summaryrefslogtreecommitdiffstats
path: root/crypto/ts
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2020-11-04 12:23:19 +0100
committerRichard Levitte <levitte@openssl.org>2020-11-13 09:35:02 +0100
commit9311d0c471ca2eaa259e8c1bbbeb7c46394c7ba2 (patch)
treee82c26569e5a952980e65a746af920beed602aab /crypto/ts
parentEVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys (diff)
downloadopenssl-9311d0c471ca2eaa259e8c1bbbeb7c46394c7ba2.tar.xz
openssl-9311d0c471ca2eaa259e8c1bbbeb7c46394c7ba2.zip
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
Diffstat (limited to 'crypto/ts')
-rw-r--r--crypto/ts/ts_asn1.c15
-rw-r--r--crypto/ts/ts_conf.c12
-rw-r--r--crypto/ts/ts_req_utils.c8
-rw-r--r--crypto/ts/ts_rsp_sign.c55
-rw-r--r--crypto/ts/ts_rsp_utils.c22
-rw-r--r--crypto/ts/ts_rsp_verify.c39
-rw-r--r--crypto/ts/ts_verify_ctx.c2
7 files changed, 75 insertions, 78 deletions
diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c
index 49f92b22ff..b916aa3dbb 100644
--- a/crypto/ts/ts_asn1.c
+++ b/crypto/ts/ts_asn1.c
@@ -138,18 +138,17 @@ static int ts_resp_set_tst_info(TS_RESP *a)
if (a->token) {
if (status != 0 && status != 1) {
- TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT);
+ ERR_raise(ERR_LIB_TS, TS_R_TOKEN_PRESENT);
return 0;
}
TS_TST_INFO_free(a->tst_info);
a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
if (!a->tst_info) {
- TSerr(TS_F_TS_RESP_SET_TST_INFO,
- TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
+ ERR_raise(ERR_LIB_TS, TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
return 0;
}
} else if (status == 0 || status == 1) {
- TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT);
+ ERR_raise(ERR_LIB_TS, TS_R_TOKEN_NOT_PRESENT);
return 0;
}
@@ -211,22 +210,22 @@ TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token)
const unsigned char *p;
if (!PKCS7_type_is_signed(token)) {
- TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+ ERR_raise(ERR_LIB_TS, TS_R_BAD_PKCS7_TYPE);
return NULL;
}
if (PKCS7_get_detached(token)) {
- TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_DETACHED_CONTENT);
+ ERR_raise(ERR_LIB_TS, TS_R_DETACHED_CONTENT);
return NULL;
}
pkcs7_signed = token->d.sign;
enveloped = pkcs7_signed->contents;
if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) {
- TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+ ERR_raise(ERR_LIB_TS, TS_R_BAD_PKCS7_TYPE);
return NULL;
}
tst_info_wrapper = enveloped->d.other;
if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) {
- TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_TYPE);
+ ERR_raise(ERR_LIB_TS, TS_R_BAD_TYPE);
return NULL;
}
tst_info_der = tst_info_wrapper->value.octet_string;
diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c
index 55fae481e1..6fb8e49661 100644
--- a/crypto/ts/ts_conf.c
+++ b/crypto/ts/ts_conf.c
@@ -55,7 +55,7 @@ X509 *TS_CONF_load_cert(const char *file)
x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
end:
if (x == NULL)
- TSerr(TS_F_TS_CONF_LOAD_CERT, TS_R_CANNOT_LOAD_CERT);
+ ERR_raise(ERR_LIB_TS, TS_R_CANNOT_LOAD_CERT);
BIO_free(cert);
return x;
}
@@ -87,7 +87,7 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
}
end:
if (othercerts == NULL)
- TSerr(TS_F_TS_CONF_LOAD_CERTS, TS_R_CANNOT_LOAD_CERT);
+ ERR_raise(ERR_LIB_TS, TS_R_CANNOT_LOAD_CERT);
sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
BIO_free(certs);
return othercerts;
@@ -103,7 +103,7 @@ EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *)pass);
end:
if (pkey == NULL)
- TSerr(TS_F_TS_CONF_LOAD_KEY, TS_R_CANNOT_LOAD_KEY);
+ ERR_raise(ERR_LIB_TS, TS_R_CANNOT_LOAD_KEY);
BIO_free(key);
return pkey;
}
@@ -112,13 +112,13 @@ EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
static void ts_CONF_lookup_fail(const char *name, const char *tag)
{
- TSerr(TS_F_TS_CONF_LOOKUP_FAIL, TS_R_VAR_LOOKUP_FAILURE);
+ ERR_raise(ERR_LIB_TS, TS_R_VAR_LOOKUP_FAILURE);
ERR_add_error_data(3, name, "::", tag);
}
static void ts_CONF_invalid(const char *name, const char *tag)
{
- TSerr(TS_F_TS_CONF_INVALID, TS_R_VAR_BAD_VALUE);
+ ERR_raise(ERR_LIB_TS, TS_R_VAR_BAD_VALUE);
