mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add better codes/messages for CyaSSL generic errors

Browse Source
This commit is contained in:
Todd A Ouska 2011-04-20 16:58:51 -07:00
parent 92bc4fc00d
commit 5a78a8999a
6 changed files with 67 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ctaocrypt/include/error.h
View File

@ -93,6 +93,7 @@ enum {
BAD_FUNC_ARG = -173, /* Bad function argument provided */
NOT_COMPILED_IN = -174, /* Feature not compiled in */
UNICODE_SIZE_E = -175, /* Unicdoe password too big */
NO_PASSWORD = -176, /* no password provided by user */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

4
ctaocrypt/src/asn.c
View File

@ -2200,6 +2200,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "Unicode password too big", max);
break;
case NO_PASSWORD :
XSTRNCPY(buffer, "No password provided by user", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);

1
include/cyassl_error.h
View File

@ -88,6 +88,7 @@ enum CyaSSL_ErrorCodes {
ECC_MAKEKEY_ERROR = -253, /* Bad Make ECC Key */
ECC_EXPORT_ERROR = -254, /* Bad ECC Export Key */
ECC_SHARED_ERROR = -255, /* Bad ECC Shared Secret */
BAD_MUTEX_ERROR = -256, /* Bad mutex */
/* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */

49
src/cyassl_int.c
View File

@ -1027,6 +1027,7 @@ static void AddHeaders(byte* output, word32 length, byte type, SSL* ssl)
}
/* return bytes received, -1 on error, 0 on timeout */
static int Receive(SSL* ssl, byte* buf, word32 sz, int flags)
{
int recvd;
@ -1167,7 +1168,7 @@ static INLINE int GrowOutputBuffer(SSL* ssl, int size)
ssl->heap, DYNAMIC_TYPE_OUT_BUFFER);
CYASSL_MSG("growing output buffer\n");
if (!tmp) return -1;
if (!tmp) return MEMORY_E;
if (ssl->buffers.outputBuffer.length)
XMEMCPY(tmp, ssl->buffers.outputBuffer.buffer,
@ -1191,7 +1192,7 @@ static INLINE int GrowInputBuffer(SSL* ssl, int size, int usedLength)
DYNAMIC_TYPE_IN_BUFFER);
CYASSL_MSG("growing input buffer\n");
if (!tmp) return -1;
if (!tmp) return MEMORY_E;
if (usedLength)
XMEMCPY(tmp, ssl->buffers.inputBuffer.buffer +
@ -2519,7 +2520,7 @@ int SendFinished(SSL* ssl)
server);
if ( (sendSz = BuildMessage(ssl, output, input, headerSz +
finishedSz, handshake)) == -1)
finishedSz, handshake)) < 0)
return BUILD_MSG_ERROR;
if (!ssl->options.resuming) {
@ -3114,15 +3115,19 @@ void SetErrorString(int error, char* buffer)
break;
case ECC_MAKEKEY_ERROR:
XSTRNCPY(buffer, "ECC Make Key failutre", max);
XSTRNCPY(buffer, "ECC Make Key failure", max);
break;
case ECC_EXPORT_ERROR:
XSTRNCPY(buffer, "ECC Export Key failutre", max);
XSTRNCPY(buffer, "ECC Export Key failure", max);
break;
case ECC_SHARED_ERROR:
XSTRNCPY(buffer, "ECC DHE shared failutre", max);
XSTRNCPY(buffer, "ECC DHE shared failure", max);
break;
case BAD_MUTEX_ERROR:
XSTRNCPY(buffer, "Bad mutex, operation failed", max);
break;
default :
@ -3980,7 +3985,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
}
#endif /* HAVE_ECC */
else
return -1;
return ALGO_ID_E;
ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
@ -3988,7 +3993,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
}
#endif /* HAVE_OPENSSL or HAVE_ECC */
return -1; /* not supported by build */
return NOT_COMPILED_IN; /* not supported by build */
}
@ -4131,7 +4136,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
ecc_free(&myKey);
#endif /* HAVE_ECC */
} else
return -1; /* unsupported kea */
return ALGO_ID_E; /* unsupported kea */
if (ret == 0) {
byte *output;
@ -4520,7 +4525,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
else {
FreeRsaKey(&rsaKey);
ecc_free(&dsaKey);
return -1; /* unsupported type */
return ALGO_ID_E; /* unsupported type */
}
length += sigSz;
@ -5479,7 +5484,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (pthread_mutex_init(m, 0) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5488,7 +5493,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (pthread_mutex_destroy(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5497,7 +5502,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (pthread_mutex_lock(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5506,7 +5511,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (pthread_mutex_unlock(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
#elif defined(THREADX)
@ -5516,7 +5521,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5525,7 +5530,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (tx_mutex_delete(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5534,7 +5539,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
@ -5543,7 +5548,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (tx_mutex_put(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
}
#elif defined(MICRIUM)
@ -5554,7 +5559,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (NetSecure_OS_MutexCreate(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
#else
return 0;
#endif
@ -5567,7 +5572,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (NetSecure_OS_FreeMutex(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
#else
return 0;
#endif
@ -5580,7 +5585,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (NetSecure_OS_LockMutex(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
#else
return 0;
#endif
@ -5593,7 +5598,7 @@ int UnLockMutex(CyaSSL_Mutex* m)
if (NetSecure_OS_UnLockMutex(m) == 0)
return 0;
else
return -1;
return BAD_MUTEX_ERROR;
#else
return 0;
#endif

