1 | /* error.c
|
---|
2 | *
|
---|
3 | * Copyright (C) 2006-2020 wolfSSL Inc.
|
---|
4 | *
|
---|
5 | * This file is part of wolfSSL.
|
---|
6 | *
|
---|
7 | * wolfSSL is free software; you can redistribute it and/or modify
|
---|
8 | * it under the terms of the GNU General Public License as published by
|
---|
9 | * the Free Software Foundation; either version 2 of the License, or
|
---|
10 | * (at your option) any later version.
|
---|
11 | *
|
---|
12 | * wolfSSL is distributed in the hope that it will be useful,
|
---|
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
15 | * GNU General Public License for more details.
|
---|
16 | *
|
---|
17 | * You should have received a copy of the GNU General Public License
|
---|
18 | * along with this program; if not, write to the Free Software
|
---|
19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
---|
20 | */
|
---|
21 |
|
---|
22 |
|
---|
23 | #ifdef HAVE_CONFIG_H
|
---|
24 | #include <config.h>
|
---|
25 | #endif
|
---|
26 |
|
---|
27 | #include <wolfssl/wolfcrypt/settings.h>
|
---|
28 |
|
---|
29 | #include <wolfssl/wolfcrypt/error-crypt.h>
|
---|
30 |
|
---|
31 | #ifdef _MSC_VER
|
---|
32 | /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
|
---|
33 | #pragma warning(disable: 4996)
|
---|
34 | #endif
|
---|
35 |
|
---|
36 | #ifndef NO_ERROR_STRINGS
|
---|
37 | const char* wc_GetErrorString(int error)
|
---|
38 | {
|
---|
39 | switch (error) {
|
---|
40 |
|
---|
41 | case OPEN_RAN_E :
|
---|
42 | return "opening random device error";
|
---|
43 |
|
---|
44 | case READ_RAN_E :
|
---|
45 | return "reading random device error";
|
---|
46 |
|
---|
47 | case WINCRYPT_E :
|
---|
48 | return "windows crypt init error";
|
---|
49 |
|
---|
50 | case CRYPTGEN_E :
|
---|
51 | return "windows crypt generation error";
|
---|
52 |
|
---|
53 | case RAN_BLOCK_E :
|
---|
54 | return "random device read would block error";
|
---|
55 |
|
---|
56 | case BAD_MUTEX_E :
|
---|
57 | return "Bad mutex, operation failed";
|
---|
58 |
|
---|
59 | case WC_TIMEOUT_E:
|
---|
60 | return "Timeout error";
|
---|
61 |
|
---|
62 | case WC_PENDING_E:
|
---|
63 | return "wolfCrypt Operation Pending (would block / eagain) error";
|
---|
64 |
|
---|
65 | case WC_NOT_PENDING_E:
|
---|
66 | return "wolfCrypt operation not pending error";
|
---|
67 |
|
---|
68 | case MP_INIT_E :
|
---|
69 | return "mp_init error state";
|
---|
70 |
|
---|
71 | case MP_READ_E :
|
---|
72 | return "mp_read error state";
|
---|
73 |
|
---|
74 | case MP_EXPTMOD_E :
|
---|
75 | return "mp_exptmod error state";
|
---|
76 |
|
---|
77 | case MP_TO_E :
|
---|
78 | return "mp_to_xxx error state, can't convert";
|
---|
79 |
|
---|
80 | case MP_SUB_E :
|
---|
81 | return "mp_sub error state, can't subtract";
|
---|
82 |
|
---|
83 | case MP_ADD_E :
|
---|
84 | return "mp_add error state, can't add";
|
---|
85 |
|
---|
86 | case MP_MUL_E :
|
---|
87 | return "mp_mul error state, can't multiply";
|
---|
88 |
|
---|
89 | case MP_MULMOD_E :
|
---|
90 | return "mp_mulmod error state, can't multiply mod";
