Skip to content

Commit f2faa0e

Browse files
harrisonkaiserharrisonkaiser
authored
Clang format tls/s2n_[a-h].*\.[ch] and enforce in CI (#3681)
1 parent 4e7627f commit f2faa0e

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

45 files changed

+681
-732
lines changed

.github/workflows/ci_clang_format_check.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
- check: 'tests/unit'
2323
exclude: "s2n_[^3a-cd-kt-z].*\\.c"
2424
- check: 'tls'
25-
exclude: "(tls\\/extensions)|(s2n_[a-h].*\\.[ch])"
25+
exclude: ''
2626
- check: 'tls/extensions'
2727
exclude: ''
2828
- check: 'utils'

tls/s2n_aead.c

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,16 +14,14 @@
1414
*/
1515

1616
#include "error/s2n_errno.h"
17-
18-
#include "utils/s2n_safety.h"
19-
#include "utils/s2n_mem.h"
20-
2117
#include "tls/s2n_connection.h"
2218
#include "tls/s2n_record.h"
19+
#include "utils/s2n_mem.h"
20+
#include "utils/s2n_safety.h"
2321

2422
/* Derive the AAD for an AEAD mode cipher suite from the connection state, per
2523
* RFC 5246 section 6.2.3.3 */
26-
S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t * sequence_number, uint8_t content_type, uint16_t record_length, struct s2n_blob *ad)
24+
S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t *sequence_number, uint8_t content_type, uint16_t record_length, struct s2n_blob *ad)
2725
{
2826
RESULT_ENSURE_REF(ad);
2927
RESULT_ENSURE_GTE(ad->size, S2N_TLS_MAX_AAD_LEN);
@@ -34,7 +32,7 @@ S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t * sequen
3432
/* ad = seq_num || record_type || version || length */
3533

3634
size_t idx = 0;
37-
for(; idx < S2N_TLS_SEQUENCE_NUM_LEN; idx++) {
35+
for (; idx < S2N_TLS_SEQUENCE_NUM_LEN; idx++) {
3836
data[idx] = sequence_number[idx];
3937
}
4038

tls/s2n_alerts.c

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -13,37 +13,36 @@
1313
* permissions and limitations under the License.
1414
*/
1515

16+
#include "tls/s2n_alerts.h"
17+
1618
#include <stdint.h>
1719
#include <sys/param.h>
1820

1921
#include "error/s2n_errno.h"
20-
21-
#include "tls/s2n_tls_parameters.h"
2222
#include "tls/s2n_connection.h"
2323
#include "tls/s2n_record.h"
2424
#include "tls/s2n_resume.h"
25-
#include "tls/s2n_alerts.h"
26-
27-
#include "utils/s2n_safety.h"
25+
#include "tls/s2n_tls_parameters.h"
2826
#include "utils/s2n_blob.h"
27+
#include "utils/s2n_safety.h"
2928

30-
#define S2N_TLS_ALERT_LEVEL_WARNING 1
31-
#define S2N_TLS_ALERT_LEVEL_FATAL 2
29+
#define S2N_TLS_ALERT_LEVEL_WARNING 1
30+
#define S2N_TLS_ALERT_LEVEL_FATAL 2
3231

3332
#define S2N_ALERT_CASE(error, alert_code) \
34-
case (error): \
35-
*alert = (alert_code); \
33+
case (error): \
34+
*alert = (alert_code); \
3635
return S2N_RESULT_OK
3736

3837
#define S2N_NO_ALERT(error) \
39-
case (error): \
38+
case (error): \
4039
RESULT_BAIL(S2N_ERR_NO_ALERT)
4140

4241
static S2N_RESULT s2n_translate_protocol_error_to_alert(int error_code, uint8_t *alert)
4342
{
4443
RESULT_ENSURE_REF(alert);
4544

