Minor review fixes
diff --git a/library/entropy.c b/library/entropy.c
index 9818a54..b4d1f29 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -258,7 +258,7 @@
{
int i;
volatile int ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
- volatile int have_one_strong_fi = 0;
+ volatile int have_one_strong_fi = MBEDTLS_ENTROPY_SOURCE_WEAK;
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
size_t olen;
@@ -276,7 +276,7 @@
mbedtls_platform_enforce_volatile_reads();
if( strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
- have_one_strong_fi = 1;
+ have_one_strong_fi = MBEDTLS_ENTROPY_SOURCE_STRONG;
else
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
@@ -303,10 +303,10 @@
cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
- if( have_one_strong_fi == 1 )
+ if( have_one_strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
{
mbedtls_platform_enforce_volatile_reads();
- if( have_one_strong_fi == 1 )
+ if( have_one_strong_fi == MBEDTLS_ENTROPY_SOURCE_STRONG )
{
return( ret );
}
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 11c6f46..479554d 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2342,7 +2342,7 @@
unsigned char* out,
unsigned add_length_tag )
{
- volatile int ret;
+ volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
/*
* Generate (part of) the pre-master secret as
@@ -2390,7 +2390,7 @@
unsigned char *out, size_t buflen,
size_t *olen )
{
- volatile int ret;
+ volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
size_t len_bytes = mbedtls_ssl_get_minor_ver( ssl ) ==
MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
mbedtls_pk_context *peer_pk = NULL;
@@ -2762,6 +2762,10 @@
unsigned char *buf,
size_t buflen )
{
+ /*
+ * Initialising to an error value would need a significant
+ * structural change to provide default flow assumes failure
+ */
volatile int ret = 0;
unsigned char *p;
unsigned char *end;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 611f26f..19bdc90 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1883,7 +1883,7 @@
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
{
- volatile int ret;
+ volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
ssl->handshake->key_derivation_done = MBEDTLS_SSL_FI_FLAG_UNSET;
@@ -2062,7 +2062,7 @@
else
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
- return( ret );
+ return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
}
else
@@ -2093,7 +2093,7 @@
else
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
- return( ret );
+ return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
}
else
@@ -2122,7 +2122,7 @@
else
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
- return( ret );
+ return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
}
else