Unchecked return codes from MD functions in TLS

[andresag01]

Description

• Type: Enhancement
• Priority: Major

There are several places where functions from the MD modules (md.h sha256.h sha512.h etc) are called in the TLS stack (ssl_tls.c in particular), but it is assumed that the underlying implementation of the MD functionality can never fail. However, this is not the case when the underlying implementation of the MD module is a hardware accelerator instead of the default Mbed TLS software implementation.

Given that the PR #1294 adds return codes to the MD modules to facilitate checking for errors, the code in the TLS stack should be revised to make use of the return values.

[ciarmcom]

ARM Internal Ref: IOTSSL-2049

[gilles-peskine-arm]

It's not just in the TLS stack: there are also:

• unchecked calls to mbedtls_md in x509_crt.c and x509write_csr.c
• unchecked calls to HMAC functions in hmac_drbg.c
• an unchecked call to mbedtls_md in test_suite_ecdsa.function
• unchecked calls in sample programs: aescrypt2.c and crypt_and_hash.c

[I've checked and crossed out some of these that no longer apply - @davidhorstmann-arm]