From: Richard Levitte Date: Mon, 12 Aug 2019 11:14:51 +0000 (+0200) Subject: Adjust some provider reason codes X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f73eb733eeeb50df0068d01efaa3221cadb07389;p=openssl Adjust some provider reason codes BLAKE2 MACs came with a set of new reason codes. Those talking about lengths are consistently called PROV_R_INVALID_FOO_LENGTH, for any name FOO. The cipher messages were briefer. In the interest of having more humanly readable messages, we adjust the reasons used by the ciphers (that's just IV length and key length). Reviewed-by: Matt Caswell Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/8877) --- diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 68a95c832b..988e6117ec 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2712,8 +2712,8 @@ PROV_R_FAILED_TO_GET_PARAMETER:103:failed to get parameter PROV_R_FAILED_TO_SET_PARAMETER:104:failed to set parameter PROV_R_INVALID_AAD:108:invalid aad PROV_R_INVALID_CUSTOM_LENGTH:111:invalid custom length -PROV_R_INVALID_IVLEN:109:invalid ivlen -PROV_R_INVALID_KEYLEN:105:invalid keylen +PROV_R_INVALID_IV_LENGTH:109:invalid iv length +PROV_R_INVALID_KEY_LENGTH:105:invalid key length PROV_R_INVALID_SALT_LENGTH:112:invalid salt length PROV_R_INVALID_TAG:110:invalid tag PROV_R_NOT_XOF_OR_INVALID_LENGTH:113:not xof or invalid length diff --git a/providers/common/ciphers/aes.c b/providers/common/ciphers/aes.c index a211694a88..32ae19be3f 100644 --- a/providers/common/ciphers/aes.c +++ b/providers/common/ciphers/aes.c @@ -59,7 +59,7 @@ static int aes_einit(void *vctx, const unsigned char *key, size_t keylen, } if (key != NULL) { if (keylen != ctx->keylen) { - PROVerr(PROV_F_AES_EINIT, PROV_R_INVALID_KEYLEN); + PROVerr(PROV_F_AES_EINIT, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->ciph->init(ctx, key, ctx->keylen); @@ -79,7 +79,7 @@ static int aes_dinit(void *vctx, const unsigned char *key, size_t keylen, } if (key != NULL) { if (keylen != ctx->keylen) { - PROVerr(PROV_F_AES_DINIT, PROV_R_INVALID_KEYLEN); + PROVerr(PROV_F_AES_DINIT, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->ciph->init(ctx, key, ctx->keylen); diff --git a/providers/common/ciphers/gcm.c b/providers/common/ciphers/gcm.c index e3b79f1a94..164c716483 100644 --- a/providers/common/ciphers/gcm.c +++ b/providers/common/ciphers/gcm.c @@ -68,7 +68,7 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen, if (iv != NULL) { if (ivlen < ctx->ivlen_min || ivlen > sizeof(ctx->iv)) { - PROVerr(0, PROV_R_INVALID_IVLEN); + PROVerr(0, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->ivlen = ivlen; @@ -78,7 +78,7 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - PROVerr(0, PROV_R_INVALID_KEYLEN); + PROVerr(0, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->setkey(ctx, key, ctx->keylen); @@ -120,7 +120,7 @@ static int gcm_ctx_get_params(void *vctx, OSSL_PARAM params[]) if (ctx->iv_gen != 1 && ctx->iv_gen_rand != 1) return 0; if (ctx->ivlen != (int)p->data_size) { - PROVerr(0, PROV_R_INVALID_IVLEN); + PROVerr(0, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, ctx->ivlen)) { @@ -177,7 +177,7 @@ static int gcm_ctx_set_params(void *vctx, const OSSL_PARAM params[]) return 0; } if (sz == 0 || sz > sizeof(ctx->iv)) { - PROVerr(0, PROV_R_INVALID_IVLEN); + PROVerr(0, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->ivlen = sz; diff --git a/providers/common/include/internal/providercommonerr.h b/providers/common/include/internal/providercommonerr.h index ad961b09a6..7c4a175c25 100644 --- a/providers/common/include/internal/providercommonerr.h +++ b/providers/common/include/internal/providercommonerr.h @@ -51,8 +51,8 @@ int ERR_load_PROV_strings(void); # define PROV_R_FAILED_TO_SET_PARAMETER 104 # define PROV_R_INVALID_AAD 108 # define PROV_R_INVALID_CUSTOM_LENGTH 111 -# define PROV_R_INVALID_IVLEN 109 -# define PROV_R_INVALID_KEYLEN 105 +# define PROV_R_INVALID_IV_LENGTH 109 +# define PROV_R_INVALID_KEY_LENGTH 105 # define PROV_R_INVALID_SALT_LENGTH 112 # define PROV_R_INVALID_TAG 110 # define PROV_R_NOT_XOF_OR_INVALID_LENGTH 113 diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c index f1039cd930..b7f90057d4 100644 --- a/providers/common/provider_err.c +++ b/providers/common/provider_err.c @@ -25,12 +25,12 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "failed to set parameter"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_AAD), "invalid aad"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_CUSTOM_LENGTH), - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IVLEN), "invalid ivlen"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEYLEN), "invalid keylen"}, + "invalid custom length"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IV_LENGTH), "invalid iv length"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SALT_LENGTH), "invalid salt length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"}, - "invalid custom length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_XOF_OR_INVALID_LENGTH), "not xof or invalid length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NO_KEY_SET), "no key set"},