[libfreerdp] mark internal functions [[nodiscard]]

libfreerdp/crypto/cert_common.h

@@ -35,16 +35,25 @@ extern "C"
 {
 #endif
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL cert_info_create(rdpCertInfo* dst, const BIGNUM* rsa, const BIGNUM* rsa_e);
+
 	FREERDP_LOCAL void cert_info_free(rdpCertInfo* info);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL cert_info_clone(rdpCertInfo* dst, const rdpCertInfo* src);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL cert_info_read_modulus(rdpCertInfo* info, size_t size, wStream* s);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL cert_info_read_exponent(rdpCertInfo* info, size_t size, wStream* s);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL read_bignum(BYTE** dst, DWORD* length, const BIGNUM* num, BOOL alloc);
 
 #if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL X509* x509_from_rsa(const RSA* rsa);
 #endif
 

libfreerdp/crypto/certificate.c

@@ -926,8 +926,9 @@ static BOOL cert_write_rsa_signature(wStream* s, const void* sigData, size_t sig
 	if (!winpr_Digest(WINPR_MD_MD5, sigData, sigDataLen, signature, sizeof(signature)))
 		return FALSE;
 
-	crypto_rsa_private_encrypt(signature, sizeof(signature), priv_key_tssk, encryptedSignature,
-	                           sizeof(encryptedSignature));
+	if (crypto_rsa_private_encrypt(signature, sizeof(signature), priv_key_tssk, encryptedSignature,
+	                               sizeof(encryptedSignature)) < 0)
+		return FALSE;
 
 	if (!Stream_EnsureRemainingCapacity(s, 2 * sizeof(UINT16) + sizeof(encryptedSignature) + 8))
 		return FALSE;

libfreerdp/crypto/certificate.h

@@ -45,8 +45,11 @@ WINPR_ATTR_NODISCARD
 FREERDP_LOCAL rdpCertificate* freerdp_certificate_new_from_x509(const X509* xcert,
                                                                 const STACK_OF(X509) * chain);
 
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL BOOL freerdp_certificate_read_server_cert(rdpCertificate* certificate,
                                                         const BYTE* server_cert, size_t length);
+
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL SSIZE_T freerdp_certificate_write_server_cert(const rdpCertificate* certificate,
                                                             UINT32 dwVersion, wStream* s);
 
@@ -54,16 +57,22 @@ WINPR_ATTR_MALLOC(freerdp_certificate_free, 1)
 WINPR_ATTR_NODISCARD
 FREERDP_LOCAL rdpCertificate* freerdp_certificate_clone(const rdpCertificate* certificate);
 
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL const rdpCertInfo* freerdp_certificate_get_info(const rdpCertificate* certificate);
 
 /** \brief returns a pointer to a X509 structure.
  *  Call X509_free when done.
  */
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL X509* freerdp_certificate_get_x509(rdpCertificate* certificate);
 
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL size_t freerdp_certificate_get_chain_len(rdpCertificate* certificate);
+
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL X509* freerdp_certificate_get_chain_at(rdpCertificate* certificate, size_t offset);
 
+WINPR_ATTR_NODISCARD
 FREERDP_LOCAL BOOL freerdp_certificate_publickey_encrypt(const rdpCertificate* cert,
                                                          const BYTE* input, size_t cbInput,
                                                          BYTE** poutput, size_t* pcbOutput);

libfreerdp/crypto/crypto.h

@@ -33,15 +33,22 @@ extern "C"
 {
 #endif
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL SSIZE_T crypto_rsa_public_encrypt(const BYTE* input, size_t length,
 	                                                const rdpCertInfo* cert, BYTE* output,
 	                                                size_t output_length);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL SSIZE_T crypto_rsa_public_decrypt(const BYTE* input, size_t length,
 	                                                const rdpCertInfo* cert, BYTE* output,
 	                                                size_t output_length);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL SSIZE_T crypto_rsa_private_encrypt(const BYTE* input, size_t length,
 	                                                 const rdpPrivateKey* key, BYTE* output,
 	                                                 size_t output_length);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL SSIZE_T crypto_rsa_private_decrypt(const BYTE* input, size_t length,
 	                                                 const rdpPrivateKey* key, BYTE* output,
 	                                                 size_t output_length);

libfreerdp/crypto/opensslcompat.h

@@ -59,8 +59,11 @@
 #define BIO_meth_set_destroy(b, f) (b)->destroy = (f)
 #define BIO_meth_set_callback_ctrl(b, f) (b)->callback_ctrl = (f)
 
+WINPR_ATTR_NODISCARD
+FREERDP_LOCAL
 BIO_METHOD* BIO_meth_new(int type, const char* name);
-void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e, const BIGNUM** d);
+
+FREERDP_LOCAL void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e, const BIGNUM** d);
 