ERR_add_error_data(3, name, "::", tag);
}
@@ -185,7 +185,7 @@ int TS_CONF_set_default_engine(const char *name)
err:
if (!ret) {
- TSerr(TS_F_TS_CONF_SET_DEFAULT_ENGINE, TS_R_COULD_NOT_SET_ENGINE);
+ ERR_raise(ERR_LIB_TS, TS_R_COULD_NOT_SET_ENGINE);
ERR_add_error_data(2, "engine:", name);
}
ENGINE_free(e);
diff --git a/crypto/ts/ts_req_utils.c b/crypto/ts/ts_req_utils.c
index e4b3eee48f..b560fc7b38 100644
--- a/crypto/ts/ts_req_utils.c
+++ b/crypto/ts/ts_req_utils.c
@@ -32,7 +32,7 @@ int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint)
return 1;
new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
if (new_msg_imprint == NULL) {
- TSerr(TS_F_TS_REQ_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
TS_MSG_IMPRINT_free(a->msg_imprint);
@@ -53,7 +53,7 @@ int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg)
return 1;
new_alg = X509_ALGOR_dup(alg);
if (new_alg == NULL) {
- TSerr(TS_F_TS_MSG_IMPRINT_SET_ALGO, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
X509_ALGOR_free(a->hash_algo);
@@ -84,7 +84,7 @@ int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy)
return 1;
new_policy = OBJ_dup(policy);
if (new_policy == NULL) {
- TSerr(TS_F_TS_REQ_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_OBJECT_free(a->policy_id);
@@ -105,7 +105,7 @@ int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce)
return 1;
new_nonce = ASN1_INTEGER_dup(nonce);
if (new_nonce == NULL) {
- TSerr(TS_F_TS_REQ_SET_NONCE, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_INTEGER_free(a->nonce);
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index 0e139be5b9..9ae584ff12 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -50,7 +50,7 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
return serial;
err:
- TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Error during serial number generation.");
ASN1_INTEGER_free(serial);
@@ -64,7 +64,7 @@ static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
{
struct timeval tv;
if (gettimeofday(&tv, NULL) != 0) {
- TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_TIME_SYSCALL_ERROR);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Time is not available.");
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
@@ -83,7 +83,7 @@ static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
{
time_t t;
if (time(&t) == (time_t)-1) {
- TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_TIME_SYSCALL_ERROR);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Time is not available.");
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
@@ -113,7 +113,7 @@ TS_RESP_CTX *TS_RESP_CTX_new(void)
TS_RESP_CTX *ctx;
if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
- TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return NULL;
}
@@ -146,8 +146,7 @@ void TS_RESP_CTX_free(TS_RESP_CTX *ctx)
int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
{
if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) {
- TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT,
- TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
+ ERR_raise(ERR_LIB_TS, TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
return 0;
}
X509_free(ctx->signer_cert);
@@ -178,7 +177,7 @@ int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy)
goto err;
return 1;
err:
- TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -190,7 +189,7 @@ int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
if (!certs)
return 1;
if ((ctx->certs = X509_chain_up_ref(certs)) == NULL) {
- TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -211,7 +210,7 @@ int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy)
return 1;
err:
- TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
ASN1_OBJECT_free(copy);
return 0;
}
@@ -226,7 +225,7 @@ int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
return 1;
err:
- TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -259,7 +258,7 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
return 1;
err:
TS_RESP_CTX_accuracy_free(ctx);
- TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -314,7 +313,7 @@ int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
