Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-24 00:06:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

- A error_strerror function() has been added to translate between error codes and their description.

Browse source 
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
This commit is contained in:
Paul Bakker 2011-05-09 16:17:09 +00:00
parent 91b4159834
commit 9d781407bc
33 changed files with 1031 additions and 285 deletions
Download patch file Download diff file Expand all files Collapse all files

1
library/CMakeLists.txt
View file

@ -12,6 +12,7 @@ set(src
debug.c
des.c
dhm.c
error.c
havege.c
md.c
md_wrap.c

1
library/Makefile
View file

@ -21,6 +21,7 @@ OBJS= aes.o arc4.o base64.o \
bignum.o camellia.o certs.o \
cipher.o cipher_wrap.o debug.o \
des.o dhm.o havege.o \
error.o \
md.o md_wrap.o md2.o \
md4.o md5.o net.o \
padlock.o pem.o pkcs11.o \

10
library/dhm.c
View file

@ -53,7 +53,7 @@ static int dhm_read_bignum( mpi *X,
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED | ret );
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret );
(*p) += n;
@ -176,7 +176,7 @@ int dhm_make_params( dhm_context *ctx, int x_size,
cleanup:
if( ret != 0 )
return( ret | POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED );
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret );
return( 0 );
}
@ -193,7 +193,7 @@ int dhm_read_public( dhm_context *ctx,
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED | ret );
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret );
return( 0 );
}
@ -231,7 +231,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED | ret );
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
return( 0 );
}
@ -260,7 +260,7 @@ int dhm_calc_secret( dhm_context *ctx,
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED | ret );
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret );
return( 0 );
}