 #endif /* OPENSSL < 1.1.0 || LIBRESSL */
 #endif /* WITH_OPENSSL */
@@ -69,6 +72,7 @@ void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e, const BIGNUM
 #if defined(LIBRESSL_VERSION_NUMBER) || \
     (defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER < 0x1010000fL))
 
+WINPR_ATTR_NODISCARD
 static inline STACK_OF(X509) * sk_X509_deep_copy(const STACK_OF(X509) * sk,
                                                  X509* (*copyfunc)(const X509*),
                                                  void (*freefunc)(X509*))
@@ -106,6 +110,7 @@ fail:
  * While the TYPE_dup function take non const arguments
  * the TYPE_sk versions require the arguments to be const...
  */
+WINPR_ATTR_NODISCARD
 static inline X509* X509_const_dup(const X509* x509)
 {
 	X509* ptr = WINPR_CAST_CONST_PTR_AWAY(x509, X509*);

libfreerdp/crypto/privatekey.h

@@ -40,19 +40,30 @@ extern "C"
 		FREERDP_KEY_PARAM_RSA_N
 	};
 
+	WINPR_ATTR_MALLOC(freerdp_key_free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL rdpPrivateKey* freerdp_key_clone(const rdpPrivateKey* key);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL const rdpCertInfo* freerdp_key_get_info(const rdpPrivateKey* key);
+
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength);
 
 	/** \brief returns a pointer to a EVP_PKEY structure.
 	 *  Call EVP_PKEY_free when done.
 	 */
+	WINPR_ATTR_MALLOC(EVP_PKEY_free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL EVP_PKEY* freerdp_key_get_evp_pkey(const rdpPrivateKey* key);
 
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BYTE* freerdp_key_get_param(const rdpPrivateKey* key,
 	                                          enum FREERDP_KEY_PARAM param, size_t* plength);
 
+	WINPR_ATTR_NODISCARD
+	WINPR_ATTR_MALLOC(winpr_Digest_Free, 1)
 	FREERDP_LOCAL WINPR_DIGEST_CTX* freerdp_key_digest_sign(rdpPrivateKey* key,
 	                                                        WINPR_MD_TYPE digest);
 

libfreerdp/crypto/tls.h

@@ -98,23 +98,30 @@ extern "C"
 {
 #endif
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL const SSL_METHOD* freerdp_tls_get_ssl_method(BOOL isDtls, BOOL isClient);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL int freerdp_tls_connect(rdpTls* tls, BIO* underlying);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL TlsHandshakeResult freerdp_tls_connect_ex(rdpTls* tls, BIO* underlying,
 	                                                        const SSL_METHOD* methods);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL freerdp_tls_accept(rdpTls* tls, BIO* underlying, rdpSettings* settings);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL TlsHandshakeResult freerdp_tls_accept_ex(rdpTls* tls, BIO* underlying,
 	                                                       rdpSettings* settings,
 	                                                       const SSL_METHOD* methods);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL TlsHandshakeResult freerdp_tls_handshake(rdpTls* tls);
 
 	FREERDP_LOCAL BOOL freerdp_tls_send_alert(rdpTls* tls);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL int freerdp_tls_write_all(rdpTls* tls, const BYTE* data, size_t length);
 
 	FREERDP_LOCAL int freerdp_tls_set_alert_code(rdpTls* tls, int level, int description);

libfreerdp/crypto/x509_utils.h

@@ -33,28 +33,59 @@ extern "C"
 {
 #endif
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL WINPR_MD_TYPE x509_utils_get_signature_alg(const X509* xcert);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BYTE* x509_utils_get_hash(const X509* xcert, const char* hash, size_t* length);
 
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BYTE* x509_utils_to_pem(const X509* xcert, const STACK_OF(X509) * chain,
 	                                      size_t* length);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL X509* x509_utils_from_pem(const char* data, size_t length, BOOL fromFile);
 
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_subject(const X509* xcert);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_issuer(const X509* xcert);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_email(const X509* x509);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_upn(const X509* x509);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_date(const X509* x509, BOOL startDate);
 
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char* x509_utils_get_common_name(const X509* xcert, size_t* plength);
+
+	WINPR_ATTR_MALLOC(free, 1)
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL char** x509_utils_get_dns_names(const X509* xcert, size_t* count,
 	                                              size_t** pplengths);
 
 	FREERDP_LOCAL void x509_utils_dns_names_free(size_t count, size_t* lengths, char** dns_names);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL x509_utils_check_eku(const X509* scert, int nid);
+
 	FREERDP_LOCAL void x509_utils_print_info(const X509* xcert);
 
+	WINPR_ATTR_NODISCARD
 	FREERDP_LOCAL BOOL x509_utils_verify(X509* xcert, STACK_OF(X509) * chain,
 	                                     const char* certificate_store_path);