ret = 1;
err:
if (!ret)
- TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
TS_STATUS_INFO_free(si);
ASN1_UTF8STRING_free(utf8_text);
return ret;
@@ -342,7 +341,7 @@ int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
goto err;
return 1;
err:
- TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -375,7 +374,7 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
ts_RESP_CTX_init(ctx);
if ((ctx->response = TS_RESP_new()) == NULL) {
- TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto end;
}
if ((ctx->request = d2i_TS_REQ_bio(req_bio, NULL)) == NULL) {
@@ -400,7 +399,7 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
end:
if (!result) {
- TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_RESPONSE_SETUP_ERROR);
if (ctx->response != NULL) {
if (TS_RESP_CTX_set_status_info_cond(ctx,
TS_STATUS_REJECTION,
@@ -496,7 +495,7 @@ static ASN1_OBJECT *ts_RESP_get_policy(TS_RESP_CTX *ctx)
int i;
if (ctx->default_policy == NULL) {
- TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+ ERR_raise(ERR_LIB_TS, TS_R_INVALID_NULL_POINTER);
return NULL;
}
if (!requested || !OBJ_cmp(requested, ctx->default_policy))
@@ -509,7 +508,7 @@ static ASN1_OBJECT *ts_RESP_get_policy(TS_RESP_CTX *ctx)
policy = current;
}
if (policy == NULL) {
- TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
+ ERR_raise(ERR_LIB_TS, TS_R_UNACCEPTABLE_POLICY);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Requested policy is not " "supported.");
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
@@ -585,7 +584,7 @@ static TS_TST_INFO *ts_RESP_create_tst_info(TS_RESP_CTX *ctx,
if (!result) {
TS_TST_INFO_free(tst_info);
tst_info = NULL;
- TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_TST_INFO_SETUP_ERROR);
TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
"Error during TSTInfo "
"generation.");
@@ -633,12 +632,12 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
int i;
if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+ ERR_raise(ERR_LIB_TS, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
goto err;
}
if ((p7 = PKCS7_new()) == NULL) {
- TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!PKCS7_set_type(p7, NID_pkcs7_signed))
@@ -658,14 +657,14 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
if ((si = PKCS7_add_signature(p7, ctx->signer_cert,
ctx->signer_key, ctx->signer_md)) == NULL) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
goto err;
}
oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
V_ASN1_OBJECT, oid)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
goto err;
}
@@ -676,7 +675,7 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
goto err;
if (!ESS_SIGNING_CERT_add(si, sc)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
goto err;
}
} else {
@@ -686,7 +685,7 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
goto err;
if (!ESS_SIGNING_CERT_V2_add(si, sc2)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR);
goto err;
}
}
@@ -694,15 +693,15 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx)
if (!ts_TST_INFO_content_new(p7))
goto err;
if ((p7bio = PKCS7_dataInit(p7, NULL)) == NULL) {
- TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+ ERR_raise(ERR_LIB_TS, TS_R_TS_DATASIGN);
goto err;
}
if (!PKCS7_dataFinal(p7, p7bio)) {
- TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+ ERR_raise(ERR_LIB_TS, TS_R_TS_DATASIGN);
goto err;
}
TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
@@ -813,7 +812,7 @@ static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision(
return asn1_time;
err:
- TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
+ ERR_raise(ERR_LIB_TS, TS_R_COULD_NOT_SET_TIME);
return NULL;
}
diff --git a/crypto/ts/ts_rsp_utils.c b/crypto/ts/ts_rsp_utils.c
index 92dcb5bff7..cae076f21a 100644
--- a/crypto/ts/ts_rsp_utils.c
+++ b/crypto/ts/ts_rsp_utils.c
@@ -22,7 +22,7 @@ int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info)
return 1;
new_status_info = TS_STATUS_INFO_dup(status_info);
if (new_status_info == NULL) {
