diff options
author | Richard Levitte <levitte@openssl.org> | 2020-11-04 12:23:19 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-11-13 09:35:02 +0100 |
commit | 9311d0c471ca2eaa259e8c1bbbeb7c46394c7ba2 (patch) | |
tree | e82c26569e5a952980e65a746af920beed602aab /crypto/cmp | |
parent | 31a6b52f6db009c639c67387a707dd235f29a430 (diff) |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
Diffstat (limited to 'crypto/cmp')
-rw-r--r-- | crypto/cmp/cmp_asn.c | 8 | ||||
-rw-r--r-- | crypto/cmp/cmp_client.c | 66 | ||||
-rw-r--r-- | crypto/cmp/cmp_ctx.c | 106 | ||||
-rw-r--r-- | crypto/cmp/cmp_hdr.c | 6 | ||||
-rw-r--r-- | crypto/cmp/cmp_http.c | 2 | ||||
-rw-r--r-- | crypto/cmp/cmp_msg.c | 62 | ||||
-rw-r--r-- | crypto/cmp/cmp_protect.c | 26 | ||||
-rw-r--r-- | crypto/cmp/cmp_server.c | 62 | ||||
-rw-r--r-- | crypto/cmp/cmp_status.c | 8 | ||||
-rw-r--r-- | crypto/cmp/cmp_util.c | 12 | ||||
-rw-r--r-- | crypto/cmp/cmp_vfy.c | 44 |
11 files changed, 202 insertions, 200 deletions
diff --git a/crypto/cmp/cmp_asn.c b/crypto/cmp/cmp_asn.c index d9013911a0..e2f7169dda 100644 --- a/crypto/cmp/cmp_asn.c +++ b/crypto/cmp/cmp_asn.c @@ -167,7 +167,7 @@ int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p, int created = 0; if (itav_sk_p == NULL || itav == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); goto err; } @@ -194,15 +194,15 @@ int ossl_cmp_asn1_get_int(const ASN1_INTEGER *a) int64_t res; if (!ASN1_INTEGER_get_int64(&res, a)) { - CMPerr(0, ASN1_R_INVALID_NUMBER); + ERR_raise(ERR_LIB_CMP, ASN1_R_INVALID_NUMBER); return -1; } if (res < INT_MIN) { - CMPerr(0, ASN1_R_TOO_SMALL); + ERR_raise(ERR_LIB_CMP, ASN1_R_TOO_SMALL); return -1; } if (res > INT_MAX) { - CMPerr(0, ASN1_R_TOO_LARGE); + ERR_raise(ERR_LIB_CMP, ASN1_R_TOO_LARGE); return -1; } return (int)res; diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index ef256e6c72..dd974413c0 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -147,12 +147,12 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, if ((IS_CREP(expected_type) || expected_type == OSSL_CMP_PKIBODY_POLLREP) && ctx->total_timeout > 0 /* timeout is not infinite */) { if (now >= ctx->end_time) { - CMPerr(0, CMP_R_TOTAL_TIMEOUT); + ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT); return 0; } if (!ossl_assert(ctx->end_time - time(NULL) < INT_MAX)) { /* cannot really happen due to the assignment in do_certreq_seq() */ - CMPerr(0, CMP_R_INVALID_ARGS); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); return 0; } time_left = (int)(ctx->end_time - now); @@ -169,7 +169,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, ctx->msg_timeout = msg_timeout; /* restore original value */ if (*rep == NULL) { - CMPerr(0, CMP_R_TRANSFER_ERROR); /* or receiving response */ + ERR_raise(ERR_LIB_CMP, CMP_R_TRANSFER_ERROR); /* or receiving response */ ERR_add_error_data(2, "request sent: ", req_type_str); ERR_add_error_data(2, ", expected response: ", expected_type_str); return 0; @@ -198,7 +198,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, return 1; /* received message type is not one of the expected ones (e.g., error) */ - CMPerr(0, bt == OSSL_CMP_PKIBODY_ERROR ? CMP_R_RECEIVED_ERROR : + ERR_raise(ERR_LIB_CMP, bt == OSSL_CMP_PKIBODY_ERROR ? CMP_R_RECEIVED_ERROR : CMP_R_UNEXPECTED_PKIBODY); /* in next line for mkerr.pl */ if (bt != OSSL_CMP_PKIBODY_ERROR) { @@ -226,7 +226,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, OPENSSL_free(text); } if (ctx->status != OSSL_CMP_PKISTATUS_rejection) { - CMPerr(0, CMP_R_UNEXPECTED_PKISTATUS); + ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKISTATUS); if (ctx->status == OSSL_CMP_PKISTATUS_waiting) ctx->status = OSSL_CMP_PKISTATUS_rejection; } @@ -276,7 +276,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, /* TODO: handle potentially multiple elements in pollRep */ if (sk_OSSL_CMP_POLLREP_num(prc) > 1) { - CMPerr(0, CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED); + ERR_raise(ERR_LIB_CMP, CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED); goto err; } pollRep = ossl_cmp_pollrepcontent_get0_pollrep(prc, rid); @@ -284,12 +284,12 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, goto err; if (!ASN1_INTEGER_get_int64(&check_after, pollRep->checkAfter)) { - CMPerr(0, CMP_R_BAD_CHECKAFTER_IN_POLLREP); + ERR_raise(ERR_LIB_CMP, CMP_R_BAD_CHECKAFTER_IN_POLLREP); goto err; } if (check_after < 0 || (uint64_t)check_after > (sleep ? ULONG_MAX / 1000 : INT_MAX)) { - CMPerr(0, CMP_R_CHECKAFTER_OUT_OF_RANGE); + ERR_raise(ERR_LIB_CMP, CMP_R_CHECKAFTER_OUT_OF_RANGE); if (BIO_snprintf(str, OSSL_CMP_PKISI_BUFLEN, "value = %jd", check_after) >= 0) ERR_add_error_data(1, str); @@ -300,7 +300,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL)); if (time_left <= 0) { - CMPerr(0, CMP_R_TOTAL_TIMEOUT); + ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT); goto err; } if (time_left < check_after) @@ -420,7 +420,7 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype, case OSSL_CMP_PKISTATUS_waiting: ossl_cmp_err(ctx, "received \"waiting\" status for cert when actually aiming to extract cert"); - CMPerr(0, CMP_R_ENCOUNTERED_WAITING); + ERR_raise(ERR_LIB_CMP, CMP_R_ENCOUNTERED_WAITING); goto err; case OSSL_CMP_PKISTATUS_grantedWithMods: ossl_cmp_warn(ctx, "received \"grantedWithMods\" for certificate"); @@ -430,7 +430,7 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype, /* get all information in case of a rejection before going to error */ case OSSL_CMP_PKISTATUS_rejection: ossl_cmp_err(ctx, "received \"rejection\" status rather than cert"); - CMPerr(0, CMP_R_REQUEST_REJECTED_BY_SERVER); + ERR_raise(ERR_LIB_CMP, CMP_R_REQUEST_REJECTED_BY_SERVER); goto err; case OSSL_CMP_PKISTATUS_revocationWarning: ossl_cmp_warn(ctx, @@ -442,7 +442,7 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype, break; case OSSL_CMP_PKISTATUS_keyUpdateWarning: if (bodytype != OSSL_CMP_PKIBODY_KUR) { - CMPerr(0, CMP_R_ENCOUNTERED_KEYUPDATEWARNING); + ERR_raise(ERR_LIB_CMP, CMP_R_ENCOUNTERED_KEYUPDATEWARNING); goto err; } break; @@ -450,12 +450,12 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype, ossl_cmp_log1(ERROR, ctx, "received unsupported PKIStatus %d for certificate", ctx->status); - CMPerr(0, CMP_R_UNKNOWN_PKISTATUS); + ERR_raise(ERR_LIB_CMP, CMP_R_UNKNOWN_PKISTATUS); goto err; } crt = ossl_cmp_certresponse_get1_cert(crep, ctx, privkey); if (crt == NULL) /* according to PKIStatus, we can expect a cert */ - CMPerr(0, CMP_R_CERTIFICATE_NOT_FOUND); + ERR_raise(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_FOUND); return crt; @@ -546,7 +546,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid, retry: crepmsg = (*resp)->body->value.ip; /* same for cp and kup */ if (sk_OSSL_CMP_CERTRESPONSE_num(crepmsg->response) > 1) { - CMPerr(0, CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED); + ERR_raise(ERR_LIB_CMP, CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED); return 0; } /* TODO: handle potentially multiple CertResponses in CertRepMsg */ @@ -559,7 +559,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid, /* for OSSL_CMP_PKIBODY_P10CR learn CertReqId from response */ rid = ossl_cmp_asn1_get_int(crep->certReqId); if (rid == -1) { - CMPerr(0, CMP_R_BAD_REQUEST_ID); + ERR_raise(ERR_LIB_CMP, CMP_R_BAD_REQUEST_ID); return 0; } } @@ -572,7 +572,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid, return ret; /* waiting */ goto retry; /* got ip/cp/kup, which may still indicate 'waiting' */ } else { - CMPerr(0, CMP_R_POLLING_FAILED); + ERR_raise(ERR_LIB_CMP, CMP_R_POLLING_FAILED); return 0; } } @@ -633,7 +633,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid, /* not throwing failure earlier as transfer_cb may call ERR_clear_error() */ if (fail_info != 0) { - CMPerr(0, CMP_R_CERTIFICATE_NOT_ACCEPTED); + ERR_raise(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED); ERR_add_error_data(2, "rejecting newly enrolled cert with subject: ", subj); if (txt != NULL) @@ -655,7 +655,7 @@ int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, int res = 0; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -712,11 +712,11 @@ X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type, X509 *result = NULL; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } if (is_p10 && crm != NULL) { - CMPerr(0, CMP_R_INVALID_ARGS); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); return NULL; } @@ -757,11 +757,11 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) X509 *result = NULL; if (ctx == NULL) { - CMPerr(0, CMP_R_INVALID_ARGS); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); return 0; } if (ctx->oldCert == NULL) { - CMPerr(0, CMP_R_MISSING_REFERENCE_CERT); + ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_REFERENCE_CERT); return 0; } ctx->status = -1; @@ -776,12 +776,12 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) rrep = rp->body->value.rp; #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION if (sk_OSSL_CMP_PKISI_num(rrep->status) != num_RevDetails) { - CMPerr(0, CMP_R_WRONG_RP_COMPONENT_COUNT); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_RP_COMPONENT_COUNT); goto end; } #else if (sk_OSSL_CMP_PKISI_num(rrep->status) < 1) { - CMPerr(0, CMP_R_WRONG_RP_COMPONENT_COUNT); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_RP_COMPONENT_COUNT); goto end; } #endif @@ -800,7 +800,7 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) result = ctx->oldCert; break; case OSSL_CMP_PKISTATUS_rejection: - CMPerr(0, CMP_R_REQUEST_REJECTED_BY_SERVER); + ERR_raise(ERR_LIB_CMP, CMP_R_REQUEST_REJECTED_BY_SERVER); goto err; case OSSL_CMP_PKISTATUS_revocationWarning: ossl_cmp_info(ctx, "revocation accepted (PKIStatus=revocationWarning)"); @@ -814,10 +814,10 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) break; case OSSL_CMP_PKISTATUS_waiting: case OSSL_CMP_PKISTATUS_keyUpdateWarning: - CMPerr(0, CMP_R_UNEXPECTED_PKISTATUS); + ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKISTATUS); goto err; default: - CMPerr(0, CMP_R_UNKNOWN_PKISTATUS); + ERR_raise(ERR_LIB_CMP, CMP_R_UNKNOWN_PKISTATUS); goto err; } @@ -830,7 +830,7 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) ASN1_INTEGER *serial = OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(tmpl); if (sk_OSSL_CRMF_CERTID_num(rrep->revCerts) != num_RevDetails) { - CMPerr(0, CMP_R_WRONG_RP_COMPONENT_COUNT); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_RP_COMPONENT_COUNT); result = NULL; goto err; } @@ -840,7 +840,7 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) } if (X509_NAME_cmp(issuer, OSSL_CRMF_CERTID_get0_issuer(cid)) != 0) { #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - CMPerr(0, CMP_R_WRONG_CERTID_IN_RP); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_CERTID_IN_RP); result = NULL; goto err; #endif @@ -848,7 +848,7 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) if (ASN1_INTEGER_cmp(serial, OSSL_CRMF_CERTID_get0_serialNumber(cid)) != 0) { #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - CMPerr(0, CMP_R_WRONG_SERIAL_IN_RP); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_SERIAL_IN_RP); result = NULL; goto err; #endif @@ -857,7 +857,7 @@ X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) /* check number of any optionally present crls */ if (rrep->crls != NULL && sk_X509_CRL_num(rrep->crls) != num_RevDetails) { - CMPerr(0, CMP_R_WRONG_RP_COMPONENT_COUNT); + ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_RP_COMPONENT_COUNT); result = NULL; goto err; } @@ -880,7 +880,7 @@ STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx) STACK_OF(OSSL_CMP_ITAV) *rcvd_itavs = NULL; if (ctx == NULL) { - CMPerr(0, CMP_R_INVALID_ARGS); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); return 0; } diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index 97d76f0223..e1b4e50ea9 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -27,7 +27,7 @@ X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->trusted; @@ -41,7 +41,7 @@ X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx) int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } X509_STORE_free(ctx->trusted); @@ -53,7 +53,7 @@ int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store) STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->untrusted; @@ -67,7 +67,7 @@ int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs) { STACK_OF(X509) *untrusted; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } if ((untrusted = sk_X509_new_null()) == NULL) @@ -89,7 +89,7 @@ static int cmp_ctx_set_md(OSSL_CMP_CTX *ctx, EVP_MD **pmd, int nid) /* fetching in advance to be able to throw error early if unsupported */ if (md == NULL) { - CMPerr(0, CMP_R_UNSUPPORTED_ALGORITHM); + ERR_raise(ERR_LIB_CMP, CMP_R_UNSUPPORTED_ALGORITHM); return 0; } EVP_MD_free(*pmd); @@ -138,7 +138,7 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) err: OSSL_CMP_CTX_free(ctx); - X509err(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); return NULL; } @@ -146,7 +146,7 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -233,7 +233,7 @@ int ossl_cmp_ctx_set_status(OSSL_CMP_CTX *ctx, int status) int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return -1; } return ctx->status; @@ -246,7 +246,7 @@ int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx) OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->statusString; @@ -275,7 +275,7 @@ int ossl_cmp_ctx_set0_validatedSrvCert(OSSL_CMP_CTX *ctx, X509 *cert) int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->certConf_cb = cb; @@ -289,7 +289,7 @@ int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb) int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->certConf_cb_arg = arg; @@ -304,7 +304,7 @@ int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg) void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->certConf_cb_arg; @@ -398,7 +398,7 @@ int ossl_cmp_print_log(OSSL_CMP_severity level, const OSSL_CMP_CTX *ctx, int OSSL_CMP_CTX_set_log_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_log_cb_t cb) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->log_cb = cb; @@ -429,7 +429,7 @@ int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx, const unsigned char *ref, int len) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } return ossl_cmp_asn1_octet_string_set1_bytes(&ctx->referenceValue, ref, @@ -442,7 +442,7 @@ int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, const unsigned char *sec, { ASN1_OCTET_STRING *secretValue = NULL; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } if (ossl_cmp_asn1_octet_string_set1_bytes(&secretValue, sec, len) != 1) @@ -459,7 +459,7 @@ int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, const unsigned char *sec, STACK_OF(X509) *OSSL_CMP_CTX_get1_newChain(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } if (ctx->newChain == NULL) @@ -487,7 +487,7 @@ int ossl_cmp_ctx_set1_newChain(OSSL_CMP_CTX *ctx, STACK_OF(X509) *newChain) STACK_OF(X509) *OSSL_CMP_CTX_get1_extraCertsIn(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } if (ctx->extraCertsIn == NULL) @@ -520,7 +520,7 @@ int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx, STACK_OF(X509) *extraCertsOut) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -538,7 +538,7 @@ int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx, int OSSL_CMP_CTX_push0_policy(OSSL_CMP_CTX *ctx, POLICYINFO *pinfo) { if (ctx == NULL || pinfo == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -553,7 +553,7 @@ int OSSL_CMP_CTX_push0_policy(OSSL_CMP_CTX *ctx, POLICYINFO *pinfo) int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } return OSSL_CMP_ITAV_push0_stack_item(&ctx->geninfo_ITAVs, itav); @@ -563,7 +563,7 @@ int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav) int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } return OSSL_CMP_ITAV_push0_stack_item(&ctx->genm_ITAVs, itav); @@ -577,7 +577,7 @@ int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav) STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } if (ctx->caPubs == NULL) @@ -609,7 +609,7 @@ int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, const TYPE *val) \ TYPE *val_dup = NULL; \ \ if (ctx == NULL) { \ - CMPerr(0, CMP_R_NULL_ARGUMENT); \ + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \ return 0; \ } \ \ @@ -626,13 +626,13 @@ int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, const TYPE *val) \ int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, TYPE *val) \ { \ if (ctx == NULL) { \ - CMPerr(0, CMP_R_NULL_ARGUMENT); \ + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \ return 0; \ } \ \ /* prevent misleading error later on malformed cert or provider issue */ \ if (val != NULL && TYPE##_invalid(val)) { \ - CMPerr(0, CMP_R_POTENTIALLY_INVALID_CERTIFICATE); \ + ERR_raise(ERR_LIB_CMP, CMP_R_POTENTIALLY_INVALID_CERTIFICATE); \ return 0; \ } \ if (val != NULL && !TYPE##_up_ref(val)) \ @@ -668,13 +668,13 @@ DEFINE_OSSL_CMP_CTX_set1(subjectName, X509_NAME) int OSSL_CMP_CTX_set0_reqExtensions(OSSL_CMP_CTX *ctx, X509_EXTENSIONS *exts) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } if (sk_GENERAL_NAME_num(ctx->subjectAltNames) > 0 && exts != NULL && X509v3_get_ext_by_NID(exts, NID_subject_alt_name, -1) >= 0) { - CMPerr(0, CMP_R_MULTIPLE_SAN_SOURCES); + ERR_raise(ERR_LIB_CMP, CMP_R_MULTIPLE_SAN_SOURCES); return 0; } sk_X509_EXTENSION_pop_free(ctx->reqExtensions, X509_EXTENSION_free); @@ -686,7 +686,7 @@ int OSSL_CMP_CTX_set0_reqExtensions(OSSL_CMP_CTX *ctx, X509_EXTENSIONS *exts) int OSSL_CMP_CTX_reqExtensions_have_SAN(OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return -1; } /* if one of the following conditions 'fail' this is not an error */ @@ -705,12 +705,12 @@ int OSSL_CMP_CTX_push1_subjectAltName(OSSL_CMP_CTX *ctx, GENERAL_NAME *name_dup; if (ctx == NULL || name == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } if (OSSL_CMP_CTX_reqExtensions_have_SAN(ctx) == 1) { - CMPerr(0, CMP_R_MULTIPLE_SAN_SOURCES); + ERR_raise(ERR_LIB_CMP, CMP_R_MULTIPLE_SAN_SOURCES); return 0; } @@ -738,7 +738,7 @@ int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted, STACK_OF(X509) *chain; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -752,7 +752,7 @@ int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted, chain = ossl_cmp_build_cert_chain(ctx->libctx, ctx->propq, own_trusted, ctx->untrusted, ctx->cert); if (chain == NULL) { - CMPerr(0, CMP_R_FAILED_BUILDING_OWN_CHAIN); + ERR_raise(ERR_LIB_CMP, CMP_R_FAILED_BUILDING_OWN_CHAIN); return 0; } ossl_cmp_debug(ctx, "success building chain for own CMP signer cert"); @@ -792,7 +792,7 @@ int ossl_cmp_ctx_set0_newCert(OSSL_CMP_CTX *ctx, X509 *cert) X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->newCert; @@ -805,7 +805,7 @@ DEFINE_OSSL_CMP_CTX_set1_up_ref(pkey, EVP_PKEY) int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -819,7 +819,7 @@ int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey) EVP_PKEY *OSSL_CMP_CTX_get0_newPkey(const OSSL_CMP_CTX *ctx, int priv) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } @@ -835,7 +835,7 @@ int OSSL_CMP_CTX_set1_transactionID(OSSL_CMP_CTX *ctx, const ASN1_OCTET_STRING *id) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } return ossl_cmp_asn1_octet_string_set1(&ctx->transactionID, id); @@ -855,7 +855,7 @@ int OSSL_CMP_CTX_set1_senderNonce(OSSL_CMP_CTX *ctx, const ASN1_OCTET_STRING *nonce) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } return ossl_cmp_asn1_octet_string_set1(&ctx->senderNonce, nonce); @@ -874,7 +874,7 @@ DEFINE_OSSL_CMP_CTX_set1(no_proxy, char) int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->http_cb = cb; @@ -885,7 +885,7 @@ int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb) int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->http_cb_arg = arg; @@ -899,7 +899,7 @@ int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg) void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->http_cb_arg; @@ -909,7 +909,7 @@ void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx) int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->transfer_cb = cb; @@ -920,7 +920,7 @@ int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb) int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->transfer_cb_arg = arg; @@ -934,7 +934,7 @@ int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg) void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return ctx->transfer_cb_arg; @@ -944,7 +944,7 @@ void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx) int OSSL_CMP_CTX_set_serverPort(OSSL_CMP_CTX *ctx, int port) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } ctx->serverPort = port; @@ -970,7 +970,7 @@ int ossl_cmp_ctx_set_failInfoCode(OSSL_CMP_CTX *ctx, int fail_info) int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return -1; } return ctx->failInfoCode; @@ -982,7 +982,7 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) int min_val; if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } @@ -998,14 +998,14 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) break; } if (val < min_val) { - CMPerr(0, CMP_R_VALUE_TOO_SMALL); + ERR_raise(ERR_LIB_CMP, CMP_R_VALUE_TOO_SMALL); return 0; } switch (opt) { case OSSL_CMP_OPT_LOG_VERBOSITY: if (val > OSSL_CMP_LOG_MAX) { - CMPerr(0, CMP_R_VALUE_TOO_LARGE); + ERR_raise(ERR_LIB_CMP, CMP_R_VALUE_TOO_LARGE); return 0; } ctx->log_verbosity = val; @@ -1039,7 +1039,7 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) break; case OSSL_CMP_OPT_POPO_METHOD: if (val > OSSL_CRMF_POPO_KEYAGREE) { - CMPerr(0, CMP_R_VALUE_TOO_LARGE); + ERR_raise(ERR_LIB_CMP, CMP_R_VALUE_TOO_LARGE); return 0; } ctx->popoMethod = val; @@ -1066,13 +1066,13 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) break; case OSSL_CMP_OPT_REVOCATION_REASON: if (val > OCSP_REVOKED_STATUS_AACOMPROMISE) { - CMPerr(0, CMP_R_VALUE_TOO_LARGE); + ERR_raise(ERR_LIB_CMP, CMP_R_VALUE_TOO_LARGE); return 0; } ctx->revocationReason = val; break; default: - CMPerr(0, CMP_R_INVALID_OPTION); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_OPTION); return 0; } @@ -1086,7 +1086,7 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt) { if (ctx == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return -1; } @@ -1128,7 +1128,7 @@ int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt) case OSSL_CMP_OPT_REVOCATION_REASON: return ctx->revocationReason; default: - CMPerr(0, CMP_R_INVALID_OPTION); + ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_OPTION); return -1; } } diff --git a/crypto/cmp/cmp_hdr.c b/crypto/cmp/cmp_hdr.c index 947f984505..5882d9c9de 100644 --- a/crypto/cmp/cmp_hdr.c +++ b/crypto/cmp/cmp_hdr.c @@ -50,7 +50,7 @@ ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const OSSL_CMP_PKIHEADER *hdr) { if (hdr == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return hdr->transactionID; @@ -66,7 +66,7 @@ ASN1_OCTET_STRING *ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER *hdr) ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr) { if (hdr == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return hdr->recipNonce; @@ -147,7 +147,7 @@ static int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len) int res = 0; if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len) <= 0) - CMPerr(0, CMP_R_FAILURE_OBTAINING_RANDOM); + ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM); else res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len); OPENSSL_free(bytes); diff --git a/crypto/cmp/cmp_http.c b/crypto/cmp/cmp_http.c index 33b5f6af7a..215c47c7c5 100644 --- a/crypto/cmp/cmp_http.c +++ b/crypto/cmp/cmp_http.c @@ -42,7 +42,7 @@ OSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *res; if (ctx == NULL || req == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index 2333b0bc2b..eff093c6b5 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -24,7 +24,7 @@ OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg) { if (msg == NULL) { - CMPerr(0, CMP_R_NULL_ARGUMENT); + ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } return msg->header; @@ -118,7 +118,7 @@ OSSL_CMP_MSG *ossl_cmp_msg_create(OSSL_CMP_CTX *ctx, int bodytype) case OSSL_CMP_PKIBODY_P10CR: if (ctx->p10CSR == NULL) { - CMPerr(0, CMP_R_MISSING_P10CSR); + ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_P10CSR); goto err; } if ((msg->body->value.p10cr = X509_REQ_dup(ctx->p10CSR)) == NULL) @@ -173,7 +173,7 @@ OSSL_CMP_MSG *ossl_cmp_msg_create(OSSL_CMP_CTX *ctx, int bodytype) return msg; default: - CMPerr(0, CMP_R_UNEXPECTED_PKIBODY); + ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKIBODY); goto err; } @@ -219,12 +219,12 @@ OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid) rkey = ctx->pkey; /* default is independent of ctx->oldCert */ |