mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-10 06:55:38 +00:00
Make ECP error codes more specific
This commit is contained in:
parent
568c9cf878
commit
456d3b9b0b
|
@ -34,9 +34,11 @@
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
|
#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
|
||||||
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
|
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
|
||||||
#define POLARSSL_ERR_ECP_GENERIC -0x4E80 /**< Generic ECP error. */
|
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */
|
||||||
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E00 /**< Requested curve not available. */
|
|
||||||
#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
|
#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
|
||||||
|
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
|
||||||
|
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
|
||||||
|
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
|
@ -301,7 +303,7 @@ int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P,
|
||||||
* \param ilen Actual length of input
|
* \param ilen Actual length of input
|
||||||
*
|
*
|
||||||
* \return 0 if successful,
|
* \return 0 if successful,
|
||||||
* POLARSSL_ERR_ECP_GENERIC if input is invalid
|
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
|
||||||
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
|
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
|
||||||
*
|
*
|
||||||
* \note This function does NOT check that the point actually
|
* \note This function does NOT check that the point actually
|
||||||
|
@ -474,7 +476,7 @@ int ecp_mul( const ecp_group *grp, ecp_point *R,
|
||||||
* \param pt Point to check
|
* \param pt Point to check
|
||||||
*
|
*
|
||||||
* \return 0 if point is a valid public key,
|
* \return 0 if point is a valid public key,
|
||||||
* POLARSSL_ERR_ECP_GENERIC otherwise.
|
* POLARSSL_ERR_ECP_INVALID_KEY otherwise.
|
||||||
*
|
*
|
||||||
* \note This function only checks the point is non-zero, has valid
|
* \note This function only checks the point is non-zero, has valid
|
||||||
* coordinates and lies on the curve, but not that it is
|
* coordinates and lies on the curve, but not that it is
|
||||||
|
@ -497,7 +499,7 @@ int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt );
|
||||||
* \param d Integer to check
|
* \param d Integer to check
|
||||||
*
|
*
|
||||||
* \return 0 if point is a valid private key,
|
* \return 0 if point is a valid private key,
|
||||||
* POLARSSL_ERR_ECP_GENERIC otherwise.
|
* POLARSSL_ERR_ECP_INVALID_KEY otherwise.
|
||||||
*
|
*
|
||||||
* \note Uses bare components rather than an ecp_keypair structure
|
* \note Uses bare components rather than an ecp_keypair structure
|
||||||
* in order to ease use with other structures such as
|
* in order to ease use with other structures such as
|
||||||
|
|
|
@ -81,7 +81,7 @@
|
||||||
* DHM 3 9
|
* DHM 3 9
|
||||||
* PKCS5 3 4 (Started from top)
|
* PKCS5 3 4 (Started from top)
|
||||||
* RSA 4 9
|
* RSA 4 9
|
||||||
* ECP 4 4 (Started from top)
|
* ECP 4 7 (Started from top)
|
||||||
* MD 5 4
|
* MD 5 4
|
||||||
* CIPHER 6 5
|
* CIPHER 6 5
|
||||||
* SSL 6 6 (Started from top)
|
* SSL 6 6 (Started from top)
|
||||||
|
|
|
@ -77,7 +77,7 @@ int ecdsa_sign( const ecp_group *grp, mpi *r, mpi *s,
|
||||||
|
|
||||||
if( key_tries++ > 10 )
|
if( key_tries++ > 10 )
|
||||||
{
|
{
|
||||||
ret = POLARSSL_ERR_ECP_GENERIC;
|
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -99,7 +99,7 @@ int ecdsa_sign( const ecp_group *grp, mpi *r, mpi *s,
|
||||||
|
|
||||||
if( sign_tries++ > 10 )
|
if( sign_tries++ > 10 )
|
||||||
{
|
{
|
||||||
ret = POLARSSL_ERR_ECP_GENERIC;
|
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -417,7 +417,7 @@ static int ecp_modp( mpi *N, const ecp_group *grp )
|
||||||
return( mpi_mod_mpi( N, N, &grp->P ) );
|
return( mpi_mod_mpi( N, N, &grp->P ) );
|
||||||
|
|
||||||
if( mpi_cmp_int( N, 0 ) < 0 || mpi_msb( N ) > 2 * grp->pbits )
|
if( mpi_cmp_int( N, 0 ) < 0 || mpi_msb( N ) > 2 * grp->pbits )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
MPI_CHK( grp->modp( N ) );
|
MPI_CHK( grp->modp( N ) );
|
||||||
|
|
||||||
|
@ -869,7 +869,7 @@ static int ecp_normalize_many( const ecp_group *grp,
|
||||||
return( ecp_normalize( grp, T ) );
|