62
src/ssl.c
View File

@ -127,7 +127,7 @@ int SSL_get_fd(const SSL* ssl)
int CyaSSL_negotiate(SSL* ssl)
{
int err = -1;
int err = SSL_FATAL_ERROR;
CYASSL_ENTER("CyaSSL_negotiate()");
#ifndef NO_CYASSL_SERVER
@ -154,7 +154,7 @@ int CyaSSL_SetTmpDH(SSL* ssl, unsigned char* p,int pSz,unsigned char* g,int gSz)
{
byte havePSK = 0;
if (ssl == NULL || p == NULL || g == NULL) return -1;
if (ssl == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG;
if (ssl->options.side != SERVER_END)
return SIDE_ERROR;
@ -742,27 +742,28 @@ int AddCA(SSL_CTX* ctx, buffer der)
/* decrypt */
char password[80];
int passwordSz;
int ret;
byte key[AES_256_KEY_SIZE];
byte iv[AES_IV_SIZE];
if (!ctx->passwd_cb) {
XFREE(der.buffer, ctx->heap, dynamicType);
return -1;
return NO_PASSWORD;
}
/* use file's salt for key derivation, hex decode first */
if (Base16Decode(info.iv, info.ivSz, info.iv, &info.ivSz) != 0) {
XFREE(der.buffer, ctx->heap, dynamicType);
return -1;
return ASN_INPUT_E;
}
passwordSz = ctx->passwd_cb(password, sizeof(password), 0,
ctx->userdata);
if (EVP_BytesToKey(info.name, "MD5", info.iv, (byte*)password,
passwordSz, 1, key, iv) <= 0) {
if ( (ret = EVP_BytesToKey(info.name, "MD5", info.iv,
(byte*)password, passwordSz, 1, key, iv)) <= 0) {
XFREE(der.buffer, ctx->heap, dynamicType);
return -1;
return ret;
}
if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) {
@ -1155,7 +1156,7 @@ int SSL_library_init(void)
if (InitCyaSSL() == 0)
return SSL_SUCCESS;
else
return -1;
return SSL_FATAL_ERROR;
}
@ -1634,10 +1635,10 @@ int InitCyaSSL(void)
int ret = 0;
#ifndef NO_SESSION_CACHE
if (InitMutex(&session_mutex) != 0)
ret = -1;
ret = BAD_MUTEX_ERROR;
#endif
if (InitMutex(&ca_mutex) != 0)
ret = -1;
ret = BAD_MUTEX_ERROR;
return ret;
}
@ -1648,10 +1649,10 @@ int FreeCyaSSL(void)
int ret = 0;
#ifndef NO_SESSION_CACHE
if (FreeMutex(&session_mutex) != 0)
ret = -1;
ret = BAD_MUTEX_ERROR;
#endif
if (FreeMutex(&ca_mutex) != 0)
ret = -1;
ret = BAD_MUTEX_ERROR;
return ret;
}
@ -1748,7 +1749,7 @@ int AddSession(SSL* ssl)
row = HashSession(ssl->arrays.sessionID) % SESSION_ROWS;
if (LockMutex(&session_mutex) != 0)
return -1;
return BAD_MUTEX_ERROR;
idx = SessionCache[row].nextIdx++;
@ -1775,7 +1776,7 @@ int AddSession(SSL* ssl)
SessionCache[row].nextIdx = 0;
if (UnLockMutex(&session_mutex) != 0)
return -1;
return BAD_MUTEX_ERROR;
return 0;
}
@ -1865,7 +1866,7 @@ int CyaSSL_set_compression(SSL* ssl)
ssl->options.usingCompression = 1;
return 0;
#else
return -1;
return NOT_COMPILED_IN;
#endif
}
@ -1956,7 +1957,7 @@ int CyaSSL_set_compression(SSL* ssl)
static int CyaSSL_ex_wrapper(SSL* ssl, HandShakeCallBack hsCb,
TimeoutCallBack toCb, Timeval timeout)
{
int ret = -1;
int ret = SSL_FATAL_ERROR;
