endif // HAVE_CHACHA_POLY +#endif /* LCX_CHACHA_POLY_H */ diff --git a/lib_cxng/include/lcx_cipher.h b/lib_cxng/include/lcx_cipher.h index 7011870b6..168278be8 100644 --- a/lib_cxng/include/lcx_cipher.h +++ b/lib_cxng/include/lcx_cipher.h @@ -113,7 +113,7 @@ typedef struct { * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_cipher_init(cx_cipher_context_t *ctx); +WARN_UNUSED_RESULT cx_err_t cx_cipher_init(cx_cipher_context_t *ctx); /** * @brief Initialize and fill the context structure given the cipher info. @@ -138,7 +138,9 @@ cx_err_t cx_cipher_init(cx_cipher_context_t *ctx); * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_setup(cx_cipher_context_t *ctx, const cx_cipher_id_t type, uint32_t mode); +WARN_UNUSED_RESULT cx_err_t cx_cipher_setup(cx_cipher_context_t *ctx, + const cx_cipher_id_t type, + uint32_t mode); /** * @brief Set the key to use. @@ -160,10 +162,10 @@ cx_err_t cx_cipher_setup(cx_cipher_context_t *ctx, const cx_cipher_id_t type, ui * - CX_INVALID_PARAMETER_SIZE * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_setkey(cx_cipher_context_t *ctx, - const uint8_t *key, - uint32_t key_bitlen, - uint32_t operation); +WARN_UNUSED_RESULT cx_err_t cx_cipher_setkey(cx_cipher_context_t *ctx, + const uint8_t *key, + uint32_t key_bitlen, + uint32_t operation); /** * @brief Set the initialization vector. @@ -182,7 +184,9 @@ cx_err_t cx_cipher_setkey(cx_cipher_context_t *ctx, * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_setiv(cx_cipher_context_t *ctx, const uint8_t *iv, size_t iv_len); +WARN_UNUSED_RESULT cx_err_t cx_cipher_setiv(cx_cipher_context_t *ctx, + const uint8_t *iv, + size_t iv_len); /** * @brief Set the padding type. @@ -202,7 +206,7 @@ cx_err_t cx_cipher_setiv(cx_cipher_context_t *ctx, const uint8_t *iv, size_t iv_ * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_set_padding(cx_cipher_context_t *ctx, uint32_t padding); +WARN_UNUSED_RESULT cx_err_t cx_cipher_set_padding(cx_cipher_context_t *ctx, uint32_t padding); /** * @brief Encrypt or decrypt with the given context. @@ -231,11 +235,11 @@ cx_err_t cx_cipher_set_padding(cx_cipher_context_t *ctx, uint32_t padding); * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_update(cx_cipher_context_t *ctx, - const uint8_t *input, - size_t in_len, - uint8_t *output, - size_t *out_len); +WARN_UNUSED_RESULT cx_err_t cx_cipher_update(cx_cipher_context_t *ctx, + const uint8_t *input, + size_t in_len, + uint8_t *output, + size_t *out_len); /** * @brief Finalize the operation. @@ -259,7 +263,9 @@ cx_err_t cx_cipher_update(cx_cipher_context_t *ctx, * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_finish(cx_cipher_context_t *ctx, uint8_t *output, size_t *out_len); +WARN_UNUSED_RESULT cx_err_t cx_cipher_finish(cx_cipher_context_t *ctx, + uint8_t *output, + size_t *out_len); /** * @brief All-in-one encryption or decryption. @@ -289,13 +295,13 @@ cx_err_t cx_cipher_finish(cx_cipher_context_t *ctx, uint8_t *output, size_t *out * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_cipher_enc_dec(cx_cipher_context_t *ctx, - const uint8_t *iv, - size_t iv_len, - const uint8_t *input, - size_t in_len, - uint8_t *output, - size_t *out_len); +WARN_UNUSED_RESULT cx_err_t cx_cipher_enc_dec(cx_cipher_context_t *ctx, + const uint8_t *iv, + size_t iv_len, + const uint8_t *input, + size_t in_len, + uint8_t *output, + size_t *out_len); void cx_cipher_reset(cx_cipher_context_t *ctx); diff --git a/lib_cxng/include/lcx_cmac.h b/lib_cxng/include/lcx_cmac.h index 87ee442a5..c298f95a4 100644 --- a/lib_cxng/include/lcx_cmac.h +++ b/lib_cxng/include/lcx_cmac.h @@ -13,18 +13,22 @@ #include "lcx_cipher.h" #include "cx_errors.h" -cx_err_t cx_cmac_start(cx_cipher_context_t *ctx, const uint8_t *key, size_t key_bitlen); - -cx_err_t cx_cmac_update(cx_cipher_context_t *ctx, const uint8_t *input, size_t in_len); - -cx_err_t cx_cmac_finish(cx_cipher_context_t *ctx, uint8_t *output); - -cx_err_t cx_cmac(const cx_cipher_id_t type, - const uint8_t *key, - size_t key_bitlen, - const uint8_t *input, - size_t in_len, - uint8_t *output); +WARN_UNUSED_RESULT cx_err_t cx_cmac_start(cx_cipher_context_t *ctx, + const uint8_t *key, + size_t key_bitlen); + +WARN_UNUSED_RESULT cx_err_t cx_cmac_update(cx_cipher_context_t *ctx, + const uint8_t *input, + size_t in_len); + +WARN_UNUSED_RESULT cx_err_t cx_cmac_finish(cx_cipher_context_t *ctx, uint8_t *output); + +WARN_UNUSED_RESULT cx_err_t cx_cmac(const cx_cipher_id_t type, + const uint8_t *key, + size_t key_bitlen, + const uint8_t *input, + size_t in_len, + uint8_t *output); #endif /* LCX_CMAC_H */ diff --git a/lib_cxng/include/lcx_crc.h b/lib_cxng/include/lcx_crc.h index 884d5fb99..98fb545fb 100644 --- a/lib_cxng/include/lcx_crc.h +++ b/lib_cxng/include/lcx_crc.h @@ -23,11 +23,11 @@ * CRC-16 is a variant of CRC, an error-detecting code, with a 16-bit long check value. */ -#ifdef HAVE_CRC - #ifndef LCX_CRC_H #define LCX_CRC_H +#ifdef HAVE_CRC + #include #include @@ -60,6 +60,6 @@ uint16_t cx_crc16(const void *buffer, size_t len); */ uint16_t cx_crc16_update(uint16_t crc, const void *buffer, size_t len); -#endif - #endif // HAVE_CRC + +#endif // LCX_CRC_H diff --git a/lib_cxng/include/lcx_ecdh.h b/lib_cxng/include/lcx_ecdh.h index 77aaa6830..33eb89ca8 100644 --- a/lib_cxng/include/lcx_ecdh.h +++ b/lib_cxng/include/lcx_ecdh.h @@ -25,11 +25,11 @@ * are elements of a chosen elliptic curve. */ -#ifdef HAVE_ECDH - #ifndef LCX_ECDH_H #define LCX_ECDH_H +#ifdef HAVE_ECDH + #if defined(HAVE_ECDH) || defined(HAVE_X25519) || defined(HAVE_X448) #include "lcx_wrappers.h" @@ -72,12 +72,12 @@ * - CX_INVALID_PARAMETER_SIZE * - CX_EC_INFINITE_POINT */ -cx_err_t cx_ecdh_no_throw(const cx_ecfp_private_key_t *pvkey, - uint32_t mode, - const uint8_t *P, - size_t P_len, - uint8_t *secret, - size_t secret_len); +WARN_UNUSED_RESULT cx_err_t cx_ecdh_no_throw(const cx_ecfp_private_key_t *pvkey, + uint32_t mode, + const uint8_t *P, + size_t P_len, + uint8_t *secret, + size_t secret_len); /** * @deprecated @@ -132,7 +132,7 @@ DEPRECATED static inline size_t cx_ecdh(const cx_ecfp_private_key_t *pvkey, * - CX_EC_INFINITE_POINT * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_x25519(uint8_t *u, const uint8_t *k, size_t k_len); +WARN_UNUSED_RESULT cx_err_t cx_x25519(uint8_t *u, const uint8_t *k, size_t k_len); #endif // HAVE_X25519 #if defined(HAVE_X448) @@ -162,7 +162,7 @@ cx_err_t cx_x25519(uint8_t *u, const uint8_t *k, size_t k_len); * - CX_EC_INFINITE_POINT * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_x448(uint8_t *u, const uint8_t *k, size_t k_len); +WARN_UNUSED_RESULT cx_err_t cx_x448(uint8_t *u, const uint8_t *k, size_t k_len); #endif // HAVE_X448 #endif // HAVE_ECDH || HAVE_X25519 || HAVE_X448 diff --git a/lib_cxng/include/lcx_ecdsa.h b/lib_cxng/include/lcx_ecdsa.h index ae3007d36..0b7f6fd27 100644 --- a/lib_cxng/include/lcx_ecdsa.h +++ b/lib_cxng/include/lcx_ecdsa.h @@ -25,11 +25,11 @@ * RFC6979 for more details. */ -#ifdef HAVE_ECDSA - #ifndef LCX_ECDSA_H #define LCX_ECDSA_H +#ifdef HAVE_ECDSA + #include "lcx_wrappers.h" #include "lcx_ecfp.h" @@ -80,14 +80,14 @@ * - CX_EC_INFINITE_POINT * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_ecdsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, - uint32_t mode, - cx_md_t hashID, - const uint8_t *hash, - size_t hash_len, - uint8_t *sig, - size_t *sig_len, - uint32_t *info); +WARN_UNUSED_RESULT cx_err_t cx_ecdsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, + uint32_t mode, + cx_md_t hashID, + const uint8_t *hash, + size_t hash_len, + uint8_t *sig, + size_t *sig_len, + uint32_t *info); /** * @deprecated @@ -203,6 +203,6 @@ DEPRECATED static inline bool cx_ecdsa_verify(const cx_ecfp_public_key_t *pukey, return cx_ecdsa_verify_no_throw(pukey, hash, hash_len, sig, sig_len); } -#endif - #endif // HAVE_ECDSA + +#endif // LCX_ECDSA_H diff --git a/lib_cxng/include/lcx_ecfp.h b/lib_cxng/include/lcx_ecfp.h index 0c8941e22..c1c10e7c1 100644 --- a/lib_cxng/include/lcx_ecfp.h +++ b/lib_cxng/include/lcx_ecfp.h @@ -23,10 +23,11 @@ * Private and public keys initialization and key pair generation based on elliptic curves. */ -#ifdef HAVE_ECC #ifndef LCX_ECFP_H #define LCX_ECFP_H +#ifdef HAVE_ECC + #include "lcx_wrappers.h" #include "lcx_hash.h" #include "ox_ec.h" @@ -159,10 +160,10 @@ typedef struct cx_ecfp_640_private_key_s cx_ecfp_640_private_key_t; * - CX_EC_INVALID_POINT * - CX_EC_INFINITE_POINT */ -cx_err_t cx_ecfp_add_point_no_throw(cx_curve_t curve, - uint8_t *R, - const uint8_t *P, - const uint8_t *Q); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_add_point_no_throw(cx_curve_t curve, + uint8_t *R, + const uint8_t *P, + const uint8_t *Q); /** * @deprecated @@ -209,7 +210,10 @@ DEPRECATED static inline size_t cx_ecfp_add_point(cx_curve_t curve, * - CX_INVALID_PARAMETER * - CX_EC_INFINITE_POINT */ -cx_err_t cx_ecfp_scalar_mult_no_throw(cx_curve_t curve, uint8_t *P, const uint8_t *k, size_t k_len); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_scalar_mult_no_throw(cx_curve_t curve, + uint8_t *P, + const uint8_t *k, + size_t k_len); /** * @deprecated @@ -254,10 +258,10 @@ DEPRECATED static inline size_t cx_ecfp_scalar_mult(cx_curve_t curve, * - CX_EC_INVALID_CURVE * - INVALID_PARAMETER */ -cx_err_t cx_ecfp_init_public_key_no_throw(cx_curve_t curve, - const uint8_t *rawkey, - size_t key_len, - cx_ecfp_public_key_t *key); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_init_public_key_no_throw(cx_curve_t curve, + const uint8_t *rawkey, + size_t key_len, + cx_ecfp_public_key_t *key); /** * @deprecated @@ -292,10 +296,10 @@ DEPRECATED static inline size_t cx_ecfp_init_public_key(cx_curve_t cu * - CX_EC_INVALID_CURVE * - CX_INVALID_PARAMETER */ -cx_err_t cx_ecfp_init_private_key_no_throw(cx_curve_t curve, - const uint8_t *rawkey, - size_t key_len, - cx_ecfp_private_key_t *pvkey); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_init_private_key_no_throw(cx_curve_t curve, + const uint8_t *rawkey, + size_t key_len, + cx_ecfp_private_key_t *pvkey); /** * @deprecated @@ -335,10 +339,10 @@ DEPRECATED static inline size_t cx_ecfp_init_private_key(cx_curve_t * - CX_EC_INVALID_POINT * - CX_EC_INFINITE_POINT */ -cx_err_t cx_ecfp_generate_pair_no_throw(cx_curve_t curve, - cx_ecfp_public_key_t *pubkey, - cx_ecfp_private_key_t *privkey, - bool keepprivate); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_generate_pair_no_throw(cx_curve_t curve, + cx_ecfp_public_key_t *pubkey, + cx_ecfp_private_key_t *privkey, + bool keepprivate); /** * @deprecated @@ -380,11 +384,11 @@ DEPRECATED static inline int cx_ecfp_generate_pair(cx_curve_t curve, * - CX_EC_INVALID_POINT * - CX_EC_INFINITE_POINT */ -cx_err_t cx_ecfp_generate_pair2_no_throw(cx_curve_t curve, - cx_ecfp_public_key_t *pubkey, - cx_ecfp_private_key_t *privkey, - bool keepprivate, - cx_md_t hashID); +WARN_UNUSED_RESULT cx_err_t cx_ecfp_generate_pair2_no_throw(cx_curve_t curve, + cx_ecfp_public_key_t *pubkey, + cx_ecfp_private_key_t *privkey, + bool keepprivate, + cx_md_t hashID); /** * @deprecated @@ -436,13 +440,13 @@ DEPRECATED static inline int cx_ecfp_generate_pair2(cx_curve_t curve * - CX_INTERNAL_ERROR * */ -cx_err_t cx_eddsa_get_public_key_no_throw(const cx_ecfp_private_key_t *pvkey, - cx_md_t hashID, - cx_ecfp_public_key_t *pukey, - uint8_t *a, - size_t a_len, - uint8_t *h, - size_t h_len); +WARN_UNUSED_RESULT cx_err_t cx_eddsa_get_public_key_no_throw(const cx_ecfp_private_key_t *pvkey, + cx_md_t hashID, + cx_ecfp_public_key_t *pukey, + uint8_t *a, + size_t a_len, + uint8_t *h, + size_t h_len); /** * @deprecated @@ -481,7 +485,9 @@ DEPRECATED static inline void cx_eddsa_get_public_key(const cx_ecfp_private_key_ * - CX_INVALID_PARAMETER * - CX_EC_INFINITE_POINT */ -cx_err_t cx_edwards_compress_point_no_throw(cx_curve_t curve, uint8_t *p, size_t p_len); +WARN_UNUSED_RESULT cx_err_t cx_edwards_compress_point_no_throw(cx_curve_t curve, + uint8_t *p, + size_t p_len); /** * @deprecated @@ -516,7 +522,9 @@ DEPRECATED static inline void cx_edwards_compress_point(cx_curve_t curve, uint8_ * - CX_NO_RESIDUE * - INVALID_PARAMETER */ -cx_err_t cx_edwards_decompress_point_no_throw(cx_curve_t curve, uint8_t *p, size_t p_len); +WARN_UNUSED_RESULT cx_err_t cx_edwards_decompress_point_no_throw(cx_curve_t curve, + uint8_t *p, + size_t p_len); /** * @deprecated @@ -549,6 +557,6 @@ DEPRECATED static inline void cx_edward_decompress_point(cx_curve_t curve, uint8 #endif // HAVE_ECC_TWISTED_EDWARDS -#endif - #endif // HAVE_ECC + +#endif // LCX_ECFP_H diff --git a/lib_cxng/include/lcx_eddsa.h b/lib_cxng/include/lcx_eddsa.h index b9212693b..54f88686c 100644 --- a/lib_cxng/include/lcx_eddsa.h +++ b/lib_cxng/include/lcx_eddsa.h @@ -25,13 +25,13 @@ * for more details. */ -#ifdef HAVE_EDDSA +#ifndef LCX_EDDSA_H +#define LCX_EDDSA_H #include "lcx_ecfp.h" #include "lcx_wrappers.h" -#ifndef LCX_EDDSA_H -#define LCX_EDDSA_H +#ifdef HAVE_EDDSA /** * @brief Signs a message digest. @@ -71,12 +71,12 @@ * - CX_INTERNAL_ERROR * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_eddsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, - cx_md_t hashID, - const uint8_t *hash, - size_t hash_len, - uint8_t *sig, - size_t sig_len); +WARN_UNUSED_RESULT cx_err_t cx_eddsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, + cx_md_t hashID, + const uint8_t *hash, + size_t hash_len, + uint8_t *sig, + size_t sig_len); /** * @deprecated @@ -211,6 +211,6 @@ void cx_encode_coord(uint8_t *coord, int len, int sign); */ int cx_decode_coord(uint8_t *coord, int len); -#endif - #endif // HAVE_EDDSA + +#endif // LCX_EDDSA_H diff --git a/lib_cxng/include/lcx_groestl.h b/lib_cxng/include/lcx_groestl.h index f190d78e5..6fbed8b7f 100644 --- a/lib_cxng/include/lcx_groestl.h +++ b/lib_cxng/include/lcx_groestl.h @@ -73,7 +73,7 @@ size_t cx_groestl_get_output_size(const cx_groestl_t *ctx); * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_groestl_init_no_throw(cx_groestl_t *hash, size_t size); +WARN_UNUSED_RESULT cx_err_t cx_groestl_init_no_throw(cx_groestl_t *hash, size_t size); /** * @deprecated @@ -111,12 +111,12 @@ DEPRECATED static inline void cx_groestl_init(cx_groestl_t *hash, unsigned int s * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_groestl(cx_groestl_t *hash, - uint32_t mode, - const uint8_t *in, - size_t len, - uint8_t *out, - size_t out_len); +WARN_UNUSED_RESULT cx_err_t cx_groestl(cx_groestl_t *hash, + uint32_t mode, + const uint8_t *in, + size_t len, + uint8_t *out, + size_t out_len); /** * @brief Adds more data to hash. @@ -134,7 +134,7 @@ cx_err_t cx_groestl(cx_groestl_t *hash, * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_groestl_update(cx_groestl_t *ctx, const uint8_t *data, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_groestl_update(cx_groestl_t *ctx, const uint8_t *data, size_t len); /** * @brief Finalizes the hash. @@ -149,6 +149,7 @@ cx_err_t cx_groestl_update(cx_groestl_t *ctx, const uint8_t *data, size_t len); * @return Error code: * - CX_OK on success */ +// No need to add WARN_UNUSED_RESULT to cx_groestl_final(), it always returns CX_OK cx_err_t cx_groestl_final(cx_groestl_t *ctx, uint8_t *digest); #endif diff --git a/lib_cxng/include/lcx_hash.h b/lib_cxng/include/lcx_hash.h index d05098366..0716e1cca 100644 --- a/lib_cxng/include/lcx_hash.h +++ b/lib_cxng/include/lcx_hash.h @@ -36,11 +36,11 @@ * - SHA512 */ -#ifdef HAVE_HASH - #ifndef LCX_HASH_H #define LCX_HASH_H +#ifdef HAVE_HASH + #include "cx_errors.h" #include "lcx_wrappers.h" #include "lcx_common.h" @@ -143,12 +143,13 @@ size_t cx_hash_get_size(const cx_hash_t *ctx); * - INVALID_PARAMETER * - CX_INVALID_PARAMETER */ -cx_err_t cx_hash_no_throw(cx_hash_t *hash, - uint32_t mode, - const uint8_t *in, - size_t len, - uint8_t *out, - size_t out_len); +// WARN_UNUSED_RESULT cx_err_t cx_hash_no_throw(cx_hash_t *hash, +WARN_UNUSED_RESULT cx_err_t cx_hash_no_throw(cx_hash_t *hash, + uint32_t mode, + const uint8_t *in, + size_t len, + uint8_t *out, + size_t out_len); /** * @deprecated @@ -177,7 +178,7 @@ DEPRECATED static inline size_t cx_hash(cx_hash_t *hash, * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hash_init(cx_hash_t *hash, cx_md_t hash_id); +WARN_UNUSED_RESULT cx_err_t cx_hash_init(cx_hash_t *hash, cx_md_t hash_id); /** * @brief Initializes a hash context. @@ -199,7 +200,7 @@ cx_err_t cx_hash_init(cx_hash_t *hash, cx_md_t hash_id); * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hash_init_ex(cx_hash_t *hash, cx_md_t hash_id, size_t output_size); +WARN_UNUSED_RESULT cx_err_t cx_hash_init_ex(cx_hash_t *hash, cx_md_t hash_id, size_t output_size); /** * @brief Adds more data to hash. @@ -218,7 +219,7 @@ cx_err_t cx_hash_init_ex(cx_hash_t *hash, cx_md_t hash_id, size_t output_size); * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_hash_update(cx_hash_t *hash, const uint8_t *in, size_t in_len); +WARN_UNUSED_RESULT cx_err_t cx_hash_update(cx_hash_t *hash, const uint8_t *in, size_t in_len); /** * @brief Finalizes the hash. @@ -233,8 +234,8 @@ cx_err_t cx_hash_update(cx_hash_t *hash, const uint8_t *in, size_t in_len); * @return Error code: * - CX_OK on success */ -cx_err_t cx_hash_final(cx_hash_t *hash, uint8_t *digest); - -#endif +WARN_UNUSED_RESULT cx_err_t cx_hash_final(cx_hash_t *hash, uint8_t *digest); #endif // HAVE_HASH + +#endif // LCX_HASH_H diff --git a/lib_cxng/include/lcx_hmac.h b/lib_cxng/include/lcx_hmac.h index 80010b2b5..564388651 100644 --- a/lib_cxng/include/lcx_hmac.h +++ b/lib_cxng/include/lcx_hmac.h @@ -24,11 +24,12 @@ * which involves a hash function and a secret key. It enables * the verification of the integrity and the authenticity of a message. */ -#ifdef HAVE_HMAC #ifndef LCX_HMAC_H #define LCX_HMAC_H +#ifdef HAVE_HMAC + #include "lcx_wrappers.h" #include "lcx_hash.h" #include "lcx_ripemd160.h" @@ -73,9 +74,9 @@ typedef struct { * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_ripemd160_init_no_throw(cx_hmac_ripemd160_t *hmac, - const uint8_t *key, - size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_ripemd160_init_no_throw(cx_hmac_ripemd160_t *hmac, + const uint8_t *key, + size_t key_len); /** * @deprecated @@ -120,7 +121,9 @@ typedef struct { * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_sha224_init(cx_hmac_sha256_t *hmac, const uint8_t *key, unsigned int key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_sha224_init(cx_hmac_sha256_t *hmac, + const uint8_t *key, + unsigned int key_len); #endif #ifdef HAVE_SHA256 @@ -143,7 +146,9 @@ cx_err_t cx_hmac_sha224_init(cx_hmac_sha256_t *hmac, const uint8_t *key, unsigne * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_sha256_init_no_throw(cx_hmac_sha256_t *hmac, const uint8_t *key, size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_sha256_init_no_throw(cx_hmac_sha256_t *hmac, + const uint8_t *key, + size_t key_len); /** * @deprecated @@ -215,7 +220,9 @@ typedef struct { * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_sha384_init(cx_hmac_sha512_t *hmac, const uint8_t *key, unsigned int key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_sha384_init(cx_hmac_sha512_t *hmac, + const uint8_t *key, + unsigned int key_len); #endif #ifdef HAVE_SHA512 @@ -238,7 +245,9 @@ cx_err_t cx_hmac_sha384_init(cx_hmac_sha512_t *hmac, const uint8_t *key, unsigne * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_sha512_init_no_throw(cx_hmac_sha512_t *hmac, const uint8_t *key, size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_sha512_init_no_throw(cx_hmac_sha512_t *hmac, + const uint8_t *key, + size_t key_len); /** * @deprecated @@ -311,12 +320,12 @@ size_t cx_hmac_sha512(const uint8_t *key, * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_no_throw(cx_hmac_t *hmac, - uint32_t mode, - const uint8_t *in, - size_t len, - uint8_t *mac, - size_t mac_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_no_throw(cx_hmac_t *hmac, + uint32_t mode, + const uint8_t *in, + size_t len, + uint8_t *mac, + size_t mac_len); /** * @deprecated @@ -378,7 +387,10 @@ DEPRECATED static inline int cx_hmac(cx_hmac_t *hmac, * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_hmac_init(cx_hmac_t *hmac, cx_md_t hash_id, const uint8_t *key, size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_init(cx_hmac_t *hmac, + cx_md_t hash_id, + const uint8_t *key, + size_t key_len); /** * @brief Adds more data to compute the HMAC. @@ -397,7 +409,7 @@ cx_err_t cx_hmac_init(cx_hmac_t *hmac, cx_md_t hash_id, const uint8_t *key, size * - CX_INVALID_PARAMETER * - INVALID_PARAMETER */ -cx_err_t cx_hmac_update(cx_hmac_t *hmac, const uint8_t *in, size_t in_len); +WARN_UNUSED_RESULT cx_err_t cx_hmac_update(cx_hmac_t *hmac, const uint8_t *in, size_t in_len); /** * @brief Finalizes the HMAC algorithm. @@ -414,8 +426,8 @@ cx_err_t cx_hmac_update(cx_hmac_t *hmac, const uint8_t *in, size_t in_len); * @return Error code: * - CX_OK on success */ -cx_err_t cx_hmac_final(cx_hmac_t *ctx, uint8_t *out, size_t *out_len); - -#endif +WARN_UNUSED_RESULT cx_err_t cx_hmac_final(cx_hmac_t *ctx, uint8_t *out, size_t *out_len); #endif // HAVE_HMAC + +#endif // LCX_HMAC_H diff --git a/lib_cxng/include/lcx_math.h b/lib_cxng/include/lcx_math.h index 1cff13894..40b9a90d3 100644 --- a/lib_cxng/include/lcx_math.h +++ b/lib_cxng/include/lcx_math.h @@ -21,11 +21,11 @@ * @brief Basic arithmetic. */ -#ifdef HAVE_MATH - #ifndef LCX_MATH_H #define LCX_MATH_H +#ifdef HAVE_MATH + #include "lcx_wrappers.h" #include "ox_bn.h" @@ -51,7 +51,10 @@ * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_cmp_no_throw(const uint8_t *a, const uint8_t *b, size_t length, int *diff); +WARN_UNUSED_RESULT cx_err_t cx_math_cmp_no_throw(const uint8_t *a, + const uint8_t *b, + size_t length, + int *diff); /** * @deprecated @@ -83,7 +86,10 @@ DEPRECATED static inline int32_t cx_math_cmp(const uint8_t *a, const uint8_t *b, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_add_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_add_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *b, + size_t len); /** * @brief Adds two integers represented as byte arrays. @@ -138,7 +144,10 @@ static inline uint32_t cx_math_add(uint8_t *r, const uint8_t *a, const uint8_t * * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_sub_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_sub_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *b, + size_t len); /** * @brief Subtracts two integers represented as byte arrays. @@ -193,7 +202,10 @@ static inline uint32_t cx_math_sub(uint8_t *r, const uint8_t *a, const uint8_t * * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_mult_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_mult_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *b, + size_t len); /** * @deprecated @@ -231,11 +243,8 @@ DEPRECATED static inline void cx_math_mult(uint8_t *r, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_addm_no_throw(uint8_t *r, - const uint8_t *a, - const uint8_t *b, - const uint8_t *m, - size_t len); +WARN_UNUSED_RESULT cx_err_t +cx_math_addm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len); /** * @deprecated @@ -274,11 +283,8 @@ DEPRECATED static inline void cx_math_addm(uint8_t *r, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_subm_no_throw(uint8_t *r, - const uint8_t *a, - const uint8_t *b, - const uint8_t *m, - size_t len); +WARN_UNUSED_RESULT cx_err_t +cx_math_subm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len); /** * @deprecated @@ -317,11 +323,11 @@ DEPRECATED static inline void cx_math_subm(uint8_t *r, * - CX_INVALID_PARAMETER * - CX_INVALID_PARAMETER_VALUE */ -cx_err_t cx_math_multm_no_throw(uint8_t *r, - const uint8_t *a, - const uint8_t *b, - const uint8_t *m, - size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_multm_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *b, + const uint8_t *m, + size_t len); /** * @deprecated @@ -357,7 +363,10 @@ DEPRECATED static inline void cx_math_multm(uint8_t *r, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_modm_no_throw(uint8_t *v, size_t len_v, const uint8_t *m, size_t len_m); +WARN_UNUSED_RESULT cx_err_t cx_math_modm_no_throw(uint8_t *v, + size_t len_v, + const uint8_t *m, + size_t len_m); /** * @deprecated @@ -393,12 +402,12 @@ DEPRECATED static inline void cx_math_modm(uint8_t *v, size_t len_v, const uint8 * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_powm_no_throw(uint8_t *r, - const uint8_t *a, - const uint8_t *e, - size_t len_e, - const uint8_t *m, - size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_powm_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *e, + size_t len_e, + const uint8_t *m, + size_t len); /** * @deprecated @@ -435,7 +444,10 @@ DEPRECATED static inline void cx_math_powm(uint8_t *r, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_invprimem_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *m, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_invprimem_no_throw(uint8_t *r, + const uint8_t *a, + const uint8_t *m, + size_t len); /** * @deprecated @@ -471,7 +483,10 @@ DEPRECATED static inline void cx_math_invprimem(uint8_t *r, * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_invintm_no_throw(uint8_t *r, uint32_t a, const uint8_t *m, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_invintm_no_throw(uint8_t *r, + uint32_t a, + const uint8_t *m, + size_t len); /** * @deprecated @@ -501,7 +516,7 @@ DEPRECATED static inline void cx_math_invintm(uint8_t *r, uint32_t a, const uint * - CX_MEMORY_FULL * - CX_INVALID_PARAMETER */ -cx_err_t cx_math_is_prime_no_throw(const uint8_t *r, size_t len, bool *prime); +WARN_UNUSED_RESULT cx_err_t cx_math_is_prime_no_throw(const uint8_t *r, size_t len, bool *prime); /** * @deprecated @@ -531,7 +546,7 @@ DEPRECATED static inline bool cx_math_is_prime(const uint8_t *r, size_t len) * - CX_INTERNAL_ERROR * - CX_OVERFLOW */ -cx_err_t cx_math_next_prime_no_throw(uint8_t *r, uint32_t len); +WARN_UNUSED_RESULT cx_err_t cx_math_next_prime_no_throw(uint8_t *r, uint32_t len); /** * @deprecated @@ -562,6 +577,6 @@ static inline bool cx_math_is_zero(const uint8_t *a, size_t len) return 1; } -#endif // LCX_MATH_H - #endif // HAVE_MATH + +#endif // LCX_MATH_H diff --git a/lib_cxng/include/lcx_pbkdf2.h b/lib_cxng/include/lcx_pbkdf2.h index 85615d456..b3a9b052f 100644 --- a/lib_cxng/include/lcx_pbkdf2.h +++ b/lib_cxng/include/lcx_pbkdf2.h @@ -26,11 +26,11 @@ * It consists in iteratively deriving HMAC. */ -#ifdef HAVE_PBKDF2 - #ifndef LCX_PBKDF2_H #define LCX_PBKDF2_H +#ifdef HAVE_PBKDF2 + #include "lcx_wrappers.h" #include "lcx_hash.h" @@ -62,6 +62,7 @@ * - CX_OK * - CX_INVALID_PARAMETER */ +// No need to add WARN_UNUSED_RESULT, return value is never checked! cx_err_t cx_pbkdf2_no_throw(cx_md_t md_type, const uint8_t *password, size_t passwordlen, @@ -118,6 +119,6 @@ DEPRECATED static inline void cx_pbkdf2(cx_md_t md_type, #define cx_pbkdf2_sha512(password, password_len, salt, salt_len, iterations, out, out_len) \ cx_pbkdf2_no_throw(CX_SHA512, password, password_len, salt, salt_len, iterations, out, out_len) -#endif // LCX_PBKDF2_H - #endif // HAVE_PBKDF2 + +#endif // LCX_PBKDF2_H diff --git a/lib_cxng/include/lcx_poly1305.h b/lib_cxng/include/lcx_poly1305.h index 704264ba7..686b9430f 100644 --- a/lib_cxng/include/lcx_poly1305.h +++ b/lib_cxng/include/lcx_poly1305.h @@ -15,7 +15,6 @@ * See the License for the specific language governing permissions and * limitations under the License. ********************************************************************************/ -#if defined(HAVE_POLY1305) /** * @file lcx_poly1305.h @@ -35,6 +34,8 @@ #ifndef LCX_POLY1305_H #define LCX_POLY1305_H +#if defined(HAVE_POLY1305) + #include "ox.h" #include @@ -49,5 +50,6 @@ typedef struct { size_t block_len; ///< The number of bytes stored in 'block' } cx_poly1305_context_t; -#endif /* LCX_POLY1305_H */ #endif // HAVE_POLY1305 + +#endif // LCX_POLY1305_H diff --git a/lib_cxng/include/lcx_ripemd160.h b/lib_cxng/include/lcx_ripemd160.h index 1ca99eaf1..83914fc92 100644 --- a/lib_cxng/include/lcx_ripemd160.h +++ b/lib_cxng/include/lcx_ripemd160.h @@ -24,11 +24,11 @@ * "https://homes.esat.kuleuven.be/~bosselae/ripemd160.html"> RIPEMD-160 for more details. */ -#ifdef HAVE_RIPEMD160 - #ifndef LCX_RIPEMD160_H #define LCX_RIPEMD160_H +#ifdef HAVE_RIPEMD160 + #include "lcx_wrappers.h" #include "lcx_hash.h" @@ -59,7 +59,7 @@ typedef struct cx_ripemd160_s cx_ripemd160_t; * @return Error code: * - CX_OK on success */ -cx_err_t cx_ripemd160_init_no_throw(cx_ripemd160_t *hash); +WARN_UNUSED_RESULT cx_err_t cx_ripemd160_init_no_throw(cx_ripemd160_t *hash); /** * @brief Initializes a RIPEMD-160 context. @@ -71,7 +71,10 @@ cx_err_t cx_ripemd160_init_no_throw(cx_ripemd160_t *hash); */ static inline int cx_ripemd160_init(cx_ripemd160_t *hash) { +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-result" cx_ripemd160_init_no_throw(hash); +#pragma GCC diagnostic pop return CX_RIPEMD160; } @@ -90,6 +93,6 @@ static inline int cx_ripemd160_init(cx_ripemd160_t *hash) */ size_t cx_hash_ripemd160(const uint8_t *in, size_t in_len, uint8_t *out, size_t out_len); -#endif - #endif // HAVE_RIPEMD160 + +#endif // LCX_RIPEMD160_H diff --git a/lib_cxng/include/lcx_rng.h b/lib_cxng/include/lcx_rng.h index 087273862..c76973dbf 100644 --- a/lib_cxng/include/lcx_rng.h +++ b/lib_cxng/include/lcx_rng.h @@ -25,11 +25,11 @@ * random bytes. The random number can also be generated within a specific range. */ -#ifdef HAVE_RNG - #ifndef LCX_RNG_H #define LCX_RNG_H +#ifdef HAVE_RNG + #include "lcx_wrappers.h" #include "lcx_hash.h" @@ -147,16 +147,16 @@ static inline uint32_t cx_rng_u32_range(uint32_t a, uint32_t b) * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_rng_rfc6979(cx_md_t hash_id, - const uint8_t *x, - size_t x_len, - const uint8_t *h1, - size_t h1_len, - const uint8_t *q, - size_t q_len, - uint8_t *out, - size_t out_len); - -#endif // LCX_RNG_H +WARN_UNUSED_RESULT cx_err_t cx_rng_rfc6979(cx_md_t hash_id, + const uint8_t *x, + size_t x_len, + const uint8_t *h1, + size_t h1_len, + const uint8_t *q, + size_t q_len, + uint8_t *out, + size_t out_len); #endif // HAVE_RNG + +#endif // LCX_RNG_H diff --git a/lib_cxng/include/lcx_rsa.h b/lib_cxng/include/lcx_rsa.h index 01348ab19..a267c8330 100644 --- a/lib_cxng/include/lcx_rsa.h +++ b/lib_cxng/include/lcx_rsa.h @@ -152,11 +152,11 @@ typedef struct cx_rsa_4096_private_key_s cx_rsa_4096_private_key_t; * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_rsa_init_public_key_no_throw(const uint8_t *exponent, - size_t exponent_len, - const uint8_t *modulus, - size_t modulus_len, - cx_rsa_public_key_t *key); +WARN_UNUSED_RESULT cx_err_t cx_rsa_init_public_key_no_throw(const uint8_t *exponent, + size_t exponent_len, + const uint8_t *modulus, + size_t modulus_len, + cx_rsa_public_key_t *key); /** * @deprecated @@ -195,11 +195,11 @@ DEPRECATED static inline int cx_rsa_init_public_key(const unsigned char *exponen * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_rsa_init_private_key_no_throw(const uint8_t *exponent, - size_t exponent_len, - const uint8_t *modulus, - size_t modulus_len, - cx_rsa_private_key_t *key); +WARN_UNUSED_RESULT cx_err_t cx_rsa_init_private_key_no_throw(const uint8_t *exponent, + size_t exponent_len, + const uint8_t *modulus, + size_t modulus_len, + cx_rsa_private_key_t *key); /** * @deprecated @@ -249,12 +249,12 @@ DEPRECATED static inline int cx_rsa_init_private_key(const unsigned char *expon * - CX_INTERNAL_ERROR * - CX_OVERFLOW */ -cx_err_t cx_rsa_generate_pair_no_throw(size_t modulus_len, - cx_rsa_public_key_t *public_key, - cx_rsa_private_key_t *private_key, - const uint8_t *pub_exponent, - size_t exponent_len, - const uint8_t *externalPQ); +WARN_UNUSED_RESULT cx_err_t cx_rsa_generate_pair_no_throw(size_t modulus_len, + cx_rsa_public_key_t *public_key, + cx_rsa_private_key_t *private_key, + const uint8_t *pub_exponent, + size_t exponent_len, + const uint8_t *externalPQ); /** * @deprecated @@ -311,14 +311,14 @@ DEPRECATED static inline int cx_rsa_generate_pair(unsigned int modulus_ * - CX_MEMORY_FULL * - CX_NOT_LOCKED */ -cx_err_t cx_rsa_sign_with_salt_len(const cx_rsa_private_key_t *key, - uint32_t mode, - cx_md_t hashID, - const uint8_t *hash, - size_t hash_len, - uint8_t *sig, - size_t sig_len, - size_t salt_len); +WARN_UNUSED_RESULT cx_err_t cx_rsa_sign_with_salt_len(const cx_rsa_private_key_t *key, + uint32_t mode, + cx_md_t hashID, + const uint8_t *hash, + size_t hash_len, + uint8_t *sig, + size_t sig_len, + size_t salt_len); /** * @brief Computes a message digest signature according to RSA specification. @@ -358,13 +358,13 @@ cx_err_t cx_rsa_sign_with_salt_len(const cx_rsa_private_key_t *key, * - CX_MEMORY_FULL * - CX_NOT_LOCKED */ -cx_err_t cx_rsa_sign_no_throw(const cx_rsa_private_key_t *key, - uint32_t mode, - cx_md_t hashID, - const uint8_t *hash, - size_t hash_len, - uint8_t *sig, - size_t sig_len); +WARN_UNUSED_RESULT cx_err_t cx_rsa_sign_no_throw(const cx_rsa_private_key_t *key, + uint32_t mode, + cx_md_t hashID, + const uint8_t *hash, + size_t hash_len, + uint8_t *sig, + size_t sig_len); /** * @deprecated @@ -499,13 +499,13 @@ bool cx_rsa_verify(const cx_rsa_public_key_t *key, * - CX_MEMORY_FULL * - CX_NOT_LOCKED */ -cx_err_t cx_rsa_encrypt_no_throw(const cx_rsa_public_key_t *key, - uint32_t mode, - cx_md_t hashID, - const uint8_t *mesg, - size_t mesg_len, - uint8_t *enc, - size_t enc_len); +WARN_UNUSED_RESULT cx_err_t cx_rsa_encrypt_no_throw(const cx_rsa_public_key_t *key, + uint32_t mode, + cx_md_t hashID, + const uint8_t *mesg, + size_t mesg_len, + uint8_t *enc, + size_t enc_len); /** * @deprecated @@ -555,13 +555,13 @@ DEPRECATED static inline int cx_rsa_encrypt(const cx_rsa_public_key_t *key, * - CX_MEMORY_FULL * - CX_NOT_LOCKED */ -cx_err_t cx_rsa_decrypt_no_throw(const cx_rsa_private_key_t *key, - uint32_t mode, - cx_md_t hashID, - const uint8_t *mesg, - size_t mesg_len, - uint8_t *dec, - size_t *dec_len); +WARN_UNUSED_RESULT cx_err_t cx_rsa_decrypt_no_throw(const cx_rsa_private_key_t *key, + uint32_t mode, + cx_md_t hashID, + const uint8_t *mesg, + size_t mesg_len, + uint8_t *dec, + size_t *dec_len); /** * @deprecated diff --git a/lib_cxng/include/lcx_sha256.h b/lib_cxng/include/lcx_sha256.h index d1472c5a5..8c4c83e9b 100644 --- a/lib_cxng/include/lcx_sha256.h +++ b/lib_cxng/include/lcx_sha256.h @@ -27,11 +27,11 @@ * for more details. */ -#if defined(HAVE_SHA256) || defined(HAVE_SHA224) - #ifndef LCX_SHA256_H #define LCX_SHA256_H +#if defined(HAVE_SHA256) || defined(HAVE_SHA224) + #include "lcx_wrappers.h" #include "lcx_hash.h" #include @@ -67,6 +67,7 @@ typedef struct cx_sha256_s cx_sha256_t; * @return Error code: * - CX_OK on success */ +// No need to add WARN_UNUSED_RESULT to cx_sha224_init_no_throw(), it always returns CX_OK cx_err_t cx_sha224_init_no_throw(cx_sha256_t *hash); /** @@ -93,6 +94,7 @@ static inline int cx_sha224_init(cx_sha256_t *hash) * @return Error code: * - CX_OK on success */ +// No need to add WARN_UNUSED_RESULT to cx_sha256_init_no_throw(), it always returns CX_OK cx_err_t cx_sha256_init_no_throw(cx_sha256_t *hash); /** @@ -124,6 +126,6 @@ static inline int cx_sha256_init(cx_sha256_t *hash) */ size_t cx_hash_sha256(const uint8_t *in, size_t len, uint8_t *out, size_t out_len); -#endif - #endif // defined(HAVE_SHA256) || defined(HAVE_SHA224) + +#endif // LCX_SHA256_H diff --git a/lib_cxng/include/lcx_sha3.h b/lib_cxng/include/lcx_sha3.h index 50c1573d1..0c8874c1e 100644 --- a/lib_cxng/include/lcx_sha3.h +++ b/lib_cxng/include/lcx_sha3.h @@ -26,11 +26,11 @@ * for more details. */ -#ifdef HAVE_SHA3 - #ifndef LCX_SHA3_H #define LCX_SHA3_H +#ifdef HAVE_SHA3 + #include "lcx_common.h" #include "lcx_hash.h" #include @@ -67,7 +67,7 @@ typedef struct cx_sha3_s cx_sha3_t; * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_sha3_init_no_throw(cx_sha3_t *hash, size_t size); +WARN_UNUSED_RESULT cx_err_t cx_sha3_init_no_throw(cx_sha3_t *hash, size_t size); /** * @deprecated @@ -98,7 +98,7 @@ DEPRECATED static inline int cx_sha3_init(cx_sha3_t *hash, size_t size) * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_keccak_init_no_throw(cx_sha3_t *hash, size_t size); +WARN_UNUSED_RESULT cx_err_t cx_keccak_init_no_throw(cx_sha3_t *hash, size_t size); /** * @deprecated @@ -128,7 +128,7 @@ DEPRECATED static inline int cx_keccak_init(cx_sha3_t *hash, size_t size) * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_shake128_init_no_throw(cx_sha3_t *hash, size_t out_size); +WARN_UNUSED_RESULT cx_err_t cx_shake128_init_no_throw(cx_sha3_t *hash, size_t out_size); /** * @deprecated @@ -158,7 +158,7 @@ DEPRECATED static inline int cx_shake128_init(cx_sha3_t *hash, unsigned int out_ * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_shake256_init_no_throw(cx_sha3_t *hash, size_t out_size); +WARN_UNUSED_RESULT cx_err_t cx_shake256_init_no_throw(cx_sha3_t *hash, size_t out_size); /** * @deprecated @@ -190,7 +190,9 @@ DEPRECATED static inline int cx_shake256_init(cx_sha3_t *hash, unsigned int out_ * - CX_OK on success * - CX_INVALID_PARAMETER */ -cx_err_t cx_sha3_xof_init_no_throw(cx_sha3_t *hash, size_t size, size_t out_length); +WARN_UNUSED_RESULT cx_err_t cx_sha3_xof_init_no_throw(cx_sha3_t *hash, + size_t size, + size_t out_length); /** * @deprecated @@ -210,6 +212,6 @@ DEPRECATED static inline int cx_sha3_xof_init(cx_sha3_t *hash, } } -#endif - #endif // HAVE_SHA3 + +#endif // LCX_SHA3_H diff --git a/lib_cxng/include/lcx_sha512.h b/lib_cxng/include/lcx_sha512.h index 4b9790102..9f039366c 100644 --- a/lib_cxng/include/lcx_sha512.h +++ b/lib_cxng/include/lcx_sha512.h @@ -27,11 +27,11 @@ * for more details. */ -#if defined(HAVE_SHA384) || defined(HAVE_SHA512) - #ifndef LCX_SHA512_H #define LCX_SHA512_H +#if defined(HAVE_SHA384) || defined(HAVE_SHA512) + /** SHA-384 message digest size */ #define CX_SHA384_SIZE 48 /** SHA-512 message digest size */ @@ -58,6 +58,7 @@ typedef struct cx_sha512_s cx_sha512_t; * @return Error code: * - CX_OK on success */ +// No need to add WARN_UNUSED_RESULT to cx_sha384_init_no_throw(), it always returns CX_OK cx_err_t cx_sha384_init_no_throw(cx_sha512_t *hash); /** @@ -83,6 +84,7 @@ static inline int