return( ecp_normalize( grp, T ) );
|
||||||
|
|
||||||
if( ( c = (mpi *) polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL )
|
if( ( c = (mpi *) polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_MALLOC_FAILED );
|
||||||
|
|
||||||
mpi_init( &u ); mpi_init( &Zi ); mpi_init( &ZZi );
|
mpi_init( &u ); mpi_init( &Zi ); mpi_init( &ZZi );
|
||||||
for( i = 0; i < t_len; i++ )
|
for( i = 0; i < t_len; i++ )
|
||||||
|
@ -1033,7 +1033,7 @@ static int ecp_add_mixed( const ecp_group *grp, ecp_point *R,
|
||||||
* Make sure Q coordinates are normalized
|
* Make sure Q coordinates are normalized
|
||||||
*/
|
*/
|
||||||
if( mpi_cmp_int( &Q->Z, 1 ) != 0 )
|
if( mpi_cmp_int( &Q->Z, 1 ) != 0 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 ); mpi_init( &T4 );
|
mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 ); mpi_init( &T4 );
|
||||||
mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z );
|
mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z );
|
||||||
|
@ -1176,10 +1176,10 @@ static int ecp_w_naf_fixed( signed char x[], size_t k,
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We should have consumed all the bits now
|
* We should have consumed all bits, unless the input value was too big
|
||||||
*/
|
*/
|
||||||
if( mpi_cmp_int( &M, 0 ) != 0 )
|
if( mpi_cmp_int( &M, 0 ) != 0 )
|
||||||
ret = POLARSSL_ERR_ECP_GENERIC;
|
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
|
@ -1245,7 +1245,7 @@ static int ecp_randomize_coordinates( const ecp_group *grp, ecp_point *pt,
|
||||||
mpi_shift_r( &l, 1 );
|
mpi_shift_r( &l, 1 );
|
||||||
|
|
||||||
if( count++ > 10 )
|
if( count++ > 10 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_RANDOM_FAILED );
|
||||||
}
|
}
|
||||||
while( mpi_cmp_int( &l, 1 ) <= 0 );
|
while( mpi_cmp_int( &l, 1 ) <= 0 );
|
||||||
|
|
||||||
|
@ -1406,19 +1406,19 @@ int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
|
||||||
mpi YY, RHS;
|
mpi YY, RHS;
|
||||||
|
|
||||||
if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
|
if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* pt coordinates must be normalized for our checks
|
* pt coordinates must be normalized for our checks
|
||||||
*/
|
*/
|
||||||
if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
|
if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
|
if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
|
||||||
mpi_cmp_int( &pt->Y, 0 ) < 0 ||
|
mpi_cmp_int( &pt->Y, 0 ) < 0 ||
|
||||||
mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
|
mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
|
||||||
mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
|
mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
mpi_init( &YY ); mpi_init( &RHS );
|
mpi_init( &YY ); mpi_init( &RHS );
|
||||||
|
|
||||||
|
@ -1433,7 +1433,7 @@ int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
|
||||||
MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
|
MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
|
||||||
|
|
||||||
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
|
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
|
||||||
ret = POLARSSL_ERR_ECP_GENERIC;
|
ret = POLARSSL_ERR_ECP_INVALID_KEY;
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
|
@ -1449,7 +1449,7 @@ int ecp_check_privkey( const ecp_group *grp, const mpi *d )
|
||||||
{
|
{
|
||||||
/* We want 1 <= d <= N-1 */
|
/* We want 1 <= d <= N-1 */
|
||||||
if ( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
|
if ( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
@ -1475,7 +1475,7 @@ int ecp_gen_keypair( const ecp_group *grp, mpi *d, ecp_point *Q,
|
||||||
mpi_shift_r( d, 1 );
|
mpi_shift_r( d, 1 );
|
||||||
|
|
||||||
if( count++ > 10 )
|
if( count++ > 10 )
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_RANDOM_FAILED );
|
||||||
}
|
}
|
||||||
while( mpi_cmp_int( d, 1 ) < 0 );
|
while( mpi_cmp_int( d, 1 ) < 0 );
|
||||||
|
|
||||||
|
|
|
@ -215,12 +215,16 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
||||||
snprintf( buf, buflen, "ECP - Bad input parameters to function" );
|
snprintf( buf, buflen, "ECP - Bad input parameters to function" );
|
||||||
if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) )
|
if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) )
|
||||||
snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