- TSerr(TS_F_TS_RESP_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
TS_STATUS_INFO_free(a->status_info);
@@ -73,7 +73,7 @@ int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy)
return 1;
new_policy = OBJ_dup(policy);
if (new_policy == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_OBJECT_free(a->policy_id);
@@ -94,7 +94,7 @@ int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint)
return 1;
new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
if (new_msg_imprint == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
TS_MSG_IMPRINT_free(a->msg_imprint);
@@ -115,7 +115,7 @@ int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial)
return 1;
new_serial = ASN1_INTEGER_dup(serial);
if (new_serial == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_SERIAL, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_INTEGER_free(a->serial);
@@ -136,7 +136,7 @@ int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime)
return 1;
new_time = ASN1_STRING_dup(gtime);
if (new_time == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_TIME, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_GENERALIZEDTIME_free(a->time);
@@ -157,7 +157,7 @@ int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy)
return 1;
new_accuracy = TS_ACCURACY_dup(accuracy);
if (new_accuracy == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
TS_ACCURACY_free(a->accuracy);
@@ -178,7 +178,7 @@ int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds)
return 1;
new_seconds = ASN1_INTEGER_dup(seconds);
if (new_seconds == NULL) {
- TSerr(TS_F_TS_ACCURACY_SET_SECONDS, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_INTEGER_free(a->seconds);
@@ -200,7 +200,7 @@ int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis)
if (millis != NULL) {
new_millis = ASN1_INTEGER_dup(millis);
if (new_millis == NULL) {
- TSerr(TS_F_TS_ACCURACY_SET_MILLIS, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
}
@@ -223,7 +223,7 @@ int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros)
if (micros != NULL) {
new_micros = ASN1_INTEGER_dup(micros);
if (new_micros == NULL) {
- TSerr(TS_F_TS_ACCURACY_SET_MICROS, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
}
@@ -256,7 +256,7 @@ int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce)
return 1;
new_nonce = ASN1_INTEGER_dup(nonce);
if (new_nonce == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_NONCE, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
ASN1_INTEGER_free(a->nonce);
@@ -277,7 +277,7 @@ int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa)
return 1;
new_tsa = GENERAL_NAME_dup(tsa);
if (new_tsa == NULL) {
- TSerr(TS_F_TS_TST_INFO_SET_TSA, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return 0;
}
GENERAL_NAME_free(a->tsa);
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index 69ce5dc806..b0bcba7917 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -98,21 +98,21 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
/* Some sanity checks first. */
if (!token) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
+ ERR_raise(ERR_LIB_TS, TS_R_INVALID_NULL_POINTER);
goto err;
}
if (!PKCS7_type_is_signed(token)) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
+ ERR_raise(ERR_LIB_TS, TS_R_WRONG_CONTENT_TYPE);
goto err;
}
sinfos = PKCS7_get_signer_info(token);
if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
+ ERR_raise(ERR_LIB_TS, TS_R_THERE_MUST_BE_ONE_SIGNER);
goto err;
}
si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
if (PKCS7_get_detached(token)) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
+ ERR_raise(ERR_LIB_TS, TS_R_NO_CONTENT);
goto err;
}
@@ -137,7 +137,7 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
j = PKCS7_signatureVerify(p7bio, token, si, signer);
if (j <= 0) {
- TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
+ ERR_raise(ERR_LIB_TS, TS_R_SIGNATURE_FAILURE);
goto err;
}
@@ -169,7 +169,7 @@ static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
*chain = NULL;
cert_ctx = X509_STORE_CTX_new();
if (cert_ctx == NULL) {
- TSerr(TS_F_TS_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted))
