diff options
| author | Tomas Mraz <tomas@openssl.org> | 2021-02-05 18:51:37 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-02-11 09:34:31 +0100 |
| commit | f5f29796f00b94d150087bc72469a4f60a67a23b (patch) | |
| tree | b1e64bf9f3b39d9a099e2b595ffc1b41cac5a175 /providers/implementations | |
| parent | Move the PROV_R reason codes to a public header (diff) | |
| download | openssl-f5f29796f00b94d150087bc72469a4f60a67a23b.tar.xz openssl-f5f29796f00b94d150087bc72469a4f60a67a23b.zip | |
Various cleanup of PROV_R_ reason codes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14086)
Diffstat (limited to 'providers/implementations')
20 files changed, 39 insertions, 34 deletions
diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c index 3aed088171..588e030417 100644 --- a/providers/implementations/ciphers/cipher_aes_hw.c +++ b/providers/implementations/ciphers/cipher_aes_hw.c @@ -114,7 +114,7 @@ static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc index 13b52d5987..a2358b43f9 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc @@ -45,7 +45,7 @@ static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_hw_t4.inc index 2ccc383e9d..826ff0239d 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_t4.inc @@ -78,7 +78,7 @@ static int cipher_hw_aes_t4_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index b94d7644df..faa6cb470c 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -451,7 +451,7 @@ static int aes_ocb_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc || p->data_size != ctx->taglen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, ctx->taglen); diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index f457aaf750..67a282f59c 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <openssl/proverr.h> #include "cipher_aria.h" static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, @@ -21,7 +22,7 @@ static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, else ret = aria_set_decrypt_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } dat->ks = ks; diff --git a/providers/implementations/ciphers/cipher_camellia_hw.c b/providers/implementations/ciphers/cipher_camellia_hw.c index 06b29ca287..66a2b143c3 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw.c +++ b/providers/implementations/ciphers/cipher_camellia_hw.c @@ -13,6 +13,8 @@ */ #include "internal/deprecated.h" +#include <openssl/camellia.h> +#include <openssl/proverr.h> #include "cipher_camellia.h" static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, @@ -25,7 +27,7 @@ static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, dat->ks = ks; ret = Camellia_set_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } if (dat->enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) { diff --git a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc index c04613700a..032402a556 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc @@ -67,7 +67,7 @@ static int cipher_hw_camellia_t4_initkey(PROV_CIPHER_CTX *dat, } } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_CAMELLIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } return 1; diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 0565b05f39..b328cdb993 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -113,11 +113,11 @@ static int chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, p->data_size); @@ -180,7 +180,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } if (p->data != NULL) { @@ -214,7 +214,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (hw->tls_iv_set_fixed(&ctx->base, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index dd8bbefa36..11688080ce 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -89,7 +89,7 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, keylen); diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 2accb24b0a..59c8a976cc 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -80,7 +80,7 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, ctx->keylen); diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 2e0603ce19..9f6c82bddd 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -191,7 +191,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, if (key != NULL) { if (ctx->variable_keylength == 0) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } } else { @@ -613,7 +613,7 @@ int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, { if (ivlen != ctx->ivlen || ivlen > sizeof(ctx->iv)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->iv_set = 1; diff --git a/providers/implementations/ciphers/ciphercommon_ccm.c b/providers/implementations/ciphers/ciphercommon_ccm.c index a87bf487e6..a780e7aed3 100644 --- a/providers/implementations/ciphers/ciphercommon_ccm.c +++ b/providers/implementations/ciphers/ciphercommon_ccm.c @@ -78,7 +78,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if ((p->data_size & 1) || (p->data_size < 4) || p->data_size > 16) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } @@ -103,7 +103,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } ivlen = 15 - sz; if (ivlen < 2 || ivlen > 8) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->l = ivlen; @@ -130,7 +130,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if (ccm_tls_iv_set_fixed(ctx, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } @@ -162,7 +162,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -175,7 +175,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -200,7 +200,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL) { if (!ctx->enc || !ctx->tag_set) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_type != OSSL_PARAM_OCTET_STRING) { @@ -228,7 +228,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, if (iv != NULL) { if (ivlen != ccm_get_ivlen(ctx)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } memcpy(ctx->iv, iv, ivlen); @@ -236,7 +236,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, } if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->setkey(ctx, key, keylen); diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index 8b9d06b0a4..02a496d1dd 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -513,7 +513,7 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, * side only. */ if (ctx->enc && ++ctx->tls_enc_records == 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_TOO_MANY_RECORDS); + ERR_raise(ERR_LIB_PROV, PROV_R_TOO_MANY_RECORDS); goto err; } diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index a22e3a6406..09776127d4 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -87,7 +87,7 @@ static int der_from_p8(unsigned char **new_der, long *new_der_len, size_t plen = 0; if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); } else { const X509_ALGOR *alg = NULL; const ASN1_OCTET_STRING *oct = NULL; diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index a8c9432f2d..8f868249ee 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -96,7 +96,7 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, &ctx->pwdata)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); return NULL; } /* First argument == -1 means "standard" */ diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index 7420819a09..a3ecea2b03 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -285,13 +285,13 @@ static int pbkdf2_derive(const char *pass, size_t passlen, * results in an overflow of the loop counter 'i'. */ if ((keylen / mdlen) >= KDF_PBKDF2_MAX_KEY_LEN_DIGEST_RATIO) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (lower_bound_checks) { if ((keylen * 8) < KDF_PBKDF2_MIN_KEY_LEN_BITS) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); return 0; } if (saltlen < KDF_PBKDF2_MIN_SALT_LEN) { diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 08de2a07cc..0f7f65ddbb 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -16,6 +16,7 @@ #include <openssl/params.h> #include <openssl/err.h> #include <openssl/evp.h> +#include <openssl/proverr.h> #include "openssl/param_build.h" #include "internal/param_build_set.h" #include "prov/implementations.h" @@ -464,7 +465,7 @@ static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg) return key; if (gctx->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); ossl_mac_key_free(key); return NULL; } diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c index c9d404d5ea..1d5d26f170 100644 --- a/providers/implementations/macs/gmac_prov.c +++ b/providers/implementations/macs/gmac_prov.c @@ -191,7 +191,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) if (EVP_CIPHER_mode(ossl_prov_cipher_cipher(&macctx->cipher)) != EVP_CIPH_GCM_MODE) { - ERR_raise(ERR_LIB_PROV, EVP_R_CIPHER_NOT_GCM_MODE); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE); return 0; } if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher), @@ -204,7 +204,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; if (p->data_size != (size_t)EVP_CIPHER_CTX_key_length(ctx)) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY_LENGTH); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (!EVP_EncryptInit_ex(ctx, NULL, NULL, p->data, NULL)) diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 8f74c2306a..3a57dd0db6 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -258,7 +258,7 @@ static int kmac_init(void *vmacctx) /* Check key has been set */ if (kctx->key_len == 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); return 0; } if (!EVP_DigestInit_ex(kctx->ctx, ossl_prov_digest_md(&kctx->digest), diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index 09b33bbdb7..cb68de3b3e 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -1245,7 +1245,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) * lowest saltlen number possible. */ if (saltlen < RSA_PSS_SALTLEN_MAX) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH); return 0; } @@ -1253,7 +1253,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) switch (saltlen) { case RSA_PSS_SALTLEN_AUTO: if (prsactx->operation == EVP_PKEY_OP_VERIFY) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH, + "Cannot use autodetected salt length"); return 0; } break; |