391
library/error.c Normal file
View file

@ -0,0 +1,391 @@
/*
* Error message information
*
* Copyright (C) 2006-2010, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "polarssl/config.h"
#if defined(POLARSSL_ERROR_C)
#if defined(POLARSSL_AES_C)
#include "polarssl/aes.h"
#endif
#if defined(POLARSSL_BASE64_C)
#include "polarssl/base64.h"
#endif
#if defined(POLARSSL_BIGNUM_C)
#include "polarssl/bignum.h"
#endif
#if defined(POLARSSL_CAMELLIA_C)
#include "polarssl/camellia.h"
#endif
#if defined(POLARSSL_DES_C)
#include "polarssl/des.h"
#endif
#if defined(POLARSSL_DHM_C)
#include "polarssl/dhm.h"
#endif
#if defined(POLARSSL_MD_C)
#include "polarssl/md.h"
#endif
#if defined(POLARSSL_NET_C)
#include "polarssl/net.h"
#endif
#if defined(POLARSSL_PADLOCK_C)
#include "polarssl/padlock.h"
#endif
#if defined(POLARSSL_PEM_C)
#include "polarssl/pem.h"
#endif
#if defined(POLARSSL_RSA_C)
#include "polarssl/rsa.h"
#endif
#if defined(POLARSSL_SSL_C)
#include "polarssl/ssl.h"
#endif
#if defined(POLARSSL_X509_PARSE_C)
#include "polarssl/x509.h"
#endif
#if defined(POLARSSL_XTEA_C)
#include "polarssl/xtea.h"
#endif
#include <string.h>
void error_strerror( int ret, char *buf, size_t buflen )
{
size_t len;
int use_ret;
memset( buf, 0x00, buflen );
if( ret < 0 )
ret = -ret;
if( ret & 0xFF80 )
{
use_ret = ret & 0xFF80;
// High level error codes
//
#if defined(POLARSSL_DHM_C)
if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) )
snprintf( buf, buflen, "DHM - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) )
snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) )
snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" );
if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) )
snprintf( buf, buflen, "DHM - Reading of the public values failed" );
if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) )
snprintf( buf, buflen, "DHM - Makeing of the public value failed" );
if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) )
snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" );
#endif /* POLARSSL_DHM_C */
#if defined(POLARSSL_MD_C)
if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "MD - The selected feature is not available" );
#endif /* POLARSSL_MD_C */
#if defined(POLARSSL_PEM_C)
if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_PRESENT) )
snprintf( buf, buflen, "PEM - No PEM header found" );
if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) )
snprintf( buf, buflen, "PEM - PEM string is not as expected" );
if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) )
snprintf( buf, buflen, "PEM - Failed to allocate memory" );
if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) )
snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" );
if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) )
snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" );
if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) )
snprintf( buf, buflen, "PEM - Private key password can't be empty" );
if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) )
snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" );
if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" );
#endif /* POLARSSL_PEM_C */
#if defined(POLARSSL_RSA_C)
if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) )
snprintf( buf, buflen, "RSA - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) )
snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" );
if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) )
snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) )
snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" );
if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) )
snprintf( buf, buflen, "RSA - The public key operation failed" );
if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) )
snprintf( buf, buflen, "RSA - The private key operation failed" );
if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) )
snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" );
if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) )
snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) )
snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_SSL_C)
if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "SSL - The requested feature is not available" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) )
snprintf( buf, buflen, "SSL - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) )
snprintf( buf, buflen, "SSL - Verification of the message MAC failed" );
if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) )
snprintf( buf, buflen, "SSL - An invalid SSL record was received" );
if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE) )
snprintf( buf, buflen, "SSL - An invalid modulus size was received" );
if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) )
snprintf( buf, buflen, "SSL - An unknown cipher was received" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) )
snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_SESSION_FOUND) )
snprintf( buf, buflen, "SSL - No session to recover was found" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) )
snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) )
snprintf( buf, buflen, "SSL - DESCRIPTION MISSING" );
if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) )
snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" );
if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) )
snprintf( buf, buflen, "SSL - The own private key is not set, but needed" );
if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) )
snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" );
if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) )
snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" );
if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) )
snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" );
if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) )
snprintf( buf, buflen, "SSL - Verification of our peer failed" );
if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) )
snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) )
snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) )
snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) )
snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) )
snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) )
snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) )
snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM Read Public" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) )
snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) )
snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) )
snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
#endif /* POLARSSL_SSL_C */
#if defined(POLARSSL_X509_PARSE_C)
if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_PEM) )
snprintf( buf, buflen, "X509 - The PEM-encoded certificate contains invalid elements, e.g. invalid character" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_FORMAT) )
snprintf( buf, buflen, "X509 - The certificate format is invalid, e.g. different type expected" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_VERSION) )
snprintf( buf, buflen, "X509 - The certificate version element is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_SERIAL) )
snprintf( buf, buflen, "X509 - The serial tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_ALG) )
snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_NAME) )
snprintf( buf, buflen, "X509 - The name tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_DATE) )
snprintf( buf, buflen, "X509 - The date tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_PUBKEY) )
snprintf( buf, buflen, "X509 - The pubkey tag or value is invalid (only RSA is supported)" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE) )
snprintf( buf, buflen, "X509 - The signature tag or value invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS) )
snprintf( buf, buflen, "X509 - The extension tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION) )
snprintf( buf, buflen, "X509 - Certificate or CRL has an unsupported version number" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG) )
snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG) )
snprintf( buf, buflen, "X509 - Public key algorithm is unsupported (only RSA is supported)" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_SIG_MISMATCH) )
snprintf( buf, buflen, "X509 - Certificate signature algorithms do not match. (see \\c ::x509_cert sig_oid)" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) )
snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
if( use_ret == -(POLARSSL_ERR_X509_KEY_INVALID_VERSION) )
snprintf( buf, buflen, "X509 - Unsupported RSA key version" );
if( use_ret == -(POLARSSL_ERR_X509_KEY_INVALID_FORMAT) )
snprintf( buf, buflen, "X509 - Invalid RSA key tag or value" );
if( use_ret == -(POLARSSL_ERR_X509_POINT_ERROR) )
snprintf( buf, buflen, "X509 - Not used" );
if( use_ret == -(POLARSSL_ERR_X509_VALUE_TO_LENGTH) )
snprintf( buf, buflen, "X509 - Not used" );
#endif /* POLARSSL_X509_PARSE_C */
if( strlen( buf ) == 0 )
snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
use_ret = ret & ~0xFF80;
if( use_ret == 0 )
return;
// If high level code is present, make a concatenation between both
// error strings.
//
len = strlen( buf );
if( len > 0 )
{
if( buflen - len < 5 )
return;
snprintf( buf + len, buflen - len, " : " );
buf += len + 3;
buflen -= len + 3;
}
// Low level error codes
//
#if defined(POLARSSL_AES_C)
if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) )
snprintf( buf, buflen, "AES - Invalid key length" );
if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "AES - Invalid data input length" );
#endif /* POLARSSL_AES_C */
#if defined(POLARSSL_BASE64_C)
if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "BASE64 - Output buffer too small" );
if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) )
snprintf( buf, buflen, "BASE64 - Invalid character in input" );
#endif /* POLARSSL_BASE64_C */
#if defined(POLARSSL_BIGNUM_C)
if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) )
snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" );
if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) )
snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) )
snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "BIGNUM - The output buffer is too small to write too" );
if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) )
snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
#endif /* POLARSSL_BIGNUM_C */
#if defined(POLARSSL_CAMELLIA_C)
if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH) )
snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
#endif /* POLARSSL_CAMELLIA_C */
#if defined(POLARSSL_DES_C)
if( use_ret == -(POLARSSL_ERR_DES_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "DES - The data input has an invalid length" );
#endif /* POLARSSL_DES_C */
#if defined(POLARSSL_NET_C)
if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) )
snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
if( use_ret == -(POLARSSL_ERR_NET_SOCKET_FAILED) )
snprintf( buf, buflen, "NET - Failed to open a socket" );
if( use_ret == -(POLARSSL_ERR_NET_CONNECT_FAILED) )
snprintf( buf, buflen, "NET - The connection to the given server / port failed" );
if( use_ret == -(POLARSSL_ERR_NET_BIND_FAILED) )
snprintf( buf, buflen, "NET - Binding of the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_LISTEN_FAILED) )
snprintf( buf, buflen, "NET - Could not listen on the socket" );
if( use_ret == -(POLARSSL_ERR_NET_ACCEPT_FAILED) )
snprintf( buf, buflen, "NET - Could not accept the incoming connection" );
if( use_ret == -(POLARSSL_ERR_NET_RECV_FAILED) )
snprintf( buf, buflen, "NET - Reading information from the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_SEND_FAILED) )
snprintf( buf, buflen, "NET - Sending information through the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) )
snprintf( buf, buflen, "NET - Connection was reset by peer" );
if( use_ret == -(POLARSSL_ERR_NET_TRY_AGAIN) )
snprintf( buf, buflen, "NET - Connection was busy, try again" );
#endif /* POLARSSL_NET_C */
#if defined(POLARSSL_PADLOCK_C)
if( use_ret == -(POLARSSL_ERR_PADLOCK_DATA_MISALIGNED) )
snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* POLARSSL_PADLOCK_C */
#if defined(POLARSSL_X509_PARSE_C)
if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) )
snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) )
snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) )
snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" );
if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) )
snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) )
snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
#endif /* POLARSSL_X509_PARSE_C */
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
#endif /* POLARSSL_XTEA_C */
if( strlen( buf ) != 0 )
return;
snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
#endif /* POLARSSL_VERBOSE_ERROR */