46-
switch(error_code) {
45+
switch (error_code) {
4746
S2N_ALERT_CASE(S2N_ERR_MISSING_EXTENSION, S2N_TLS_ALERT_MISSING_EXTENSION);
4847

4948
/* TODO: The ERR_BAD_MESSAGE -> ALERT_UNEXPECTED_MESSAGE mapping
@@ -179,7 +178,7 @@ int s2n_error_get_alert(int error, uint8_t *alert)
179178

180179
POSIX_ENSURE_REF(alert);
181180

182-
switch(error_type) {
181+
switch (error_type) {
183182
case S2N_ERR_T_OK:
184183
case S2N_ERR_T_CLOSED:
185184
case S2N_ERR_T_BLOCKED:
@@ -219,7 +218,6 @@ int s2n_process_alert_fragment(struct s2n_connection *conn)
219218
POSIX_GUARD(s2n_stuffer_copy(&conn->in, &conn->alert_in, bytes_to_read));
220219

221220
if (s2n_stuffer_data_available(&conn->alert_in) == 2) {
222-
223221
/* Close notifications are handled as shutdowns */
224222
if (conn->alert_in_data[1] == S2N_TLS_ALERT_CLOSE_NOTIFY) {
225223
conn->closed = 1;
@@ -255,7 +253,7 @@ int s2n_queue_writer_close_alert_warning(struct s2n_connection *conn)
255253
alert[0] = S2N_TLS_ALERT_LEVEL_WARNING;
256254
alert[1] = S2N_TLS_ALERT_CLOSE_NOTIFY;
257255

258-
struct s2n_blob out = {.data = alert,.size = sizeof(alert) };
256+
struct s2n_blob out = { .data = alert, .size = sizeof(alert) };
259257

260258
/* If there is an alert pending or we've already sent a close_notify, do nothing */
261259
if (s2n_stuffer_data_available(&conn->writer_alert_out) || conn->close_notify_queued) {
@@ -280,7 +278,7 @@ static int s2n_queue_reader_alert(struct s2n_connection *conn, uint8_t level, ui
280278
alert[0] = level;
281279
alert[1] = error_code;
282280

283-
struct s2n_blob out = {.data = alert,.size = sizeof(alert) };
281+
struct s2n_blob out = { .data = alert, .size = sizeof(alert) };
284282

285283
/* If there is an alert pending, do nothing */
286284
if (s2n_stuffer_data_available(&conn->reader_alert_out)) {

tls/s2n_async_pkey.c

Lines changed: 52 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,10 @@
1414
*/
1515
#include "tls/s2n_async_pkey.h"
1616

17+
#include "api/s2n.h"
1718
#include "crypto/s2n_hash.h"
1819
#include "crypto/s2n_signature.h"
1920
#include "error/s2n_errno.h"
20-
#include "api/s2n.h"
2121
#include "tls/s2n_connection.h"
2222
#include "tls/s2n_handshake.h"
2323
#include "utils/s2n_blob.h"
@@ -27,27 +27,27 @@
2727

2828
struct s2n_async_pkey_decrypt_data {
2929
s2n_async_pkey_decrypt_complete on_complete;
30-
struct s2n_blob encrypted;
31-
struct s2n_blob decrypted;
32-
unsigned rsa_failed : 1;
30+
struct s2n_blob encrypted;
31+
struct s2n_blob decrypted;
32+
unsigned rsa_failed : 1;
3333
};
3434

3535
struct s2n_async_pkey_sign_data {
3636
s2n_async_pkey_sign_complete on_complete;
37-
struct s2n_hash_state digest;
38-
s2n_signature_algorithm sig_alg;
39-
struct s2n_blob signature;
37+
struct s2n_hash_state digest;
38+
s2n_signature_algorithm sig_alg;
39+
struct s2n_blob signature;
4040
};
4141