|
---|
91 |
|
---|
92 | case MP_MOD_E :
|
---|
93 | return "mp_mod error state, can't mod";
|
---|
94 |
|
---|
95 | case MP_INVMOD_E :
|
---|
96 | return "mp_invmod error state, can't inv mod";
|
---|
97 |
|
---|
98 | case MP_CMP_E :
|
---|
99 | return "mp_cmp error state";
|
---|
100 |
|
---|
101 | case MP_ZERO_E :
|
---|
102 | return "mp zero result, not expected";
|
---|
103 |
|
---|
104 | case MEMORY_E :
|
---|
105 | return "out of memory error";
|
---|
106 |
|
---|
107 | case VAR_STATE_CHANGE_E :
|
---|
108 | return "Variable state modified by different thread";
|
---|
109 |
|
---|
110 | case RSA_WRONG_TYPE_E :
|
---|
111 | return "RSA wrong block type for RSA function";
|
---|
112 |
|
---|
113 | case RSA_BUFFER_E :
|
---|
114 | return "RSA buffer error, output too small or input too big";
|
---|
115 |
|
---|
116 | case BUFFER_E :
|
---|
117 | return "Buffer error, output too small or input too big";
|
---|
118 |
|
---|
119 | case ALGO_ID_E :
|
---|
120 | return "Setting Cert AlgoID error";
|
---|
121 |
|
---|
122 | case PUBLIC_KEY_E :
|
---|
123 | return "Setting Cert Public Key error";
|
---|
124 |
|
---|
125 | case DATE_E :
|
---|
126 | return "Setting Cert Date validity error";
|
---|
127 |
|
---|
128 | case SUBJECT_E :
|
---|
129 | return "Setting Cert Subject name error";
|
---|
130 |
|
---|
131 | case ISSUER_E :
|
---|
132 | return "Setting Cert Issuer name error";
|
---|
133 |
|
---|
134 | case CA_TRUE_E :
|
---|
135 | return "Setting basic constraint CA true error";
|
---|
136 |
|
---|
137 | case EXTENSIONS_E :
|
---|
138 | return "Setting extensions error";
|
---|
139 |
|
---|
140 | case ASN_PARSE_E :
|
---|
141 | return "ASN parsing error, invalid input";
|
---|
142 |
|
---|
143 | case ASN_VERSION_E :
|
---|
144 | return "ASN version error, invalid number";
|
---|
145 |
|
---|
146 | case ASN_GETINT_E :
|
---|
147 | return "ASN get big int error, invalid data";
|
---|
148 |
|
---|
149 | case ASN_RSA_KEY_E :
|
---|
150 | return "ASN key init error, invalid input";
|
---|
151 |
|
---|
152 | case ASN_OBJECT_ID_E :
|
---|
153 | return "ASN object id error, invalid id";
|
---|
154 |
|
---|
155 | case ASN_TAG_NULL_E :
|
---|
156 | return "ASN tag error, not null";
|
---|
157 |
|
---|
158 | case ASN_EXPECT_0_E :
|
---|
159 | return "ASN expect error, not zero";
|
---|
160 |
|
---|
161 | case ASN_BITSTR_E :
|
---|
162 | return "ASN bit string error, wrong id";
|
---|
163 |
|
---|
164 | case ASN_UNKNOWN_OID_E :
|
---|
165 | return "ASN oid error, unknown sum id";
|
---|
166 |
|
---|
167 | case ASN_DATE_SZ_E :
|
---|
168 | return "ASN date error, bad size";
|
---|
169 |
|
---|
170 | case ASN_BEFORE_DATE_E :
|
---|
171 | return "ASN date error, current date before";
|
---|
172 |
|
---|
173 | case ASN_AFTER_DATE_E :
|
---|
174 | return "ASN date error, current date after";
|
---|
175 |
|
---|
176 | case ASN_SIG_OID_E :
|
---|
177 | return "ASN signature error, mismatched oid";
|
---|
178 |
|
---|
179 | case ASN_TIME_E :
|
---|
180 | return "ASN time error, unknown time type";