4
library/pem.c
View file

@ -281,7 +281,7 @@ int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigne
ret = base64_decode( NULL, &len, s1, s2 - s1 );
if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
return( ret | POLARSSL_ERR_PEM_INVALID_DATA );
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
if( ( buf = (unsigned char *) malloc( len ) ) == NULL )
return( POLARSSL_ERR_PEM_MALLOC_FAILED );
@ -289,7 +289,7 @@ int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigne
if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
{
free( buf );
return( ret | POLARSSL_ERR_PEM_INVALID_DATA );
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
}
if( enc != 0 )

11
library/rsa.c
View file

@ -121,7 +121,7 @@ cleanup:
if( ret != 0 )
{
rsa_free( ctx );
return( POLARSSL_ERR_RSA_KEY_GEN_FAILED | ret );
return( POLARSSL_ERR_RSA_KEY_GEN_FAILED + ret );
}
return( 0 );
@ -199,8 +199,11 @@ cleanup:
mpi_free( &H ); mpi_free( &I ); mpi_free( &G ); mpi_free( &G2 );
mpi_free( &L1 ); mpi_free( &L2 );
if( ret == POLARSSL_ERR_RSA_KEY_CHECK_FAILED )
return( ret );
if( ret != 0 )
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED | ret );
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED + ret );
return( 0 );
}
@ -235,7 +238,7 @@ cleanup:
mpi_free( &T );
if( ret != 0 )
return( POLARSSL_ERR_RSA_PUBLIC_FAILED | ret );
return( POLARSSL_ERR_RSA_PUBLIC_FAILED + ret );
return( 0 );
}
@ -295,7 +298,7 @@ cleanup:
mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 );
if( ret != 0 )
return( POLARSSL_ERR_RSA_PRIVATE_FAILED | ret );
return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret );
return( 0 );
}