|
snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
|
||||||
if( use_ret == -(POLARSSL_ERR_ECP_GENERIC) )
|
|
||||||
snprintf( buf, buflen, "ECP - Generic ECP error" );
|
|
||||||
if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) )
|
if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) )
|
||||||
snprintf( buf, buflen, "ECP - Requested curve not available" );
|
snprintf( buf, buflen, "ECP - Requested curve not available" );
|
||||||
if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) )
|
if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) )
|
||||||
snprintf( buf, buflen, "ECP - The signature is not valid" );
|
snprintf( buf, buflen, "ECP - The signature is not valid" );
|
||||||
|
if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) )
|
||||||
|
snprintf( buf, buflen, "ECP - Memory allocation failed" );
|
||||||
|
if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) )
|
||||||
|
snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
|
||||||
|
if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
|
||||||
|
snprintf( buf, buflen, "ECP - Invalid private or public key" );
|
||||||
#endif /* POLARSSL_ECP_C */
|
#endif /* POLARSSL_ECP_C */
|
||||||
|
|
||||||
#if defined(POLARSSL_MD_C)
|
#if defined(POLARSSL_MD_C)
|
||||||
|
|
|
@ -104,34 +104,34 @@ ECP small multiplication too big
|
||||||
ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_BAD_INPUT_DATA
|
ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_BAD_INPUT_DATA
|
||||||
|
|
||||||
ECP small check pubkey #1
|
ECP small check pubkey #1
|
||||||
ecp_small_check_pub:1:1:0:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:1:1:0:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP small check pubkey #2
|
ECP small check pubkey #2
|
||||||
ecp_small_check_pub:9:-1:1:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:9:-1:1:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP small check pubkey #3
|
ECP small check pubkey #3
|
||||||
ecp_small_check_pub:9:46:1:0
|
ecp_small_check_pub:9:46:1:0
|
||||||
|
|
||||||
ECP small check pubkey #4
|
ECP small check pubkey #4
|
||||||
ecp_small_check_pub:13:47:1:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:13:47:1:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP small check pubkey #5
|
ECP small check pubkey #5
|
||||||
ecp_small_check_pub:13:0:1:0
|
ecp_small_check_pub:13:0:1:0
|
||||||
|
|
||||||
ECP small check pubkey #6
|
ECP small check pubkey #6
|
||||||
ecp_small_check_pub:-1:10:1:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:-1:10:1:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP small check pubkey #7
|
ECP small check pubkey #7
|
||||||
ecp_small_check_pub:46:10:1:0
|
ecp_small_check_pub:46:10:1:0
|
||||||
|
|
||||||
ECP small check pubkey #8
|
ECP small check pubkey #8
|
||||||
ecp_small_check_pub:47:2:1:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:47:2:1:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP small check pubkey #9
|
ECP small check pubkey #9
|
||||||
ecp_small_check_pub:0:2:1:0
|
ecp_small_check_pub:0:2:1:0
|
||||||
|
|
||||||
ECP small check pubkey #10
|
ECP small check pubkey #10
|
||||||
ecp_small_check_pub:10:25:1:POLARSSL_ERR_ECP_GENERIC
|
ecp_small_check_pub:10:25:1:POLARSSL_ERR_ECP_INVALID_KEY
|
||||||
|
|
||||||
ECP write binary #0 (zero, bad format)
|
ECP write binary #0 (zero, bad format)
|
||||||
depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
||||||
|
|
|
@ -478,10 +478,10 @@ void ecp_check_privkey( int id )
|
||||||
TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
|
TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
|
||||||
|
|
||||||
TEST_ASSERT( mpi_lset( &d, 0 ) == 0 );
|
TEST_ASSERT( mpi_lset( &d, 0 ) == 0 );
|
||||||
TEST_ASSERT( ecp_check_privkey( &grp, &d ) == POLARSSL_ERR_ECP_GENERIC );
|
TEST_ASSERT( ecp_check_privkey( &grp, &d ) == POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
TEST_ASSERT( mpi_copy( &d, &grp.N ) == 0 );
|
TEST_ASSERT( mpi_copy( &d, &grp.N ) == 0 );
|
||||||
TEST_ASSERT( ecp_check_privkey( &grp, &d ) == POLARSSL_ERR_ECP_GENERIC );
|
TEST_ASSERT( ecp_check_privkey( &grp, &d ) == POLARSSL_ERR_ECP_INVALID_KEY );
|
||||||
|
|
||||||
ecp_group_free( &grp );
|
ecp_group_free( &grp );
|
||||||
mpi_free( &d );
|
mpi_free( &d );
|
||||||
|
|
Loading…
Reference in a new issue