|
---|
181 |
|
---|
182 | case ASN_INPUT_E :
|
---|
183 | return "ASN input error, not enough data";
|
---|
184 |
|
---|
185 | case ASN_SIG_CONFIRM_E :
|
---|
186 | return "ASN sig error, confirm failure";
|
---|
187 |
|
---|
188 | case ASN_SIG_HASH_E :
|
---|
189 | return "ASN sig error, unsupported hash type";
|
---|
190 |
|
---|
191 | case ASN_SIG_KEY_E :
|
---|
192 | return "ASN sig error, unsupported key type";
|
---|
193 |
|
---|
194 | case ASN_DH_KEY_E :
|
---|
195 | return "ASN key init error, invalid input";
|
---|
196 |
|
---|
197 | case ASN_NTRU_KEY_E :
|
---|
198 | return "ASN NTRU key decode error, invalid input";
|
---|
199 |
|
---|
200 | case ASN_CRIT_EXT_E:
|
---|
201 | return "X.509 Critical extension ignored or invalid";
|
---|
202 |
|
---|
203 | case ASN_ALT_NAME_E:
|
---|
204 | return "ASN alternate name error";
|
---|
205 |
|
---|
206 | case ECC_BAD_ARG_E :
|
---|
207 | return "ECC input argument wrong type, invalid input";
|
---|
208 |
|
---|
209 | case ASN_ECC_KEY_E :
|
---|
210 | return "ECC ASN1 bad key data, invalid input";
|
---|
211 |
|
---|
212 | case ECC_CURVE_OID_E :
|
---|
213 | return "ECC curve sum OID unsupported, invalid input";
|
---|
214 |
|
---|
215 | case BAD_FUNC_ARG :
|
---|
216 | return "Bad function argument";
|
---|
217 |
|
---|
218 | case NOT_COMPILED_IN :
|
---|
219 | return "Feature not compiled in";
|
---|
220 |
|
---|
221 | case UNICODE_SIZE_E :
|
---|
222 | return "Unicode password too big";
|
---|
223 |
|
---|
224 | case NO_PASSWORD :
|
---|
225 | return "No password provided by user";
|
---|
226 |
|
---|
227 | case ALT_NAME_E :
|
---|
228 | return "Alt Name problem, too big";
|
---|
229 |
|
---|
230 | case AES_GCM_AUTH_E:
|
---|
231 | return "AES-GCM Authentication check fail";
|
---|
232 |
|
---|
233 | case AES_CCM_AUTH_E:
|
---|
234 | return "AES-CCM Authentication check fail";
|
---|
235 |
|
---|
236 | case ASYNC_INIT_E:
|
---|
237 | return "Async Init error";
|
---|
238 |
|
---|
239 | case COMPRESS_INIT_E:
|
---|
240 | return "Compress Init error";
|
---|
241 |
|
---|
242 | case COMPRESS_E:
|
---|
243 | return "Compress error";
|
---|
244 |
|
---|
245 | case DECOMPRESS_INIT_E:
|
---|
246 | return "DeCompress Init error";
|
---|
247 |
|
---|
248 | case DECOMPRESS_E:
|
---|
249 | return "DeCompress error";
|
---|
250 |
|
---|
251 | case BAD_ALIGN_E:
|
---|
252 | return "Bad alignment error, no alloc help";
|
---|
253 |
|
---|
254 | case ASN_NO_SIGNER_E :
|
---|
255 | return "ASN no signer error to confirm failure";
|
---|
256 |
|
---|
257 | case ASN_CRL_CONFIRM_E :
|
---|
258 | return "ASN CRL sig error, confirm failure";
|
---|
259 |
|
---|
260 | case ASN_CRL_NO_SIGNER_E :
|
---|
261 | return "ASN CRL no signer error to confirm failure";
|
---|
262 |
|
---|
263 | case ASN_OCSP_CONFIRM_E :
|
---|
264 | return "ASN OCSP sig error, confirm failure";
|
---|
265 |
|
---|
266 | case ASN_NO_PEM_HEADER:
|
---|
267 | return "ASN no PEM Header Error";
|
---|
268 |
|
---|
269 | case BAD_STATE_E:
|
---|
270 | return "Bad state operation";
