From cf38367f450b00fd8ade1ba82b853a0a13767f78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 1 Feb 2014 10:22:21 +0100 Subject: [PATCH] Fix HMAC_DRBG and RIPEMD160 error codes --- include/polarssl/error.h | 18 +++++++++++------- include/polarssl/hmac_drbg.h | 8 ++++---- include/polarssl/ripemd160.h | 2 +- library/error.c | 24 ++++++++++++++++++++++++ scripts/generate_errors.pl | 5 +++-- 5 files changed, 43 insertions(+), 14 deletions(-) diff --git a/include/polarssl/error.h b/include/polarssl/error.h index 55a8a45af..33a2c88ea 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -41,15 +41,17 @@ * * 16 bit error code bit-segmentation * - * 1 bit - Intentionally not used + * 1 bit - Sign bit * 3 bits - High level module ID * 5 bits - Module-dependent error code - * 6 bits - Low level module errors - * 1 bit - Intentionally not used + * 7 bits - Low level module errors * - * Low-level module errors (0x007E-0x0002) + * For historical reasons, low-level error codes are divided in even and odd, + * and even codes were assigned first. * - * Module Nr Codes assigned + * Low-level module errors (0x0001-0x00FF) + * + * Module Nr Codes assigned * MPI 7 0x0002-0x0010 * GCM 2 0x0012-0x0014 * BLOWFISH 2 0x0016-0x0018 @@ -61,7 +63,7 @@ * OID 1 0x002E-0x002E * PADLOCK 1 0x0030-0x0030 * DES 1 0x0032-0x0032 - * CTR_DBRG 3 0x0034-0x003A + * CTR_DBRG 4 0x0034-0x003A * ENTROPY 3 0x003C-0x0040 * NET 11 0x0042-0x0056 * ASN1 7 0x0060-0x006C @@ -72,6 +74,8 @@ * SHA256 1 0x0078-0x0078 * SHA512 1 0x007A-0x007A * PBKDF2 1 0x007C-0x007C + * RIPEMD160 1 0x007E-0x007E + * HMAC_DRBG 4 0x0001-0x0007 * * High-level module nr (3 bits - 0x1...-0x8...) * Name ID Nr of Errors @@ -88,7 +92,7 @@ * SSL 6 8 (Started from top) * SSL 7 31 * - * Module dependent error code (5 bits 0x.08.-0x.F8.) + * Module dependent error code (5 bits 0x.00.-0x.F8.) */ #ifdef __cplusplus diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h index b42a2fb8b..640eb0c03 100644 --- a/include/polarssl/hmac_drbg.h +++ b/include/polarssl/hmac_drbg.h @@ -32,10 +32,10 @@ /* * ! Same values as ctr_drbg.h ! */ -#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ -#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ -#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ -#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ +#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0001 /**< The entropy source failed. */ +#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ +#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ +#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ #if !defined(POLARSSL_CONFIG_OPTIONS) #define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ diff --git a/include/polarssl/ripemd160.h b/include/polarssl/ripemd160.h index 02a92f5aa..5cbdf4285 100644 --- a/include/polarssl/ripemd160.h +++ b/include/polarssl/ripemd160.h @@ -38,7 +38,7 @@ typedef UINT32 uint32_t; #include #endif -#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */ +#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */ #if !defined(POLARSSL_RIPEMD160_ALT) // Regular implementation diff --git a/library/error.c b/library/error.c index 6ef104d72..64dc0f525 100644 --- a/library/error.c +++ b/library/error.c @@ -77,6 +77,10 @@ #include "polarssl/gcm.h" #endif +#if defined(POLARSSL_HMAC_DRBG_C) +#include "polarssl/hmac_drbg.h" +#endif + #if defined(POLARSSL_MD_C) #include "polarssl/md.h" #endif @@ -125,6 +129,10 @@ #include "polarssl/pkcs5.h" #endif +#if defined(POLARSSL_RIPEMD160_C) +#include "polarssl/ripemd160.h" +#endif + #if defined(POLARSSL_RSA_C) #include "polarssl/rsa.h" #endif @@ -589,6 +597,17 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "GCM - Bad input parameters to function" ); #endif /* POLARSSL_GCM_C */ +#if defined(POLARSSL_HMAC_DRBG_C) + if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) ) + snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" ); + if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG) ) + snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); + if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG) ) + snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" ); + if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR) ) + snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" ); +#endif /* POLARSSL_HMAC_DRBG_C */ + #if defined(POLARSSL_MD2_C) if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) ) snprintf( buf, buflen, "MD2 - Read/write error in file" ); @@ -644,6 +663,11 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" ); #endif /* POLARSSL_PBKDF2_C */ +#if defined(POLARSSL_RIPEMD160_C) + if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) ) + snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" ); +#endif /* POLARSSL_RIPEMD160_C */ + #if defined(POLARSSL_SHA1_C) if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) ) snprintf( buf, buflen, "SHA1 - Read/write error in file" ); diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 0dff537d4..5631ae8e2 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -11,8 +11,8 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = ( "AES", "ASN1", "BLOWFISH", "CAMELLIA", "BIGNUM", "BASE64", "XTEA", "PBKDF2", "OID", "PADLOCK", "DES", "NET", "CTR_DRBG", "ENTROPY", - "MD2", "MD4", "MD5", "SHA1", "SHA256", "SHA512", - "GCM", "THREADING" ); + "HMAC_DRBG", "MD2", "MD4", "MD5", "RIPEMD160", + "SHA1", "SHA256", "SHA512", "GCM", "THREADING" ); my @high_level_modules = ( "PEM", "X509", "DHM", "RSA", "ECP", "MD", "CIPHER", "SSL", "PK", "PKCS12", "PKCS5" ); @@ -48,6 +48,7 @@ while (my $line = ) # Fix faulty ones $module_name = "BIGNUM" if ($module_name eq "MPI"); $module_name = "CTR_DRBG" if ($module_name eq "CTR"); + $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509");