4242
struct s2n_async_pkey_op {
4343
s2n_async_pkey_op_type type;
4444
struct s2n_connection *conn;
4545
s2n_async_pkey_validation_mode validation_mode;
46-
unsigned complete : 1;
47-
unsigned applied : 1;
46+
unsigned complete : 1;
47+
unsigned applied : 1;
4848
union {
4949
struct s2n_async_pkey_decrypt_data decrypt;
50-
struct s2n_async_pkey_sign_data sign;
50+
struct s2n_async_pkey_sign_data sign;
5151
} op;
5252
};
5353

@@ -65,16 +65,16 @@ static S2N_RESULT s2n_async_get_actions(s2n_async_pkey_op_type type, const struc
6565
static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op);
6666

6767
static S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
68-
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete);
68+
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete);
6969
static S2N_RESULT s2n_async_pkey_sign_sync(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
70-
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete);
70+
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete);
7171

7272
static S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_blob *encrypted,
73-
struct s2n_blob * init_decrypted,
74-
s2n_async_pkey_decrypt_complete on_complete);
73+
struct s2n_blob *init_decrypted,
74+
s2n_async_pkey_decrypt_complete on_complete);
7575
static S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_blob *encrypted,
76-
struct s2n_blob * init_decrypted,
77-
s2n_async_pkey_decrypt_complete on_complete);
76+
struct s2n_blob *init_decrypted,
77+
s2n_async_pkey_decrypt_complete on_complete);
7878

7979
static S2N_RESULT s2n_async_pkey_decrypt_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *pkey);
8080
static S2N_RESULT s2n_async_pkey_decrypt_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn);
@@ -90,19 +90,23 @@ static S2N_RESULT s2n_async_pkey_get_input_sign(struct s2n_async_pkey_op *op, ui
9090
static S2N_RESULT s2n_async_pkey_op_set_output_sign(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len);
9191
static S2N_RESULT s2n_async_pkey_sign_free(struct s2n_async_pkey_op *op);
9292

93-
static const struct s2n_async_pkey_op_actions s2n_async_pkey_decrypt_op = { .perform = &s2n_async_pkey_decrypt_perform,
94-
.apply = &s2n_async_pkey_decrypt_apply,
95-
.get_input_size = &s2n_async_pkey_get_input_size_decrypt,
96-
.get_input = &s2n_async_pkey_get_input_decrypt,
97-
.set_output = &s2n_async_pkey_op_set_output_decrypt,
98-
.free = &s2n_async_pkey_decrypt_free };
93+
static const struct s2n_async_pkey_op_actions s2n_async_pkey_decrypt_op = {
94+
.perform = &s2n_async_pkey_decrypt_perform,
95+
.apply = &s2n_async_pkey_decrypt_apply,
96+
.get_input_size = &s2n_async_pkey_get_input_size_decrypt,
97+
.get_input = &s2n_async_pkey_get_input_decrypt,
98+
.set_output = &s2n_async_pkey_op_set_output_decrypt,
99+
.free = &s2n_async_pkey_decrypt_free
100+
};
99101

100-
static const struct s2n_async_pkey_op_actions s2n_async_pkey_sign_op = { .perform = &s2n_async_pkey_sign_perform,
101-
.apply = &s2n_async_pkey_sign_apply,
102-
.get_input_size = &s2n_async_pkey_get_input_size_sign,
103-
.get_input = &s2n_async_pkey_get_input_sign,
104-
.set_output = &s2n_async_pkey_op_set_output_sign,
105-
.free = &s2n_async_pkey_sign_free };
102+
static const struct s2n_async_pkey_op_actions s2n_async_pkey_sign_op = {
103+
.perform = &s2n_async_pkey_sign_perform,
104+
.apply = &s2n_async_pkey_sign_apply,
105+
.get_input_size = &s2n_async_pkey_get_input_size_sign,
106+
.get_input = &s2n_async_pkey_get_input_sign,
107+
.set_output = &s2n_async_pkey_op_set_output_sign,
108+
.free = &s2n_async_pkey_sign_free
109+
};
106110