|
---|
271 |
|
---|
272 | case BAD_PADDING_E:
|
---|
273 | return "Bad padding, message wrong length";
|
---|
274 |
|
---|
275 | case REQ_ATTRIBUTE_E:
|
---|
276 | return "Setting cert request attributes error";
|
---|
277 |
|
---|
278 | case PKCS7_OID_E:
|
---|
279 | return "PKCS#7 error: mismatched OID value";
|
---|
280 |
|
---|
281 | case PKCS7_RECIP_E:
|
---|
282 | return "PKCS#7 error: no matching recipient found";
|
---|
283 |
|
---|
284 | case WC_PKCS7_WANT_READ_E:
|
---|
285 | return "PKCS#7 operations wants more input, call again";
|
---|
286 |
|
---|
287 | case FIPS_NOT_ALLOWED_E:
|
---|
288 | return "FIPS mode not allowed error";
|
---|
289 |
|
---|
290 | case ASN_NAME_INVALID_E:
|
---|
291 | return "Name Constraint error";
|
---|
292 |
|
---|
293 | case RNG_FAILURE_E:
|
---|
294 | return "Random Number Generator failed";
|
---|
295 |
|
---|
296 | case HMAC_MIN_KEYLEN_E:
|
---|
297 | return "FIPS Mode HMAC Minimum Key Length error";
|
---|
298 |
|
---|
299 | case RSA_PAD_E:
|
---|
300 | return "Rsa Padding error";
|
---|
301 |
|
---|
302 | case LENGTH_ONLY_E:
|
---|
303 | return "Output length only set, not for other use error";
|
---|
304 |
|
---|
305 | case IN_CORE_FIPS_E:
|
---|
306 | return "In Core Integrity check FIPS error";
|
---|
307 |
|
---|
308 | case AES_KAT_FIPS_E:
|
---|
309 | return "AES Known Answer Test check FIPS error";
|
---|
310 |
|
---|
311 | case DES3_KAT_FIPS_E:
|
---|
312 | return "DES3 Known Answer Test check FIPS error";
|
---|
313 |
|
---|
314 | case HMAC_KAT_FIPS_E:
|
---|
315 | return "HMAC Known Answer Test check FIPS error";
|
---|
316 |
|
---|
317 | case RSA_KAT_FIPS_E:
|
---|
318 | return "RSA Known Answer Test check FIPS error";
|
---|
319 |
|
---|
320 | case DRBG_KAT_FIPS_E:
|
---|
321 | return "DRBG Known Answer Test check FIPS error";
|
---|
322 |
|
---|
323 | case DRBG_CONT_FIPS_E:
|
---|
324 | return "DRBG Continuous Test FIPS error";
|
---|
325 |
|
---|
326 | case AESGCM_KAT_FIPS_E:
|
---|
327 | return "AESGCM Known Answer Test check FIPS error";
|
---|
328 |
|
---|
329 | case THREAD_STORE_KEY_E:
|
---|
330 | return "Thread Storage Key Create error";
|
---|
331 |
|
---|
332 | case THREAD_STORE_SET_E:
|
---|
333 | return "Thread Storage Set error";
|
---|
334 |
|
---|
335 | case MAC_CMP_FAILED_E:
|
---|
336 | return "MAC comparison failed";
|
---|
337 |
|
---|
338 | case IS_POINT_E:
|
---|
339 | return "ECC is point on curve failed";
|
---|
340 |
|
---|
341 | case ECC_INF_E:
|
---|
342 | return " ECC point at infinity error";
|
---|
343 |
|
---|
344 | case ECC_OUT_OF_RANGE_E:
|
---|
345 | return " ECC Qx or Qy out of range error";
|
---|
346 |
|
---|
347 | case ECC_PRIV_KEY_E:
|
---|
348 | return " ECC private key is not valid error";
|
---|
349 |
|
---|
350 | case SRP_CALL_ORDER_E:
|
---|
351 | return "SRP function called in the wrong order error";
|
---|
352 |
|
---|
353 | case SRP_VERIFY_E:
|
---|
354 | return "SRP proof verification error";
|
---|
355 |
|
---|
356 | case SRP_BAD_KEY_E:
|
---|
357 | return "SRP bad key values error";