int oldTimerOn = 0; /* was timer already on */
Timeval startTime;
Timeval endTime;
@ -2527,12 +2528,12 @@ int CyaSSL_set_compression(SSL* ssl)
/* already got eof, again is error */
if (front->eof)
return -1;
return SSL_FATAL_ERROR;
while(bio && ((ssl = bio->ssl) == 0) )
bio = bio->next;
if (ssl == 0) return -1;
if (ssl == 0) return BAD_FUNC_ARG;
ret = SSL_read(ssl, buf, len);
if (ret == 0)
@ -2554,12 +2555,12 @@ int CyaSSL_set_compression(SSL* ssl)
/* already got eof, again is error */
if (front->eof)
return -1;
return SSL_FATAL_ERROR;
while(bio && ((ssl = bio->ssl) == 0) )
bio = bio->next;
if (ssl == 0) return -1;
if (ssl == 0) return BAD_FUNC_ARG;
ret = SSL_write(ssl, data, len);
if (ret == 0)
@ -2828,7 +2829,7 @@ int CyaSSL_set_compression(SSL* ssl)
SHA_Init((SHA_CTX*)&ctx->hash);
}
else
return -1;
return BAD_FUNC_ARG;
return 0;
}
@ -2841,7 +2842,7 @@ int CyaSSL_set_compression(SSL* ssl)
else if (ctx->macType == SHA)
SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz);
else
return -1;
return BAD_FUNC_ARG;
return 0;
}
@ -2858,7 +2859,7 @@ int CyaSSL_set_compression(SSL* ssl)
if (s) *s = SHA_DIGEST_SIZE;
}
else
return -1;
return BAD_FUNC_ARG;
return 0;
}
@ -3769,7 +3770,7 @@ int CyaSSL_set_compression(SSL* ssl)
int CyaSSL_X509_get_serial_number(X509* x509, byte* buffer, int* inOutSz)
{
if (x509 == NULL || buffer == NULL || *inOutSz < x509->serialSz)
return -1;
return BAD_FUNC_ARG;
XMEMCPY(buffer, x509->serial, x509->serialSz);
*inOutSz = x509->serialSz;
@ -3834,13 +3835,14 @@ int CyaSSL_get_chain_cert_pem(X509_CHAIN* chain, int idx,
int headerLen = sizeof(header) - 1;
int footerLen = sizeof(footer) - 1;
int i;
int err;
if (!chain || !outLen || !buffer)
return -1;
return BAD_FUNC_ARG;
/* don't even try if inLen too short */
if (inLen < headerLen + footerLen + chain->certs[idx].length)
return -1;
return BAD_FUNC_ARG;
/* header */
XMEMCPY(buffer, header, headerLen);
@ -3848,14 +3850,14 @@ int CyaSSL_get_chain_cert_pem(X509_CHAIN* chain, int idx,
/* body */
*outLen = inLen; /* input to Base64Encode */
if (Base64Encode(chain->certs[idx].buffer, chain->certs[idx].length,
buffer + i, (word32*)outLen) < 0)
return -1;
if ( (err = Base64Encode(chain->certs[idx].buffer, chain->certs[idx].length,
buffer + i, (word32*)outLen)) < 0)
return err;
i += *outLen;
/* footer */
if ( (i + footerLen) > inLen)
return -1;
return BAD_FUNC_ARG;
XMEMCPY(buffer + i, footer, footerLen);
*outLen += headerLen + footerLen;

4
src/tls.c
View File

@ -446,13 +446,13 @@ void BuildTlsFinished(SSL* ssl, Hashes* hashes, const byte* sender)
int DeriveTlsKeys(SSL* ssl)
{
return -1;
return NOT_COMPILED_IN;
}
int MakeTlsMasterSecret(SSL* ssl)
{
return -1;
return NOT_COMPILED_IN;
}
#endif /* NO_TLS */