X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=include%2Fopenssl%2Fct.h;h=ccbb8053041f56869ab7283dcaa01f0ceb5912c4;hp=6d2182f796f154c5f3de7a822aa25d4809d41272;hb=12d2d2818566561cbdda82a6ad1b3aab687fc020;hpb=a930afb6986fb8e22a59b2bfc5f1a19a8dc3388d

diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index 6d2182f796..ccbb805304 100644
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -187,7 +187,7 @@ sct_version_t SCT_get_version(const SCT *sct);
  * Set the version of an SCT.
  * Returns 1 on success, 0 if the version is unrecognized.
  */
-int SCT_set_version(SCT *sct, sct_version_t version);
+__owur int SCT_set_version(SCT *sct, sct_version_t version);
 
 /*
  * Returns the log entry type of the SCT.
@@ -196,9 +196,9 @@ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
 
 /*
  * Set the log entry type of an SCT.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+__owur int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
 
 /*
  * Gets the ID of the log that an SCT came from.
@@ -210,16 +210,17 @@ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
 /*
  * Set the log ID of an SCT to point directly to the *log_id specified.
  * The SCT takes ownership of the specified pointer.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+__owur int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
 
 /*
  * Set the log ID of an SCT.
  * This makes a copy of the log_id.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+__owur int SCT_set1_log_id(SCT *sct, const unsigned char *log_id,
+                           size_t log_id_len);
 
 /*
  * Gets the name of the log that an SCT came from.
@@ -249,9 +250,9 @@ int SCT_get_signature_nid(const SCT *sct);
  * Set the signature type of an SCT
  * For CT v1, this should be either NID_sha256WithRSAEncryption or
  * NID_ecdsa_with_SHA256.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set_signature_nid(SCT *sct, int nid);
+__owur int SCT_set_signature_nid(SCT *sct, int nid);
 
 /*
  * Set *ext to point to the extension data for the SCT. ext must not be NULL.
@@ -269,9 +270,10 @@ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
 /*
  * Set the extensions of an SCT.
  * This takes a copy of the ext.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+__owur int SCT_set1_extensions(SCT *sct, const unsigned char *ext,
+                               size_t ext_len);
 
 /*
  * Set *sig to point to the signature for the SCT. sig must not be NULL.
@@ -288,9 +290,10 @@ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
 
 /*
  * Set the signature of an SCT to be a copy of the *sig specified.
- * Returns 1 on success.
+ * Returns 1 on success, 0 otherwise.
  */
-int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+__owur int SCT_set1_signature(SCT *sct, const unsigned char *sig,
+                              size_t sig_len);
 
 /*
  * The origin of this SCT, e.g. TLS extension, OCSP response, etc.
@@ -301,13 +304,13 @@ sct_source_t SCT_get_source(const SCT *sct);
  * Set the origin of this SCT, e.g. TLS extension, OCSP response, etc.
  * Returns 1 on success, 0 otherwise.
  */
-int SCT_set_source(SCT *sct, sct_source_t source);
+__owur int SCT_set_source(SCT *sct, sct_source_t source);
 
 /*
  * Sets the source of all of the SCTs to the same value.
- * Returns 1 on success.
+ * Returns the number of SCTs whose source was set successfully.
  */
-int SCT_LIST_set_source(const STACK_OF(SCT) *scts, sct_source_t source);
+__owur int SCT_LIST_set_source(const STACK_OF(SCT) *scts, sct_source_t source);
 
 /*
  * Gets information about the log the SCT came from, if set.
@@ -344,17 +347,15 @@ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
 
 /*
  * Verifies an SCT with the given context.
- * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a
- * negative integer if an error occurs.
+ * Returns 1 if the SCT verifies successfully, 0 otherwise.
  */
-int SCT_verify(const SCT_CTX *sctx, const SCT *sct);
+__owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct);
 