|
---|
358 |
|
---|
359 | case ASN_NO_SKID:
|
---|
360 | return "ASN no Subject Key Identifier found error";
|
---|
361 |
|
---|
362 | case ASN_NO_AKID:
|
---|
363 | return "ASN no Authority Key Identifier found error";
|
---|
364 |
|
---|
365 | case ASN_NO_KEYUSAGE:
|
---|
366 | return "ASN no Key Usage found error";
|
---|
367 |
|
---|
368 | case SKID_E:
|
---|
369 | return "Setting Subject Key Identifier error";
|
---|
370 |
|
---|
371 | case AKID_E:
|
---|
372 | return "Setting Authority Key Identifier error";
|
---|
373 |
|
---|
374 | case KEYUSAGE_E:
|
---|
375 | return "Key Usage value error";
|
---|
376 |
|
---|
377 | case EXTKEYUSAGE_E:
|
---|
378 | return "Extended Key Usage value error";
|
---|
379 |
|
---|
380 | case CERTPOLICIES_E:
|
---|
381 | return "Setting Certificate Policies error";
|
---|
382 |
|
---|
383 | case WC_INIT_E:
|
---|
384 | return "wolfCrypt Initialize Failure error";
|
---|
385 |
|
---|
386 | case SIG_VERIFY_E:
|
---|
387 | return "Signature verify error";
|
---|
388 |
|
---|
389 | case BAD_COND_E:
|
---|
390 | return "Bad condition variable operation error";
|
---|
391 |
|
---|
392 | case SIG_TYPE_E:
|
---|
393 | return "Signature type not enabled/available";
|
---|
394 |
|
---|
395 | case HASH_TYPE_E:
|
---|
396 | return "Hash type not enabled/available";
|
---|
397 |
|
---|
398 | case WC_KEY_SIZE_E:
|
---|
399 | return "Key size error, either too small or large";
|
---|
400 |
|
---|
401 | case ASN_COUNTRY_SIZE_E:
|
---|
402 | return "Country code size error, either too small or large";
|
---|
403 |
|
---|
404 | case MISSING_RNG_E:
|
---|
405 | return "RNG required but not provided";
|
---|
406 |
|
---|
407 | case ASN_PATHLEN_SIZE_E:
|
---|
408 | return "ASN CA path length value too large error";
|
---|
409 |
|
---|
410 | case ASN_PATHLEN_INV_E:
|
---|
411 | return "ASN CA path length larger than signer error";
|
---|
412 |
|
---|
413 | case BAD_KEYWRAP_ALG_E:
|
---|
414 | return "Unsupported key wrap algorithm error";
|
---|
415 |
|
---|
416 | case BAD_KEYWRAP_IV_E:
|
---|
417 | return "Decrypted AES key wrap IV does not match expected";
|
---|
418 |
|
---|
419 | case WC_CLEANUP_E:
|
---|
420 | return "wolfcrypt cleanup failed";
|
---|
421 |
|
---|
422 | case ECC_CDH_KAT_FIPS_E:
|
---|
423 | return "wolfcrypt FIPS ECC CDH Known Answer Test Failure";
|
---|
424 |
|
---|
425 | case DH_CHECK_PUB_E:
|
---|
426 | return "DH Check Public Key failure";
|
---|
427 |
|
---|
428 | case BAD_PATH_ERROR:
|
---|
429 | return "Bad path for opendir error";
|
---|
430 |
|
---|
431 | case ASYNC_OP_E:
|
---|
432 | return "Async operation error";
|
---|
433 |
|
---|
434 | case BAD_OCSP_RESPONDER:
|
---|
435 | return "Invalid OCSP Responder, missing specific key usage extensions";
|
---|
436 |
|
---|
437 | case ECC_PRIVATEONLY_E:
|
---|
438 | return "Invalid use of private only ECC key";
|
---|
439 |
|
---|
440 | case WC_HW_E:
|
---|
441 | return "Error with hardware crypto use";
|
---|
442 |
|
---|
443 | case WC_HW_WAIT_E:
|
---|
444 | return "Hardware waiting on resource";