107111
DEFINE_POINTER_CLEANUP_FUNC(struct s2n_async_pkey_op *, s2n_async_pkey_op_free);
108112

@@ -129,7 +133,7 @@ static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op)
129133
RESULT_ENSURE(*op == NULL, S2N_ERR_SAFETY);
130134

131135
/* allocate memory */
132-
DEFER_CLEANUP(struct s2n_blob mem = {0}, s2n_free);
136+
DEFER_CLEANUP(struct s2n_blob mem = { 0 }, s2n_free);
133137
RESULT_GUARD_POSIX(s2n_alloc(&mem, sizeof(struct s2n_async_pkey_op)));
134138
RESULT_GUARD_POSIX(s2n_blob_zero(&mem));
135139

@@ -142,7 +146,7 @@ static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op)
142146
}
143147

144148
S2N_RESULT s2n_async_pkey_decrypt(struct s2n_connection *conn, struct s2n_blob *encrypted,
145-
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
149+
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
146150
{
147151
RESULT_ENSURE_REF(conn);
148152
RESULT_ENSURE_REF(encrypted);
@@ -184,7 +188,7 @@ S2N_RESULT s2n_async_cb_execute(struct s2n_connection *conn, struct s2n_async_pk
184188
}
185189

186190
S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_blob *encrypted,
187-
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
191+
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
188192
{
189193
RESULT_ENSURE_REF(conn);
190194
RESULT_ENSURE_REF(encrypted);
@@ -199,7 +203,7 @@ S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_
199203
op->validation_mode = conn->config->async_pkey_validation_mode;
200204

201205
struct s2n_async_pkey_decrypt_data *decrypt = &op->op.decrypt;
202-
decrypt->on_complete = on_complete;
206+
decrypt->on_complete = on_complete;
203207

204208
RESULT_GUARD_POSIX(s2n_dup(encrypted, &decrypt->encrypted));
205209
RESULT_GUARD_POSIX(s2n_dup(init_decrypted, &decrypt->decrypted));
@@ -209,7 +213,7 @@ S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_
209213
}
210214

211215
S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_blob *encrypted,
212-
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
216+
struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete)
213217
{
214218
RESULT_ENSURE_REF(conn);
215219
RESULT_ENSURE_REF(encrypted);
@@ -225,7 +229,7 @@ S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_b
225229
}
226230

227231
S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
228-
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
232+
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
229233
{
230234
RESULT_ENSURE_REF(conn);
231235
RESULT_ENSURE_REF(digest);
@@ -241,7 +245,7 @@ S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algori
241245
}
242246

243247
S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
244-
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
248+
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
245249
{
246250
RESULT_ENSURE_REF(conn);
247251
RESULT_ENSURE_REF(digest);
@@ -258,8 +262,8 @@ S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_
258262
}
259263

260264
struct s2n_async_pkey_sign_data *sign = &op->op.sign;
261-
sign->on_complete = on_complete;
262-
sign->sig_alg = sig_alg;
265+
sign->on_complete = on_complete;
266+
sign->sig_alg = sig_alg;
263267

264268
RESULT_GUARD_POSIX(s2n_hash_new(&sign->digest));
265269
RESULT_GUARD_POSIX(s2n_hash_copy(&sign->digest, digest));
@@ -269,7 +273,7 @@ S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_
269273
}
270274

271275
S2N_RESULT s2n_async_pkey_sign_sync(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
272-
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
276+
struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete)
273277
{
274278
RESULT_ENSURE_REF(conn);
275279
RESULT_ENSURE_REF(digest);
@@ -334,7 +338,7 @@ int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection
334338

335339
POSIX_GUARD_RESULT(actions->apply(op, conn));
336340

337-
op->applied = true;
341+
op->applied = true;
338342
conn->handshake.async_state = S2N_ASYNC_COMPLETE;
339343