4
library/ssl_srv.c
View file

@ -733,7 +733,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
ssl->in_msg + 6, n ) ) != 0 )
{
SSL_DEBUG_RET( 1, "dhm_read_public", ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE | ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP );
}
SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->dhm_ctx.GY );
@ -744,7 +744,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
ssl->premaster, &ssl->pmslen ) ) != 0 )
{
SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE | ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS );
}
SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->dhm_ctx.K );

6
library/ssl_tls.c
View file

@ -1159,7 +1159,11 @@ int ssl_read_record( ssl_context *ssl )
if( ssl->in_msg[0] == SSL_ALERT_LEVEL_FATAL )
{
SSL_DEBUG_MSG( 1, ( "is a fatal alert message" ) );
return( POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE | ssl->in_msg[1] );
/**
* Subtract from error code as ssl->in_msg[1] is 7-bit positive
* error identifier.
*/
return( POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE - ssl->in_msg[1] );
}
if( ssl->in_msg[0] == SSL_ALERT_LEVEL_WARNING &&

149
library/x509parse.c
View file

@ -282,10 +282,10 @@ static int x509_get_version( unsigned char **p,
end = *p + len;
if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_VERSION | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_VERSION |
return( POLARSSL_ERR_X509_CERT_INVALID_VERSION +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -301,18 +301,18 @@ static int x509_get_serial( unsigned char **p,
int ret;
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL |
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) &&
**p != ASN1_INTEGER )
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL |
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
serial->tag = *(*p)++;
if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + ret );
serial->p = *p;
*p += serial->len;
@ -334,13 +334,13 @@ static int x509_get_alg( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_ALG | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
end = *p + len;
alg->tag = **p;
if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_ALG | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
alg->p = *p;
*p += alg->len;
@ -352,10 +352,10 @@ static int x509_get_alg( unsigned char **p,
* assume the algorithm parameters must be NULL
*/
if( ( ret = asn1_get_tag( p, end, &len, ASN1_NULL ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_ALG | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_ALG |
return( POLARSSL_ERR_X509_CERT_INVALID_ALG +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -381,32 +381,32 @@ static int x509_get_attr_type_value( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
oid = &cur->oid;
oid->tag = **p;
if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
oid->p = *p;
*p += oid->len;
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME |
return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
**p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
**p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME |
return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
val = &cur->val;
val->tag = *(*p)++;
if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
val->p = *p;
*p += val->len;
@ -439,7 +439,7 @@ static int x509_get_name( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
end2 = end;
end = *p + len;
@ -495,7 +495,8 @@ static int x509_get_time( unsigned char **p,
unsigned char tag;
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
tag = **p;
@ -505,7 +506,7 @@ static int x509_get_time( unsigned char **p,
ret = asn1_get_len( p, end, &len );
if( ret != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
memset( date, 0, sizeof( date ) );
memcpy( date, *p, ( len < (int) sizeof( date ) - 1 ) ?
@ -529,7 +530,7 @@ static int x509_get_time( unsigned char **p,
ret = asn1_get_len( p, end, &len );
if( ret != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
memset( date, 0, sizeof( date ) );
memcpy( date, *p, ( len < (int) sizeof( date ) - 1 ) ?
@ -545,7 +546,7 @@ static int x509_get_time( unsigned char **p,
return( 0 );
}
else
return( POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
return( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
}
@ -564,7 +565,7 @@ static int x509_get_dates( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
end = *p + len;
@ -575,7 +576,7 @@ static int x509_get_dates( unsigned char **p,
return( ret );
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE |
return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -625,10 +626,10 @@ static int x509_get_pubkey( unsigned char **p,
return( POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG );
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY |
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
end2 = *p + len;
@ -644,18 +645,18 @@ static int x509_get_pubkey( unsigned char **p,
*/
if( ( ret = asn1_get_tag( p, end2, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
if( *p + len != end2 )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY |
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
if( ( ret = asn1_get_mpi( p, end2, N ) ) != 0 ||
( ret = asn1_get_mpi( p, end2, E ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY |
return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -671,7 +672,7 @@ static int x509_get_sig( unsigned char **p,
sig->tag = **p;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret );
if( --len < 1 || *(*p)++ != 0 )
@ -747,10 +748,10 @@ static int x509_get_ext( unsigned char **p,
*/
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( end != *p + len )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -778,13 +779,13 @@ static int x509_get_crl_ext( unsigned char **p,
{
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
*p += len;
}
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -808,7 +809,7 @@ static int x509_get_basic_constraints( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( *p == end )
return 0;
@ -819,7 +820,7 @@ static int x509_get_basic_constraints( unsigned char **p,
ret = asn1_get_int( p, end, ca_istrue );
if( ret != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( *ca_istrue != 0 )
*ca_istrue = 1;
@ -829,10 +830,10 @@ static int x509_get_basic_constraints( unsigned char **p,
return 0;
if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
(*max_pathlen)++;
@ -848,10 +849,10 @@ static int x509_get_ns_cert_type( unsigned char **p,
x509_bitstring bs = { 0, 0, NULL };
if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( bs.len != 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_INVALID_LENGTH );
/* Get actual bitstring */
@ -867,10 +868,10 @@ static int x509_get_key_usage( unsigned char **p,
x509_bitstring bs = { 0, 0, NULL };
if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
if( bs.len != 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_INVALID_LENGTH );
/* Get actual bitstring */
@ -890,11 +891,11 @@ static int x509_get_ext_key_usage( unsigned char **p,
int ret;
if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
/* Sequence length must be >= 1 */
if( ext_key_usage->buf.p == NULL )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_INVALID_LENGTH );
return 0;
@ -936,7 +937,7 @@ static int x509_get_crt_ext( unsigned char **p,
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
end_ext_data = *p + len;
@ -944,29 +945,29 @@ static int x509_get_crt_ext( unsigned char **p,
extn_oid.tag = **p;
if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
extn_oid.p = *p;
*p += extn_oid.len;
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
/* Get optional critical */
if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
/* Data should be octet string type */
if( ( ret = asn1_get_tag( p, end_ext_data, &len,
ASN1_OCTET_STRING ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
end_ext_octet = *p + len;
if( end_ext_octet != end_ext_data )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
/*
@ -1016,14 +1017,14 @@ static int x509_get_crt_ext( unsigned char **p,
if( is_critical )
{
/* Data is marked as critical: fail */
return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
}
}
}
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS |
return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
@ -1231,7 +1232,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
if( len != (size_t) ( end - p ) )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1244,7 +1245,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
end = p + len;
@ -1288,7 +1289,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
@ -1321,7 +1322,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
@ -1341,7 +1342,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_pubkey( &p, p + len, &crt->pk_oid,
@ -1400,7 +1401,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
if( p != end )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1431,7 +1432,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
if( p != end )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1568,7 +1569,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( len != (size_t) ( end - p ) )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1581,7 +1582,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
end = p + len;
@ -1623,7 +1624,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
@ -1646,9 +1647,9 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 )
{
if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE |
if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE |
ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
{
x509_crl_free( crl );
@ -1688,7 +1689,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( p != end )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1719,7 +1720,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( p != end )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -1917,7 +1918,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
pem_free( &pem );
#endif
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
end = p + len;
@ -1928,7 +1929,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
pem_free( &pem );
#endif
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
if( rsa->ver != 0 )
@ -1937,7 +1938,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
pem_free( &pem );
#endif
rsa_free( rsa );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_VERSION );
return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
}
if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
@ -1953,7 +1954,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
pem_free( &pem );
#endif
rsa_free( rsa );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
rsa->len = mpi_size( &rsa->N );
@ -1964,7 +1965,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
pem_free( &pem );
#endif
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT |
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
@ -2045,7 +2046,7 @@ int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t key
pem_free( &pem );
#endif
rsa_free( rsa );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_pubkey( &p, end, &alg_oid, &rsa->N, &rsa->E ) ) != 0 )
@ -2054,7 +2055,7 @@ int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t key
pem_free( &pem );
#endif
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
@ -2127,7 +2128,7 @@ int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
#if defined(POLARSSL_PEM_C)
pem_free( &pem );
#endif
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
end = p + len;
@ -2139,7 +2140,7 @@ int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
pem_free( &pem );
#endif
dhm_free( dhm );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
}
if( p != end )
@ -2148,7 +2149,7 @@ int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
pem_free( &pem );
#endif
dhm_free( dhm );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT |
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}