|
---|
445 |
|
---|
446 | case PSS_SALTLEN_E:
|
---|
447 | return "PSS - Length of salt is too big for hash algorithm";
|
---|
448 |
|
---|
449 | case PRIME_GEN_E:
|
---|
450 | return "Unable to find a prime for RSA key";
|
---|
451 |
|
---|
452 | case BER_INDEF_E:
|
---|
453 | return "Unable to decode an indefinite length encoded message";
|
---|
454 |
|
---|
455 | case RSA_OUT_OF_RANGE_E:
|
---|
456 | return "Ciphertext to decrypt is out of range";
|
---|
457 |
|
---|
458 | case RSAPSS_PAT_FIPS_E:
|
---|
459 | return "wolfcrypt FIPS RSA-PSS Pairwise Agreement Test Failure";
|
---|
460 |
|
---|
461 | case ECDSA_PAT_FIPS_E:
|
---|
462 | return "wolfcrypt FIPS ECDSA Pairwise Agreement Test Failure";
|
---|
463 |
|
---|
464 | case DH_KAT_FIPS_E:
|
---|
465 | return "wolfcrypt FIPS DH Known Answer Test Failure";
|
---|
466 |
|
---|
467 | case AESCCM_KAT_FIPS_E:
|
---|
468 | return "AESCCM Known Answer Test check FIPS error";
|
---|
469 |
|
---|
470 | case SHA3_KAT_FIPS_E:
|
---|
471 | return "SHA-3 Known Answer Test check FIPS error";
|
---|
472 |
|
---|
473 | case ECDHE_KAT_FIPS_E:
|
---|
474 | return "wolfcrypt FIPS ECDHE Known Answer Test Failure";
|
---|
475 |
|
---|
476 | case AES_GCM_OVERFLOW_E:
|
---|
477 | return "AES-GCM invocation counter overflow";
|
---|
478 |
|
---|
479 | case AES_CCM_OVERFLOW_E:
|
---|
480 | return "AES-CCM invocation counter overflow";
|
---|
481 |
|
---|
482 | case RSA_KEY_PAIR_E:
|
---|
483 | return "RSA Key Pair-Wise Consistency check fail";
|
---|
484 |
|
---|
485 | case DH_CHECK_PRIV_E:
|
---|
486 | return "DH Check Private Key failure";
|
---|
487 |
|
---|
488 | case WC_AFALG_SOCK_E:
|
---|
489 | return "AF_ALG socket error";
|
---|
490 |
|
---|
491 | case WC_DEVCRYPTO_E:
|
---|
492 | return "Error with /dev/crypto";
|
---|
493 |
|
---|
494 | case ZLIB_INIT_ERROR:
|
---|
495 | return "zlib init error";
|
---|
496 |
|
---|
497 | case ZLIB_COMPRESS_ERROR:
|
---|
498 | return "zlib compress error";
|
---|
499 |
|
---|
500 | case ZLIB_DECOMPRESS_ERROR:
|
---|
501 | return "zlib decompress error";
|
---|
502 |
|
---|
503 | case PKCS7_NO_SIGNER_E:
|
---|
504 | return "No signer in PKCS#7 signed data";
|
---|
505 |
|
---|
506 | case CRYPTOCB_UNAVAILABLE:
|
---|
507 | return "Crypto callback unavailable";
|
---|
508 |
|
---|
509 | case PKCS7_SIGNEEDS_CHECK:
|
---|
510 | return "Signature found but no certificate to verify";
|
---|
511 |
|
---|
512 | case PSS_SALTLEN_RECOVER_E:
|
---|
513 | return "PSS - Salt length unable to be recovered";
|
---|
514 |
|
---|
515 | case ASN_SELF_SIGNED_E:
|
---|
516 | return "ASN self-signed certificate error";
|
---|
517 |
|
---|
518 | default:
|
---|
519 | return "unknown error number";
|
---|
520 |
|
---|
521 | }
|
---|
522 | }
|
---|
523 |
|
---|
524 | void wc_ErrorString(int error, char* buffer)
|
---|
525 | {
|
---|
526 | XSTRNCPY(buffer, wc_GetErrorString(error), WOLFSSL_MAX_ERROR_SZ);
|
---|
527 | buffer[WOLFSSL_MAX_ERROR_SZ-1] = 0;
|
---|
528 | }
|
---|
529 | #endif /* !NO_ERROR_STRINGS */
|
---|
530 |
|
---|