cx_sha384_init(cx_sha512_t *hash) * @return Error code: * - CX_OK on success */ +// No need to add WARN_UNUSED_RESULT to cx_sha512_init_no_throw(), it always returns CX_OK cx_err_t cx_sha512_init_no_throw(cx_sha512_t *hash); /** @@ -113,6 +115,6 @@ static inline int cx_sha512_init(cx_sha512_t *hash) */ size_t cx_hash_sha512(const uint8_t *in, size_t in_len, uint8_t *out, size_t out_len); -#endif - #endif // defined(HAVE_SHA384) || defined(HAVE_SHA512) + +#endif // LCX_SHA512_H diff --git a/lib_cxng/src/cx_blake2.h b/lib_cxng/src/cx_blake2.h index d5e957418..c2a4f9bc8 100644 --- a/lib_cxng/src/cx_blake2.h +++ b/lib_cxng/src/cx_blake2.h @@ -12,11 +12,12 @@ More information about the BLAKE2 hash function can be found at https://blake2.net. */ -#ifdef HAVE_BLAKE2 #ifndef CX_BLAKE2_H #define CX_BLAKE2_H +#ifdef HAVE_BLAKE2 + #include "lcx_blake2.h" #include #include @@ -213,6 +214,6 @@ int blake2(void *out, size_t outlen, const void *in, size_t inlen, const void *k } #endif -#endif - #endif // HAVE_BLAKE2 + +#endif // CX_BLAKE2_H diff --git a/lib_cxng/src/cx_blake2b.h b/lib_cxng/src/cx_blake2b.h index e8657ed13..593b2b2b1 100644 --- a/lib_cxng/src/cx_blake2b.h +++ b/lib_cxng/src/cx_blake2b.h @@ -16,11 +16,11 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_BLAKE2 - #ifndef CX_BLAKE2B_H #define CX_BLAKE2B_H +#ifdef HAVE_BLAKE2 + #include "lcx_wrappers.h" #include "lcx_blake2.h" #include @@ -28,7 +28,8 @@ extern const cx_hash_info_t cx_blake2b_info; -cx_err_t cx_blake2b_update(cx_blake2b_t *ctx, const uint8_t *data, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_blake2b_update(cx_blake2b_t *ctx, const uint8_t *data, size_t len); +// No need to add WARN_UNUSED_RESULT to cx_blake2b_final(), it always returns CX_OK cx_err_t cx_blake2b_final(cx_blake2b_t *ctx, uint8_t *digest); size_t cx_blake2b_get_output_size(const cx_blake2b_t *ctx); @@ -41,6 +42,6 @@ struct cx_xblake_s { }; typedef struct cx_xblake_s cx_xblake_t; -#endif // CX_BLAKE2B_H - #endif // HAVE_BLAKE2 + +#endif // CX_BLAKE2B_H diff --git a/lib_cxng/src/cx_cipher.h b/lib_cxng/src/cx_cipher.h index 8cc501072..bc84babcb 100644 --- a/lib_cxng/src/cx_cipher.h +++ b/lib_cxng/src/cx_cipher.h @@ -29,9 +29,9 @@ extern const cx_cipher_info_t cx_aes_192_info; extern const cx_cipher_info_t cx_aes_256_info; /** HW support */ -cx_err_t cx_aes_set_key_hw(const cx_aes_key_t *keys, uint32_t mode); -cx_err_t cx_aes_block_hw(const uint8_t *inblock, uint8_t *outblock); -void cx_aes_reset_hw(void); +WARN_UNUSED_RESULT cx_err_t cx_aes_set_key_hw(const cx_aes_key_t *keys, uint32_t mode); +WARN_UNUSED_RESULT cx_err_t cx_aes_block_hw(const uint8_t *inblock, uint8_t *outblock); +void cx_aes_reset_hw(void); #endif // HAVE_AES /** HW support */ diff --git a/lib_cxng/src/cx_cmac.h b/lib_cxng/src/cx_cmac.h index f516776fa..dd03b5c09 100644 --- a/lib_cxng/src/cx_cmac.h +++ b/lib_cxng/src/cx_cmac.h @@ -5,10 +5,13 @@ #ifdef HAVE_CMAC #include "cx_errors.h" +#include "decorators.h" #include #include -cx_err_t cx_cmac_shift_and_xor(uint8_t *output, uint8_t *input, size_t block_size); +WARN_UNUSED_RESULT cx_err_t cx_cmac_shift_and_xor(uint8_t *output, + uint8_t *input, + size_t block_size); #endif // HAVE_CMAC #endif /* CX_CMAC_H */ diff --git a/lib_cxng/src/cx_crc.h b/lib_cxng/src/cx_crc.h index ac1da5691..12fcda7aa 100644 --- a/lib_cxng/src/cx_crc.h +++ b/lib_cxng/src/cx_crc.h @@ -16,16 +16,16 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_CRC - #ifndef CX_CRC_H #define CX_CRC_H +#ifdef HAVE_CRC + #include #include uint32_t cx_crc32(const void *buf, size_t len); -#endif +#endif // HAVE_CRC -#endif +#endif // CX_CRC_H diff --git a/lib_cxng/src/cx_ecfp.h b/lib_cxng/src/cx_ecfp.h index 46fd5a8b9..b344655f1 100644 --- a/lib_cxng/src/cx_ecfp.h +++ b/lib_cxng/src/cx_ecfp.h @@ -16,11 +16,11 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_ECC - #ifndef CX_ECFP_H #define CX_ECFP_H +#ifdef HAVE_ECC + #include #include #include "lcx_ecfp.h" @@ -49,6 +49,6 @@ int cx_ecfp_decode_sig_der(const uint8_t *sig, const uint8_t **s, size_t *s_len); -#endif // CX_ECFP_H - #endif // HAVE_ECC + +#endif // CX_ECFP_H diff --git a/lib_cxng/src/cx_eddsa.h b/lib_cxng/src/cx_eddsa.h index e611f8e7d..5d5cd956a 100644 --- a/lib_cxng/src/cx_eddsa.h +++ b/lib_cxng/src/cx_eddsa.h @@ -16,20 +16,20 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_EDDSA - #ifndef CX_EDDSA_H #define CX_EDDSA_H -cx_err_t cx_eddsa_get_public_key_internal(const cx_ecfp_private_key_t *pv_key, - cx_md_t hashID, - cx_ecfp_public_key_t *pu_key, - uint8_t *a, - size_t a_len, - uint8_t *h, - size_t h_len, - uint8_t *scal /*temp uint8[114]*/); +#ifdef HAVE_EDDSA + +WARN_UNUSED_RESULT cx_err_t cx_eddsa_get_public_key_internal(const cx_ecfp_private_key_t *pv_key, + cx_md_t hashID, + cx_ecfp_public_key_t *pu_key, + uint8_t *a, + size_t a_len, + uint8_t *h, + size_t h_len, + uint8_t *scal /*temp uint8[114]*/); -#endif +#endif // HAVE_EDDSA -#endif +#endif // CX_EDDSA_H diff --git a/lib_cxng/src/cx_hash.h b/lib_cxng/src/cx_hash.h index 9eea396f3..4830168f2 100644 --- a/lib_cxng/src/cx_hash.h +++ b/lib_cxng/src/cx_hash.h @@ -16,11 +16,11 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_HASH - #ifndef CX_HASH_H #define CX_HASH_H +#ifdef HAVE_HASH + #include "lcx_hash.h" #include @@ -37,12 +37,12 @@ #define MAX_HASH_BLOCK_SIZE 128 #ifdef HAVE_BLAKE2 -cx_err_t cx_blake2b(cx_hash_t *hash, - uint32_t mode, - const uint8_t *in, - size_t in_len, - uint8_t *out, - size_t out_len); +WARN_UNUSED_RESULT cx_err_t cx_blake2b(cx_hash_t *hash, + uint32_t mode, + const uint8_t *in, + size_t in_len, + uint8_t *out, + size_t out_len); #endif const cx_hash_info_t *cx_hash_get_info(cx_md_t md_type); @@ -52,6 +52,6 @@ const cx_hash_info_t *cx_hash_get_info(cx_md_t md_type); */ void cx_hash_destroy(cx_hash_t *hash_ctx); -#endif - #endif // HAVE_HASH + +#endif // CX_HASH_H diff --git a/lib_cxng/src/cx_pbkdf2.h b/lib_cxng/src/cx_pbkdf2.h index 183e1bbc7..cd7830aea 100644 --- a/lib_cxng/src/cx_pbkdf2.h +++ b/lib_cxng/src/cx_pbkdf2.h @@ -16,11 +16,11 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_PBKDF2 - #ifndef CX_PBKDF2_H #define CX_PBKDF2_H +#ifdef HAVE_PBKDF2 + #include "lcx_hmac.h" #include @@ -54,14 +54,15 @@ struct cx_pbkdf2_s { }; typedef struct cx_pbkdf2_s cx_pbkdf2_t; -cx_err_t cx_pbkdf2_hmac(cx_md_t md_type, - const uint8_t *password, - size_t password_len, - const uint8_t *salt, - size_t salt_len, - uint32_t iterations, - uint8_t *key, - size_t key_len); +WARN_UNUSED_RESULT cx_err_t cx_pbkdf2_hmac(cx_md_t md_type, + const uint8_t *password, + size_t password_len, + const uint8_t *salt, + size_t salt_len, + uint32_t iterations, + uint8_t *key, + size_t key_len); -#endif // CX_PBKDF2_H #endif // HAVE_PBKDF2 + +#endif // CX_PBKDF2_H diff --git a/lib_cxng/src/cx_poly1305.h b/lib_cxng/src/cx_poly1305.h index c85ef272f..62d52ac60 100644 --- a/lib_cxng/src/cx_poly1305.h +++ b/lib_cxng/src/cx_poly1305.h @@ -15,11 +15,12 @@ * See the License for the specific language governing permissions and * limitations under the License. ********************************************************************************/ -#if defined(HAVE_POLY1305) #ifndef CX_POLY1305_H #define CX_POLY1305_H +#if defined(HAVE_POLY1305) + #include "lcx_poly1305.h" #include "ox.h" #include @@ -71,7 +72,9 @@ void cx_poly1305_set_key(cx_poly1305_context_t *ctx, const uint8_t *key); * * @return Error code */ -cx_err_t cx_poly1305_update(cx_poly1305_context_t *ctx, const uint8_t *input, size_t in_len); +WARN_UNUSED_RESULT cx_err_t cx_poly1305_update(cx_poly1305_context_t *ctx, + const uint8_t *input, + size_t in_len); /** * @brief Generate the Poly1305 Message @@ -85,7 +88,7 @@ cx_err_t cx_poly1305_update(cx_poly1305_context_t *ctx, const uint8_t *input, si * * @return Error code. */ -cx_err_t cx_poly1305_finish(cx_poly1305_context_t *ctx, uint8_t *tag); +WARN_UNUSED_RESULT cx_err_t cx_poly1305_finish(cx_poly1305_context_t *ctx, uint8_t *tag); /** * @brief Calculate the Poly1305 MAC of the input @@ -106,7 +109,11 @@ cx_err_t cx_poly1305_finish(cx_poly1305_context_t *ctx, uint8_t *tag); * * @return Error code */ -cx_err_t cx_poly1305_mac(const uint8_t *key, const uint8_t *input, size_t in_len, uint8_t *tag); +WARN_UNUSED_RESULT cx_err_t cx_poly1305_mac(const uint8_t *key, + const uint8_t *input, + size_t in_len, + uint8_t *tag); -#endif /* CX_POLY1305_H */ #endif // HAVE_POLY1305 + +#endif // CX_POLY1305_H diff --git a/lib_cxng/src/cx_ripemd160.h b/lib_cxng/src/cx_ripemd160.h index 96621601a..463c86fba 100644 --- a/lib_cxng/src/cx_ripemd160.h +++ b/lib_cxng/src/cx_ripemd160.h @@ -1,16 +1,36 @@ -#ifdef HAVE_RIPEMD160 + +/******************************************************************************* + * Ledger Nano S - Secure firmware + * (c) 2022 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ #ifndef CX_RIPEMD160_H #define CX_RIPEMD160_H +#ifdef HAVE_RIPEMD160 + #include "lcx_ripemd160.h" #include #include extern const cx_hash_info_t cx_ripemd160_info; -cx_err_t cx_ripemd160_update(cx_ripemd160_t *ctx, const uint8_t *data, size_t len); -cx_err_t cx_ripemd160_final(cx_ripemd160_t *ctx, uint8_t *digest); +WARN_UNUSED_RESULT cx_err_t cx_ripemd160_update(cx_ripemd160_t *ctx, + const uint8_t *data, + size_t len); +WARN_UNUSED_RESULT cx_err_t cx_ripemd160_final(cx_ripemd160_t *ctx, uint8_t *digest); #endif // HAVE_RIPEMD160 diff --git a/lib_cxng/src/cx_rng.h b/lib_cxng/src/cx_rng.h index 06941e0f7..611c4a31a 100644 --- a/lib_cxng/src/cx_rng.h +++ b/lib_cxng/src/cx_rng.h @@ -15,11 +15,12 @@ * See the License