@@ -178,7 +178,7 @@ static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
i = X509_verify_cert(cert_ctx);
if (i <= 0) {
int j = X509_STORE_CTX_get_error(cert_ctx);
- TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_CERTIFICATE_VERIFY_ERROR);
ERR_add_error_data(2, "Verify error:",
X509_verify_cert_error_string(j));
goto err;
@@ -247,8 +247,7 @@ static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
ret = 1;
err:
if (!ret)
- TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
- TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
+ ERR_raise(ERR_LIB_TS, TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
ESS_SIGNING_CERT_free(ss);
ESS_SIGNING_CERT_V2_free(ssv2);
return ret;
@@ -325,7 +324,7 @@ static int int_ts_RESP_verify_token(TS_VERIFY_CTX *ctx,
goto err;
if ((flags & TS_VFY_VERSION)
&& TS_TST_INFO_get_version(tst_info) != 1) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
+ ERR_raise(ERR_LIB_TS, TS_R_UNSUPPORTED_VERSION);
goto err;
}
if ((flags & TS_VFY_POLICY)
@@ -345,12 +344,12 @@ static int int_ts_RESP_verify_token(TS_VERIFY_CTX *ctx,
goto err;
if ((flags & TS_VFY_SIGNER)
&& tsa_name && !ts_check_signer_name(tsa_name, signer)) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
+ ERR_raise(ERR_LIB_TS, TS_R_TSA_NAME_MISMATCH);
goto err;
}
if ((flags & TS_VFY_TSA_NAME)
&& !ts_check_signer_name(ctx->tsa_name, signer)) {
- TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
+ ERR_raise(ERR_LIB_TS, TS_R_TSA_UNTRUSTED);
goto err;
}
ret = 1;
@@ -401,7 +400,7 @@ static int ts_check_status_info(TS_RESP *response)
if (failure_text[0] == '\0')
strcpy(failure_text, "unspecified");
- TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
+ ERR_raise(ERR_LIB_TS, TS_R_NO_TIME_STAMP_TOKEN);
ERR_add_error_data(6,
"status code: ", status_text,
", status text: ", embedded_status_text ?
@@ -423,7 +422,7 @@ static int ts_check_policy(const ASN1_OBJECT *req_oid,
const ASN1_OBJECT *resp_oid = tst_info->policy_id;
if (OBJ_cmp(req_oid, resp_oid) != 0) {
- TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
+ ERR_raise(ERR_LIB_TS, TS_R_POLICY_MISMATCH);
return 0;
}
@@ -447,7 +446,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
if ((*md_alg = X509_ALGOR_dup(md_alg_resp)) == NULL)
goto err;
if ((md = EVP_get_digestbyobj((*md_alg)->algorithm)) == NULL) {
- TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
+ ERR_raise(ERR_LIB_TS, TS_R_UNSUPPORTED_MD_ALGORITHM);
goto err;
}
length = EVP_MD_size(md);
@@ -455,13 +454,13 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
goto err;
*imprint_len = length;
if ((*imprint = OPENSSL_malloc(*imprint_len)) == NULL) {
- TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto err;
}
md_ctx = EVP_MD_CTX_new();
if (md_ctx == NULL) {
- TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_DigestInit(md_ctx, md))
@@ -508,7 +507,7 @@ static int ts_check_imprints(X509_ALGOR *algor_a,
memcmp(imprint_a, ASN1_STRING_get0_data(b->hashed_msg), len_a) == 0;
err:
if (!ret)
- TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
+ ERR_raise(ERR_LIB_TS, TS_R_MESSAGE_IMPRINT_MISMATCH);
return ret;
}
@@ -517,13 +516,13 @@ static int ts_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
const ASN1_INTEGER *b = tst_info->nonce;
if (!b) {
- TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
+ ERR_raise(ERR_LIB_TS, TS_R_NONCE_NOT_RETURNED);
return 0;
}
/* No error if a nonce is returned without being requested. */
if (ASN1_INTEGER_cmp(a, b) != 0) {
- TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
+ ERR_raise(ERR_LIB_TS, TS_R_NONCE_MISMATCH);
return 0;
}
diff --git a/crypto/ts/ts_verify_ctx.c b/crypto/ts/ts_verify_ctx.c
index 776d5cf43e..825d53e4f7 100644
--- a/crypto/ts/ts_verify_ctx.c
+++ b/crypto/ts/ts_verify_ctx.c
@@ -17,7 +17,7 @@ TS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
TS_VERIFY_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx == NULL)
- TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE);
return ctx;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 09:24:25 +0100