340344
/* Free up the decrypt/sign structs to avoid storing secrets for too long */
@@ -351,9 +355,11 @@ int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op)
351355
POSIX_ENSURE_REF(actions);
352356

353357
/* If applied the decrypt/sign structs were released in apply call */
354-
if (!op->applied) { POSIX_GUARD_RESULT(actions->free(op)); }
358+
if (!op->applied) {
359+
POSIX_GUARD_RESULT(actions->free(op));
360+
}
355361

356-
POSIX_GUARD(s2n_free_object(( uint8_t ** )&op, sizeof(struct s2n_async_pkey_op)));
362+
POSIX_GUARD(s2n_free_object((uint8_t **) &op, sizeof(struct s2n_async_pkey_op)));
357363

358364
return S2N_SUCCESS;
359365
}
@@ -442,17 +448,18 @@ S2N_RESULT s2n_async_pkey_sign_apply(struct s2n_async_pkey_op *op, struct s2n_co
442448
}
443449

444450
S2N_RESULT s2n_async_pkey_verify_signature(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
445-
struct s2n_hash_state *digest, struct s2n_blob *signature) {
451+
struct s2n_hash_state *digest, struct s2n_blob *signature)
452+
{
446453
RESULT_ENSURE_REF(conn);
447454
RESULT_ENSURE_REF(conn->handshake_params.our_chain_and_key);
448455
RESULT_ENSURE_REF(digest);
449456
RESULT_ENSURE_REF(signature);
450457

451458
/* Parse public key for the cert */
452-
DEFER_CLEANUP(struct s2n_pkey public_key = {0}, s2n_pkey_free);
459+
DEFER_CLEANUP(struct s2n_pkey public_key = { 0 }, s2n_pkey_free);
453460
s2n_pkey_type pkey_type = S2N_PKEY_TYPE_UNKNOWN;
454461
RESULT_GUARD_POSIX(s2n_asn1der_to_public_key_and_type(&public_key, &pkey_type,
455-
&conn->handshake_params.our_chain_and_key->cert_chain->head->raw));
462+
&conn->handshake_params.our_chain_and_key->cert_chain->head->raw));
456463
RESULT_ENSURE(s2n_pkey_verify(&public_key, sig_alg, digest, signature) == S2N_SUCCESS, S2N_ERR_VERIFY_SIGNATURE);
457464

458465
return S2N_RESULT_OK;
@@ -474,7 +481,7 @@ int s2n_async_pkey_op_set_validation_mode(struct s2n_async_pkey_op *op, s2n_asyn
474481
{
475482
POSIX_ENSURE_REF(op);
476483

477-
switch(mode) {
484+
switch (mode) {
478485
case S2N_ASYNC_PKEY_VALIDATION_FAST:
479486
case S2N_ASYNC_PKEY_VALIDATION_STRICT:
480487
op->validation_mode = mode;

tls/s2n_async_pkey.h

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -70,8 +70,8 @@ int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *da
7070
int s2n_async_pkey_op_set_validation_mode(struct s2n_async_pkey_op *op, s2n_async_pkey_validation_mode mode);
7171

7272
S2N_RESULT s2n_async_pkey_verify_signature(struct s2n_connection *conn, s2n_signature_algorithm sig_alg,
73-
struct s2n_hash_state *digest, struct s2n_blob *signature);
73+
struct s2n_hash_state *digest, struct s2n_blob *signature);
7474
S2N_RESULT s2n_async_pkey_decrypt(struct s2n_connection *conn, struct s2n_blob *encrypted, struct s2n_blob *init_decrypted,
75-
s2n_async_pkey_decrypt_complete on_complete);
75+
s2n_async_pkey_decrypt_complete on_complete);
7676
S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, struct s2n_hash_state *digest,
77-
s2n_async_pkey_sign_complete on_complete);
77+
s2n_async_pkey_sign_complete on_complete);

0 commit comments

Comments
 (0)