for the specific language governing permissions and * limitations under the License. ********************************************************************************/ -#ifdef HAVE_RNG #ifndef CX_RNG_H #define CX_RNG_H +#ifdef HAVE_RNG + #include void cx_rng_init(void); @@ -31,6 +32,6 @@ uint32_t cx_trng_u32(void); void cx_trng_lengthtest(void); #endif -#endif - #endif // HAVE_RNG + +#endif // CX_RNG_G diff --git a/lib_cxng/src/cx_rng_rfc6979.h b/lib_cxng/src/cx_rng_rfc6979.h index b7e37b411..1794cc4ee 100644 --- a/lib_cxng/src/cx_rng_rfc6979.h +++ b/lib_cxng/src/cx_rng_rfc6979.h @@ -16,11 +16,11 @@ * limitations under the License. ********************************************************************************/ -#ifdef HAVE_RNG_RFC6979 - #ifndef CX_RNG_RFC6979_H #define CX_RNG_RFC6979_H +#ifdef HAVE_RNG_RFC6979 + #include "libcxng.h" #include "cx_hash.h" #include @@ -58,17 +58,21 @@ typedef struct { }; } cx_rnd_rfc6979_ctx_t; -cx_err_t cx_rng_rfc6979_init(cx_rnd_rfc6979_ctx_t *rfc_ctx, - cx_md_t hash_id, - const uint8_t *x, - size_t x_len, - const uint8_t *h1, - size_t h1_len, - const uint8_t *q, - size_t q_len - /*const uint8_t *additional_input, size_t additional_input_len*/); +WARN_UNUSED_RESULT cx_err_t cx_rng_rfc6979_init( + cx_rnd_rfc6979_ctx_t *rfc_ctx, + cx_md_t hash_id, + const uint8_t *x, + size_t x_len, + const uint8_t *h1, + size_t h1_len, + const uint8_t *q, + size_t q_len + /*const uint8_t *additional_input, size_t additional_input_len*/); -cx_err_t cx_rng_rfc6979_next(cx_rnd_rfc6979_ctx_t *rfc_ctx, uint8_t *out, size_t out_len); -#endif // CX_HMAC_DRBG_H +WARN_UNUSED_RESULT cx_err_t cx_rng_rfc6979_next(cx_rnd_rfc6979_ctx_t *rfc_ctx, + uint8_t *out, + size_t out_len); #endif // HAVE_RNG_RFC6979 + +#endif // CX_RNG_RFC6979_H diff --git a/lib_cxng/src/cx_rsa.h b/lib_cxng/src/cx_rsa.h index 30365d15c..666dadf4f 100644 --- a/lib_cxng/src/cx_rsa.h +++ b/lib_cxng/src/cx_rsa.h @@ -40,11 +40,11 @@ size_t cx_pkcs1_get_hash_len(cx_md_t hID); * * @return em_len, if encoded 0 else */ -cx_err_t cx_pkcs1_emsa_v1o5_encode(cx_md_t hID, - uint8_t *em, - size_t em_len, - const uint8_t *mHash, - size_t mHashLen); +WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_v1o5_encode(cx_md_t hID, + uint8_t *em, + size_t em_len, + const uint8_t *mHash, + size_t mHashLen); /* * @param [in] hID underlaid hash (ignored, sha256 forced) * @param [in] em encoded message to verify @@ -73,12 +73,12 @@ bool cx_pkcs1_emsa_v1o5_verify(cx_md_t hID, * * @return em_len, if encoded 0 else */ -cx_err_t cx_pkcs1_emsa_pss_encode(cx_md_t hID, - uint8_t *em, - size_t em_len, - const uint8_t *mHash, - size_t mHashLen, - size_t *size); +WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode(cx_md_t hID, + uint8_t *em, + size_t em_len, + const uint8_t *mHash, + size_t mHashLen, + size_t *size); /* * @param [in] hID underlaid hash (ignored, sha256 forced) @@ -90,13 +90,13 @@ cx_err_t cx_pkcs1_emsa_pss_encode(cx_md_t hID, * * @return em_len, if encoded 0 else */ -cx_err_t cx_pkcs1_emsa_pss_encode_with_salt_len(cx_md_t hID, - uint8_t *em, - size_t em_len, - const uint8_t *mHash, - size_t mHashLen, - size_t mSaltLen, - size_t *size); +WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode_with_salt_len(cx_md_t hID, + uint8_t *em, + size_t em_len, + const uint8_t *mHash, + size_t mHashLen, + size_t mSaltLen, + size_t *size); /* The salt length is equal to the mHashLen value. * If another salt length is to be used, the @@ -142,11 +142,11 @@ bool cx_pkcs1_emsa_pss_verify_with_salt_len(cx_md_t hID, * * @return em_len, if encoded 0 else */ -cx_err_t cx_pkcs1_eme_v1o5_encode(cx_md_t hID, - uint8_t *em, - size_t em_len, - const uint8_t *mHash, - size_t mHashLen); +WARN_UNUSED_RESULT cx_err_t cx_pkcs1_eme_v1o5_encode(cx_md_t hID, + uint8_t *em, + size_t em_len, + const uint8_t *mHash, + size_t mHashLen); /* * @param [in] hID underlaid hash (ignored, sha256 forced) * @param [in] em encoded message @@ -171,11 +171,8 @@ size_t cx_pkcs1_eme_v1o5_decode(cx_md_t hID, * * @return em_len, if encoded 0 else */ -cx_err_t cx_pkcs1_eme_oaep_encode(cx_md_t hID, - uint8_t *em, - size_t em_len, - const uint8_t *m, - size_t mLen); +WARN_UNUSED_RESULT cx_err_t +cx_pkcs1_eme_oaep_encode(cx_md_t hID, uint8_t *em, size_t em_len, const uint8_t *m, size_t mLen); /* * @param [in] hID underlaid hash (ignored, sha256 forced) * @param [in] em encoded message @@ -185,11 +182,8 @@ cx_err_t cx_pkcs1_eme_oaep_encode(cx_md_t hID, * * @return decoded message length, -1 if decoding fail */ -cx_err_t cx_pkcs1_eme_oaep_decode(cx_md_t hID, - uint8_t *em, - size_t em_len, - uint8_t *m, - size_t *mLen); +WARN_UNUSED_RESULT cx_err_t +cx_pkcs1_eme_oaep_decode(cx_md_t hID, uint8_t *em, size_t em_len, uint8_t *m, size_t *mLen); // For PKCS1.5 #define PKCS1_DIGEST_BUFFER_LENGTH 64 @@ -238,10 +232,15 @@ extern uint8_t const C_cx_oid_sha3_256[CX_OID_SHA3_256_LENGTH]; extern uint8_t const C_cx_oid_sha3_512[CX_OID_SHA3_512_LENGTH]; #endif // HAVE_SHA3 -cx_err_t cx_rsa_get_public_components(const cx_rsa_public_key_t *key, uint8_t **e, uint8_t **n); -cx_err_t cx_rsa_get_private_components(const cx_rsa_private_key_t *key, uint8_t **d, uint8_t **n); +WARN_UNUSED_RESULT cx_err_t cx_rsa_get_public_components(const cx_rsa_public_key_t *key, + uint8_t **e, + uint8_t **n); +WARN_UNUSED_RESULT cx_err_t cx_rsa_get_private_components(const cx_rsa_private_key_t *key, + uint8_t **d, + uint8_t **n); -cx_err_t cx_rsa_private_key_ctx_size(const cx_rsa_private_key_t *key, size_t *size); +WARN_UNUSED_RESULT cx_err_t cx_rsa_private_key_ctx_size(const cx_rsa_private_key_t *key, + size_t *size); #endif // CX_RSA_H #endif // HAVE_RSA diff --git a/lib_cxng/src/cx_sha256.h b/lib_cxng/src/cx_sha256.h index a89a5cdff..53fa2ecd2 100644 --- a/lib_cxng/src/cx_sha256.h +++ b/lib_cxng/src/cx_sha256.h @@ -1,8 +1,26 @@ -#if defined(HAVE_SHA256) || defined(HAVE_SHA224) + +/******************************************************************************* + * Ledger Nano S - Secure firmware + * (c) 2022 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ #ifndef CX_SHA256_H #define CX_SHA256_H +#if defined(HAVE_SHA256) || defined(HAVE_SHA224) + #include "lcx_sha256.h" #include #include @@ -16,8 +34,10 @@ extern const cx_hash_info_t cx_sha224_info; extern const cx_hash_info_t cx_sha256_info; #endif // HAVE_SHA256 -cx_err_t cx_sha256_update(cx_sha256_t *ctx, const uint8_t *data, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_sha256_update(cx_sha256_t *ctx, const uint8_t *data, size_t len); +// No need to add WARN_UNUSED_RESULT to cx_sha256_final(), it always returns CX_OK cx_err_t cx_sha256_final(cx_sha256_t *ctx, uint8_t *digest); -#endif // CX_SHA256_H #endif // HAVE_SHA256 + +#endif // CX_SHA256_H diff --git a/lib_cxng/src/cx_sha3.h b/lib_cxng/src/cx_sha3.h index 96bab3f4c..7534a81f6 100644 --- a/lib_cxng/src/cx_sha3.h +++ b/lib_cxng/src/cx_sha3.h @@ -1,8 +1,26 @@ -#ifdef HAVE_SHA3 + +/******************************************************************************* + * Ledger Nano S - Secure firmware + * (c) 2022 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ #ifndef CX_SHA3_H #define CX_SHA3_H +#ifdef HAVE_SHA3 + #include "lcx_sha3.h" extern const cx_hash_info_t cx_sha3_info; @@ -10,10 +28,11 @@ extern const cx_hash_info_t cx_keccak_info; extern const cx_hash_info_t cx_shake128_info; extern const cx_hash_info_t cx_shake256_info; -cx_err_t cx_sha3_update(cx_sha3_t *ctx, const uint8_t *data, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_sha3_update(cx_sha3_t *ctx, const uint8_t *data, size_t len); +// No need to add WARN_UNUSED_RESULT to cx_sha3_final(), it always returns CX_OK cx_err_t cx_sha3_final(cx_sha3_t *ctx, uint8_t *digest); size_t cx_sha3_get_output_size(const cx_sha3_t *ctx); -#endif // CX_SHA3_H - #endif // HAVE_SHA3 + +#endif // CX_SHA3_H diff --git a/lib_cxng/src/cx_sha512.h b/lib_cxng/src/cx_sha512.h index ee2c2e289..11f42f009 100644 --- a/lib_cxng/src/cx_sha512.h +++ b/lib_cxng/src/cx_sha512.h @@ -1,8 +1,26 @@ -#if defined(HAVE_SHA512) || defined(HAVE_SHA384) + +/******************************************************************************* + * Ledger Nano S - Secure firmware + * (c) 2022 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ #ifndef CX_SHA512_H #define CX_SHA512_H +#if defined(HAVE_SHA512) || defined(HAVE_SHA384) + #include #include #include "lcx_sha512.h" @@ -15,9 +33,10 @@ extern const cx_hash_info_t cx_sha384_info; extern const cx_hash_info_t cx_sha512_info; #endif // HAVE_SHA512 -cx_err_t cx_sha512_update(cx_sha512_t *ctx, const uint8_t *data, size_t len); +WARN_UNUSED_RESULT cx_err_t cx_sha512_update(cx_sha512_t *ctx, const uint8_t *data, size_t len); +// No need to add WARN_UNUSED_RESULT to cx_sha512_final(), it always returns CX_OK cx_err_t cx_sha512_final(cx_sha512_t *ctx, uint8_t *digest); -#endif // CX_SHA512_H - #endif // defined(HAVE_SHA512) || defined(HAVE_SHA384) + +#endif // CX_SHA512_H diff --git a/lib_cxng/src/cx_utils.h b/lib_cxng/src/cx_utils.h index 7c805b520..679de2e88 100644 --- a/lib_cxng/src/cx_utils.h +++ b/lib_cxng/src/cx_utils.h @@ -91,6 +91,6 @@ void cx_swap_buffer64(uint64bits_t *v, int len); void cx_memxor(uint8_t *buf1, const uint8_t *buf2, size_t len); -#endif - uint8_t cx_constant_time_eq(const uint8_t *buf1, uint8_t *buf2, size_t len); + +#endif // CX_UTILS_H diff --git a/lib_standard_app/debug.c b/lib_standard_app/debug.c deleted file mode 100644 index ea1a396cb..000000000 --- a/lib_standard_app/debug.c +++ /dev/null @@ -1,71 +0,0 @@ -/***************************************************************************** - * (c) 2020 Ledger SAS. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *****************************************************************************/ - -#include // uint*_t -#include // memset, explicit_bzero - -#include "os.h" -#include "io.h" - -#ifdef HAVE_NBGL -#include "nbgl_use_case.h" -#endif - -#ifdef HAVE_DEBUG_THROWS -static char errordata[20]; - -WEAK void app_throw_info(unsigned int exception, unsigned int lr_val) -{ - snprintf(errordata, sizeof(errordata), "n%d, LR=0x%08X", exception, lr_val); -} - -static void review_choice(bool confirm) -{ - UNUSED(confirm); - os_sched_exit(-1); -} - -#ifdef HAVE_BAGL -UX_STEP_CB(ux_error, - bnnn_paging, - review_choice(true), - { - .title = "App error", - .text = errordata, - }); -UX_FLOW(ux_error_flow, &ux_error); -#endif - -WEAK void __attribute__((noreturn)) debug_display_throw_error(int exception) -{ - UNUSED(exception); - -#ifdef HAVE_BAGL - ux_flow_init(0, ux_error_flow, NULL); -#endif - -#ifdef HAVE_NBGL - nbgl_useCaseChoice( - &C_round_warning_64px, "App error", errordata, "Exit app", "Exit app", review_choice); -#endif - - // Block until the user approve and the app is quit - while (1) { - io_seproxyhal_io_heartbeat(); - } -} - -#endif diff --git a/lib_standard_app/debug.h b/lib_standard_app/debug.h deleted file mode 100644 index 0987417fc..000000000 --- a/lib_standard_app/debug.h +++ /dev/null @@ -1,3 +0,0 @@ -#pragma once - -WEAK void __attribute__((noreturn)) debug_display_throw_error(int exception); diff --git a/lib_standard_app/main.c b/lib_standard_app/main.c index 80cf336c7..e82647eac 100644 --- a/lib_standard_app/main.c +++ b/lib_standard_app/main.c @@ -19,7 +19,7 @@ #include "os.h" #include "io.h" -#include "debug.h" +#include "ledger_assert.h" #ifdef HAVE_SWAP #include "swap.h" @@ -72,8 +72,6 @@ static void standalone_app_main(void) } CATCH_OTHER(e) { - PRINTF("Exiting following exception: %d\n", e); - #ifdef HAVE_DEBUG_THROWS // Disable USB and BLE, the app have crashed and is going to be exited // This is necessary to avoid device freeze while displaying throw error @@ -90,7 +88,9 @@ static void standalone_app_main(void) BLE_power(0, NULL); #endif // Display crash info on screen for debug purpose - debug_display_throw_error(e); + assert_display_exit(); +#else + PRINTF("Exiting following exception: 0x%04X\n", e); #endif } FINALLY {} @@ -141,7 +141,7 @@ static void library_app_main(libargs_t *args) } CATCH_OTHER(e) { - PRINTF("Exiting following exception: %d\n", e); + PRINTF("Exiting following exception: 0x%04X\n", e); } FINALLY { diff --git a/lib_stusb_impl/usbd_impl.c b/lib_stusb_impl/usbd_impl.c index 72b286c45..7fdfac406 100644 --- a/lib_stusb_impl/usbd_impl.c +++ b/lib_stusb_impl/usbd_impl.c @@ -1018,8 +1018,14 @@ uint8_t USBD_HID_DataIn_impl(USBD_HandleTypeDef *pdev, uint8_t epnum) uint8_t USBD_HID_DataOut_impl(USBD_HandleTypeDef *pdev, uint8_t epnum, - uint8_t *buffer, - apdu_buffer_t *apdu_buf) +#ifndef HAVE_USB_HIDKBD + uint8_t *buffer, + apdu_buffer_t *apdu_buf +#else + __attribute__((unused)) uint8_t *buffer, + __attribute__((unused)) apdu_buffer_t *apdu_buf +#endif // HAVE_USB_HIDKBD +) { // only the data hid endpoint will receive data switch (epnum) { diff --git a/lib_ux/include/ux.h b/lib_ux/include/ux.h index d893cc347..8727ae1ea 100644 --- a/lib_ux/include/ux.h +++ b/lib_ux/include/ux.h @@ -579,6 +579,12 @@ extern bolos_ux_params_t G_ux_params; * Macro to process sequentially display a screen. The call finishes when the UX is completely * displayed, and the state of the MCU <-> SE exchanges is the same as before this macro call. */ +#ifdef HAVE_SE_SCREEN +#define UX_WAIT_DISPLAYED() \ + while (!UX_DISPLAYED()) { \ + UX_DISPLAY_NEXT_ELEMENT(); \ + } +#else #define UX_WAIT_DISPLAYED() \ while (!UX_DISPLAYED()) { \ /* We wait for the MCU event (should indicate display processed for a bagl element) */ \ @@ -593,6 +599,7 @@ extern bolos_ux_params_t G_ux_params; io_seproxyhal_general_status(); \ /* We wait for an ack of the MCU. */ \ io_seproxyhal_spi_recv(G_io_seproxyhal_spi_buffer, sizeof(G_io_seproxyhal_spi_buffer), 0); +#endif /** * Process button push events. Application's button event handler is called only if the ux app does diff --git a/src/app_metadata.c b/src/app_metadata.c new file mode 100644 index 000000000..ab2abf277 --- /dev/null +++ b/src/app_metadata.c @@ -0,0 +1,76 @@ +/******************************************************************************* + * Ledger - Secure firmware + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ + +#if !defined(HAVE_BOLOS) + +#include + +#include "bolos_target.h" + +#define STR_IMPL_(x) #x +#define STRINGIFY(x) STR_IMPL_(x) + +#define CREATE_METADATA_STRING_ITEM(ITEM_NAME, section_name) \ + __attribute__((section("ledger." #section_name))) \ + const char section_name[sizeof(ITEM_NAME) - 1] \ + = ITEM_NAME; + +#define CREATE_METADATA_STRING_ITEM_FROM_INT(ITEM_NAME, section_name) \ + CREATE_METADATA_STRING_ITEM(STRINGIFY(ITEM_NAME), section_name) + +#if defined(TARGET) +CREATE_METADATA_STRING_ITEM(TARGET, target) +#endif + +#if defined(TARGET_NAME) +CREATE_METADATA_STRING_ITEM(TARGET_NAME, target_name) +#endif + +#if defined(TARGET_ID) +CREATE_METADATA_STRING_ITEM_FROM_INT(TARGET_ID, target_id) +#endif + +#if defined(APPNAME) +CREATE_METADATA_STRING_ITEM(APPNAME, app_name) +#endif + +#if defined(APPVERSION) +CREATE_METADATA_STRING_ITEM(APPVERSION, app_version) +#endif + +#if defined(API_LEVEL) +CREATE_METADATA_STRING_ITEM_FROM_INT(API_LEVEL, api_level) +#endif + +#if defined(SDK_NAME) +CREATE_METADATA_STRING_ITEM(SDK_NAME, sdk_name) +#endif + +#if defined(SDK_VERSION) +CREATE_METADATA_STRING_ITEM(SDK_VERSION, sdk_version) +#endif + +#if defined(SDK_HASH) +CREATE_METADATA_STRING_ITEM(SDK_HASH, sdk_hash) +#endif + +#ifdef APP_INSTALL_PARAMS_DATA +__attribute__((section(".install_parameters"))) const uint8_t install_parameters[] + = {APP_INSTALL_PARAMS_DATA}; +#endif + +#endif diff --git a/src/checks.c b/src/checks.c index d77473095..20b496665 100644 --- a/src/checks.c +++ b/src/checks.c @@ -28,6 +28,7 @@ // This label ultimately comes from the application link. extern unsigned int const _install_parameters; +extern unsigned int const _einstall_parameters; #ifdef HAVE_BAGL @@ -173,8 +174,10 @@ void check_audited_app(void) { unsigned char data = BOLOS_FALSE; unsigned char *buffer = &data; - unsigned int length = os_parse_bertlv((unsigned char *) (&_install_parameters), - CHECK_NOT_AUDITED_MAX_LEN, + unsigned int install_parameters_len + = (unsigned char *) &_einstall_parameters - (unsigned char *) &_install_parameters; + unsigned int length = os_parse_bertlv((unsigned char *) &_install_parameters, + install_parameters_len, NULL, CHECK_NOT_AUDITED_TLV_TAG, 0x00, diff --git a/src/ledger_assert.c b/src/ledger_assert.c new file mode 100644 index 000000000..d39b76811 --- /dev/null +++ b/src/ledger_assert.c @@ -0,0 +1,147 @@ +/******************************************************************************* + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ + +#include + +#include "ledger_assert.h" +#include "os.h" +#if defined(HAVE_BAGL) || defined(HAVE_NBGL) +#include "ux.h" +#endif +#include "os_io_seproxyhal.h" + +#ifdef HAVE_NBGL +#include "nbgl_use_case.h" +#endif + +#ifndef ASSERT_BUFFER_LEN +#define ASSERT_BUFFER_LEN 24 +#endif + +#if defined(HAVE_LEDGER_ASSERT_DISPLAY) || defined(HAVE_DEBUG_THROWS) +static char assert_buffer[ASSERT_BUFFER_LEN]; +#endif + +#if defined(HAVE_LEDGER_ASSERT_DISPLAY) && defined(LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO) +void assert_display_lr_and_pc(int lr, int pc) +{ + char buff[LR_AND_PC_SIZE]; + + lr = compute_address_location(lr); + pc = compute_address_location(pc); + snprintf(buff, LR_AND_PC_SIZE, "LR=0x%08X\n PC=0x%08X\n", lr, pc); + strncat(assert_buffer, buff, LR_AND_PC_SIZE); +} +#endif + +#if defined(HAVE_LEDGER_ASSERT_DISPLAY) && defined(LEDGER_ASSERT_CONFIG_MESSAGE_INFO) +void assert_display_message(const char *message) +{ + char buff[MESSAGE_SIZE]; + + snprintf(buff, MESSAGE_SIZE, "%s\n", message); + strncat(assert_buffer, buff, MESSAGE_SIZE); +} +#endif + +#if defined(HAVE_LEDGER_ASSERT_DISPLAY) && defined(LEDGER_ASSERT_CONFIG_FILE_INFO) +void assert_display_file_info(const char *file, unsigned int line) +{ + char buff[FILE_SIZE]; + + snprintf(buff, FILE_SIZE, "%s::%d\n", file, line); + strncat(assert_buffer, buff, FILE_SIZE); +} +#endif + +#if defined(HAVE_PRINTF) && defined(LEDGER_ASSERT_CONFIG_LR_AND_PC_INFO) +void assert_print_lr_and_pc(int lr, int pc) +{ + lr = compute_address_location(lr); + pc = compute_address_location(pc); + PRINTF("LEDGER_ASSERT FAILED\n"); + PRINTF("=> LR: 0x%08X \n", lr); + PRINTF("=> PC: 0x%08X \n", pc); +} +#endif + +#if defined(HAVE_PRINTF) && defined(LEDGER_ASSERT_CONFIG_FILE_INFO) +void assert_print_file_info(const char *file, int line) +{ + PRINTF("%s::%d \n", file, line); +} +#endif + +#if defined(HAVE_PRINTF) && defined(LEDGER_ASSERT_CONFIG_MESSAGE_INFO) +void assert_print_message(const char *message) +{ + if (message) { + PRINTF("%s\n", message); + } +} +#endif + +#if defined(HAVE_DEBUG_THROWS) +void throw_display_lr(int e, int lr) +{ + lr = compute_address_location(lr); + snprintf(assert_buffer, ASSERT_BUFFER_LEN, "e=0x%04X\n LR=0x%08X\n", e, lr); +} +#endif + +#if defined(HAVE_PRINTF) && defined(HAVE_DEBUG_THROWS) +void throw_print_lr(int e, int lr) +{ + lr = compute_address_location(lr); + PRINTF("exception[0x%04X]: LR=0x%08X\n", e, lr); +} +#endif + +void assert_exit(bool confirm) +{ + UNUSED(confirm); + os_sched_exit(-1); +} + +#if defined(HAVE_LEDGER_ASSERT_DISPLAY) || defined(HAVE_DEBUG_THROWS) +#ifdef HAVE_BAGL +UX_STEP_CB(ux_error, + bnnn_paging, + assert_exit(true), + { + .title = "App error", + .text = assert_buffer, + }); +UX_FLOW(ux_error_flow, &ux_error); +#endif + +void __attribute__((noreturn)) assert_display_exit(void) +{ +#ifdef HAVE_BAGL + ux_flow_init(0, ux_error_flow, NULL); +#endif + +#ifdef HAVE_NBGL + nbgl_useCaseChoice( + &C_round_warning_64px, "App error", assert_buffer, "Exit app", "Exit app", assert_exit); +#endif + + // Block until the user approve and the app is quit + while (1) { + io_seproxyhal_io_heartbeat(); + } +} +#endif diff --git a/src/os.c b/src/os.c index 232b82375..a88e3001d 100644 --- a/src/os.c +++ b/src/os.c @@ -85,30 +85,28 @@ char os_secure_memcmp(const void *src1, const void *src2, size_t length) } #ifndef HAVE_BOLOS -#define MAIN_LINKER_SCRIPT_LOCATION 0xC0DE0000 +#include "ledger_assert.h" int main(void); -// This function can be used to declare a callback to THROW in the application -__attribute((weak)) void app_throw_info(unsigned int exception, unsigned int lr_val) +#define MAIN_LINKER_SCRIPT_LOCATION 0xC0DE0000 +int compute_address_location(int address) { - UNUSED(exception); - UNUSED(lr_val); + // Compute location before relocation (sort of anti PIC) + return address - (unsigned int) main + MAIN_LINKER_SCRIPT_LOCATION; } void os_longjmp(unsigned int exception) { - unsigned int lr_val; +#ifdef HAVE_DEBUG_THROWS + // Send to the app the info of exception and LR for debug purpose + DEBUG_THROW(exception); +#elif defined(HAVE_PRINTF) + int lr_val; __asm volatile("mov %0, lr" : "=r"(lr_val)); + lr_val = compute_address_location(lr_val); - // Compute location before relocation (sort of anti PIC) - lr_val = lr_val - (unsigned int) main + MAIN_LINKER_SCRIPT_LOCATION; - -#ifdef HAVE_PRINTF - PRINTF("exception[%d]: LR=0x%08X\n", exception, lr_val); -#endif // HAVE_PRINTF - - // Send to the app the info of exception and LR for debug purpose - app_throw_info(exception, lr_val); + PRINTF("exception[0x%04X]: LR=0x%08X\n", exception, lr_val); +#endif longjmp(try_context_get()->jmp_buf, exception); } diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index 14a3d8272..3e191eede 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -255,7 +255,7 @@ void io_seproxyhal_handle_nfc_recv_event(void) #endif unsigned int io_seproxyhal_handle_event(void) { -#if defined(HAVE_IO_USB) || defined(HAVE_BLE) +#ifdef HAVE_IO_USB unsigned int rx_len = U2BE(G_io_seproxyhal_spi_buffer, 1); #endif diff --git a/target/nanos/script.ld b/target/nanos/script.ld index 88c311626..447f13ff6 100644 --- a/target/nanos/script.ld +++ b/target/nanos/script.ld @@ -29,7 +29,7 @@ MEMORY } PAGE_SIZE = 64; -STACK_SIZE = DEFINED(stack_size) ? stack_size : 1024; +STACK_MIN_SIZE = DEFINED(stack_min_size) ? stack_min_size : 1024; END_STACK = ORIGIN(SRAM) + LENGTH(SRAM); /* @@ -81,6 +81,9 @@ SECTIONS _envram_data = .; _install_parameters = .; + *(.install_parameters) + KEEP(*(.install_parameters)) + _einstall_parameters = .; _nvram_end = .; } > FLASH = 0x00 @@ -125,15 +128,14 @@ SECTIONS app_stack_canary = .; PROVIDE(app_stack_canary = .); . += 4; - _stack_validation = .; - . = _stack_validation + STACK_SIZE; - _stack = ABSOLUTE(END_STACK) - STACK_SIZE; - PROVIDE( _stack = ABSOLUTE(END_STACK) - STACK_SIZE); + _stack = .; + PROVIDE( _stack = .); _estack = ABSOLUTE(END_STACK); PROVIDE( _estack = ABSOLUTE(END_STACK) ); } > SRAM = 0x00 + ASSERT( (_estack - _stack) >= STACK_MIN_SIZE, "stack section too small" ) /****************************************************************/ @@ -192,6 +194,16 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + ledger.target (INFO): { KEEP(*(ledger.target)) } + ledger.target_name (INFO): { KEEP(*(ledger.target_name)) } + ledger.target_id (INFO): { KEEP(*(ledger.target_id)) } + ledger.app_name (INFO): { KEEP(*(ledger.app_name)) } + ledger.app_version (INFO): { KEEP(*(ledger.app_version)) } + ledger.api_level (INFO): { KEEP(*(ledger.api_level)) } + ledger.sdk_name (INFO): { KEEP(*(ledger.sdk_name)) } + ledger.sdk_version (INFO): { KEEP(*(ledger.sdk_version)) } + ledger.sdk_hash (INFO): { KEEP(*(ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/nanos2/script.ld b/target/nanos2/script.ld index 8fd537a6b..62d995fa7 100644 --- a/target/nanos2/script.ld +++ b/target/nanos2/script.ld @@ -30,7 +30,7 @@ MEMORY } PAGE_SIZE = 512; -STACK_SIZE = 1500; +STACK_MIN_SIZE = DEFINED(stack_min_size) ? stack_min_size : 1500; END_STACK = ORIGIN(SRAM) + LENGTH(SRAM); ENTRY(main); @@ -75,6 +75,9 @@ SECTIONS _envram_data = .; _install_parameters = .; + *(.install_parameters) + KEEP(*(.install_parameters)) + _einstall_parameters = .; _nvram_end = .; } > FLASH = 0x00 @@ -113,15 +116,15 @@ SECTIONS app_stack_canary = .; PROVIDE(app_stack_canary = .); . += 4; - _stack_validation = .; - . = _stack_validation + STACK_SIZE; - _stack = ABSOLUTE(END_STACK) - STACK_SIZE; - PROVIDE( _stack = ABSOLUTE(END_STACK) - STACK_SIZE); + _stack = .; + PROVIDE( _stack = .); _estack = ABSOLUTE(END_STACK); PROVIDE( _estack = ABSOLUTE(END_STACK) ); } > SRAM = 0x00 + ASSERT( (_estack - _stack) >= STACK_MIN_SIZE, "stack section too small" ) + /****************************************************************/ /* DEBUG */ /****************************************************************/ @@ -168,6 +171,16 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + ledger.target (INFO): { KEEP(*(ledger.target)) } + ledger.target_name (INFO): { KEEP(*(ledger.target_name)) } + ledger.target_id (INFO): { KEEP(*(ledger.target_id)) } + ledger.app_name (INFO): { KEEP(*(ledger.app_name)) } + ledger.app_version (INFO): { KEEP(*(ledger.app_version)) } + ledger.api_level (INFO): { KEEP(*(ledger.api_level)) } + ledger.sdk_name (INFO): { KEEP(*(ledger.sdk_name)) } + ledger.sdk_version (INFO): { KEEP(*(ledger.sdk_version)) } + ledger.sdk_hash (INFO): { KEEP(*(ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/nanox/script.ld b/target/nanox/script.ld index 82b459121..aaca967eb 100644 --- a/target/nanox/script.ld +++ b/target/nanox/script.ld @@ -30,7 +30,7 @@ MEMORY } PAGE_SIZE = 256; -STACK_SIZE = 1500; +STACK_MIN_SIZE = DEFINED(stack_min_size) ? stack_min_size : 1500; END_STACK = ORIGIN(SRAM) + LENGTH(SRAM); ENTRY(main); @@ -77,6 +77,9 @@ SECTIONS _envram_data = .; _install_parameters = .; + *(.install_parameters) + KEEP(*(.install_parameters)) + _einstall_parameters = .; _nvram_end = .; } > FLASH @@ -124,15 +127,15 @@ SECTIONS app_stack_canary = .; PROVIDE(app_stack_canary = .); . += 4; - _stack_validation = .; - . = _stack_validation + STACK_SIZE; - _stack = ABSOLUTE(END_STACK) - STACK_SIZE; - PROVIDE( _stack = ABSOLUTE(END_STACK) - STACK_SIZE); + _stack = .; + PROVIDE( _stack = .); _estack = ABSOLUTE(END_STACK); PROVIDE( _estack = ABSOLUTE(END_STACK) ); } > SRAM + ASSERT( (_estack - _stack) >= STACK_MIN_SIZE, "stack section too small" ) + /****************************************************************/ /* DEBUG */ /****************************************************************/ @@ -179,6 +182,16 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + ledger.target (INFO): { KEEP(*(ledger.target)) } + ledger.target_name (INFO): { KEEP(*(ledger.target_name)) } + ledger.target_id (INFO): { KEEP(*(ledger.target_id)) } + ledger.app_name (INFO): { KEEP(*(ledger.app_name)) } + ledger.app_version (INFO): { KEEP(*(ledger.app_version)) } + ledger.api_level (INFO): { KEEP(*(ledger.api_level)) } + ledger.sdk_name (INFO): { KEEP(*(ledger.sdk_name)) } + ledger.sdk_version (INFO): { KEEP(*(ledger.sdk_version)) } + ledger.sdk_hash (INFO): { KEEP(*(ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/stax/script.ld b/target/stax/script.ld index 19b296a05..e3652fb9b 100644 --- a/target/stax/script.ld +++ b/target/stax/script.ld @@ -30,7 +30,7 @@ MEMORY } PAGE_SIZE = 512; -STACK_SIZE = 1500; +STACK_MIN_SIZE = DEFINED(stack_min_size) ? stack_min_size : 1500; END_STACK = ORIGIN(SRAM) + LENGTH(SRAM); ENTRY(main); @@ -76,6 +76,9 @@ SECTIONS _envram_data = .; _install_parameters = .; + *(.install_parameters) + KEEP(*(.install_parameters)) + _einstall_parameters = .; _nvram_end = .; } > FLASH = 0x00 @@ -114,15 +117,15 @@ SECTIONS app_stack_canary = .; PROVIDE(app_stack_canary = .); . += 4; - _stack_validation = .; - . = _stack_validation + STACK_SIZE; - _stack = ABSOLUTE(END_STACK) - STACK_SIZE; - PROVIDE( _stack = ABSOLUTE(END_STACK) - STACK_SIZE); + _stack = .; + PROVIDE( _stack = .); _estack = ABSOLUTE(END_STACK); PROVIDE( _estack = ABSOLUTE(END_STACK) ); } > SRAM = 0x00 + ASSERT( (_estack - _stack) >= STACK_MIN_SIZE, "stack section too small" ) + /****************************************************************/ /* DEBUG */ /****************************************************************/ @@ -169,6 +172,16 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + ledger.target (INFO): { KEEP(*(ledger.target)) } + ledger.target_name (INFO): { KEEP(*(ledger.target_name)) } + ledger.target_id (INFO): { KEEP(*(ledger.target_id)) } + ledger.app_name (INFO): { KEEP(*(ledger.app_name)) } + ledger.app_version (INFO): { KEEP(*(ledger.app_version)) } + ledger.api_level (INFO): { KEEP(*(ledger.api_level)) } + ledger.sdk_name (INFO): { KEEP(*(ledger.sdk_name)) } + ledger.sdk_version (INFO): { KEEP(*(ledger.sdk_version)) } + ledger.sdk_hash (INFO): { KEEP(*(ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start));