 /*
  * Verifies an SCT against the provided data.
- * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a
- * negative integer if an error occurs.
+ * Returns 1 if the SCT verifies successfully, 0 otherwise.
  */
-int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
+__owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
                   X509_PUBKEY *log_pubkey, X509 *issuer_cert);
 
 /*
@@ -370,7 +371,7 @@ sct_validation_status_t SCT_get_validation_status(const SCT *sct);
  * Returns 0 if the SCT is invalid or could not be verified.
  * Returns -1 if an error occurs.
  */
-int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+__owur int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
 
 /*
  * Validates the given list of SCTs with the provided context.
@@ -379,7 +380,8 @@ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
  * Returns 0 if at least one SCT is invalid or could not be verified.
  * Returns a negative integer if an error occurs.
  */
-int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
+__owur int SCT_LIST_validate(const STACK_OF(SCT) *scts,
+                             CT_POLICY_EVAL_CTX *ctx);
 
 
 /*********************************
@@ -398,7 +400,7 @@ int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
  * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
  * on success.
  */
-int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+__owur int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
 
 /*
  * Convert TLS format SCT list to a stack of SCTs.
@@ -425,7 +427,7 @@ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
  * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
  * on success.
  */
-int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp);
+__owur int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp);
 
 /*
  * Parses an SCT list in DER format and returns it.
@@ -449,7 +451,7 @@ STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
  * to it.
  * The length of the SCT in TLS format will be returned.
  */
-int i2o_SCT(const SCT *sct, unsigned char **out);
+__owur int i2o_SCT(const SCT *sct, unsigned char **out);
 
 /*
  * Parses an SCT in TLS format and returns it.
@@ -472,7 +474,7 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
 * If |out| points to an allocated string, the signature will be written to it.
 * The length of the signature in TLS format will be returned.
 */
-int i2o_SCT_signature(const SCT *sct, unsigned char **out);
+__owur int i2o_SCT_signature(const SCT *sct, unsigned char **out);
 
 /*
 * Parses an SCT signature in TLS format and populates the |sct| with it.
@@ -481,7 +483,7 @@ int i2o_SCT_signature(const SCT *sct, unsigned char **out);
 * |len| should be the length of the signature in |in|.
 * Returns the number of bytes parsed, or a negative integer if an error occurs.
 */
-int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
+__owur int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
 
 /********************
  * CT log functions *
@@ -511,11 +513,12 @@ CTLOG *CTLOG_new_from_base64(const char *pkey_base64, const char *name);
 void CTLOG_free(CTLOG *log);
 
 /* Gets the name of the CT log */
-const char *CTLOG_get0_name(CTLOG *log);
+const char *CTLOG_get0_name(const CTLOG *log);
 /* Gets the ID of the CT log */
-void CTLOG_get0_log_id(CTLOG *log, uint8_t **log_id, size_t *log_id_len);
+void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                       size_t *log_id_len);
 /* Gets the public key of the CT log */
-EVP_PKEY *CTLOG_get0_public_key(CTLOG *log);
+EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);
 
 /**************************
  * CT log store functions *
@@ -536,15 +539,15 @@ void CTLOG_STORE_free(CTLOG_STORE *store);
  * Finds a CT log in the store based on its log ID.
  * Returns the CT log, or NULL if no match is found.
  */
-CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store,
-                                  const uint8_t *log_id,
-                                  size_t log_id_len);
+const CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store,
+                                        const uint8_t *log_id,
+                                        size_t log_id_len);
 
 /*
  * Loads a CT log list into a |store| from a |file|.
  * Returns 1 if loading is successful, or 0 otherwise.
  */
-int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
+__owur int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
 
 /*
  * Loads the default CT log list into a |store|.
@@ -552,7 +555,7 @@ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
  * consulted to find the default file.
  * Returns 1 if loading is successful, or 0 otherwise.
  */
-int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+__owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
 
 /* BEGIN ERROR CODES */
 /*