diff options
Diffstat (limited to 'providers')
21 files changed, 47 insertions, 62 deletions
diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c index 55978a1095..ecd3b8e081 100644 --- a/providers/common/provider_err.c +++ b/providers/common/provider_err.c @@ -17,8 +17,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ADDITIONAL_INPUT_TOO_LONG), "additional input too long"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_AES_KEY_SETUP_FAILED), - "aes key setup failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ALGORITHM_MISMATCH), "algorithm mismatch"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ALREADY_INSTANTIATED), @@ -29,18 +27,12 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BAD_TLS_CLIENT_VERSION), "bad tls client version"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BN_ERROR), "bn error"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BOTH_MODE_AND_MODE_INT), - "both mode and mode int"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_CIPHER_OPERATION_FAILED), "cipher operation failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DERIVATION_FUNCTION_INIT_FAILED), "derivation function init failed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS), - "derivation function mandatory for fips"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DIGEST_NOT_ALLOWED), "digest not allowed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DRBG_ALREADY_INITIALIZED), - "drbg already initialized"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ERROR_RETRIEVING_ENTROPY), @@ -68,8 +60,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_GENERATE_ERROR), "generate error"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INAVLID_UKM_LENGTH), - "inavlid ukm length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INDICATOR_INTEGRITY_FAILURE), "indicator integrity failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INSUFFICIENT_DRBG_STRENGTH), @@ -90,23 +80,16 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid digest size"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_ITERATION_COUNT), "invalid iteration count"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IVLEN), "invalid ivlen"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IV_LENGTH), "invalid iv length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY), "invalid key"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEYLEN), "invalid keylen"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LEN), "invalid key len"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MAC), "invalid mac"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MGF1_MD), "invalid mgf1 md"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MODE), "invalid mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MODE_INT), "invalid mode int"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PADDING_MODE), "invalid padding mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PSS_SALTLEN), - "invalid pss saltlen"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PUBINFO), "invalid pubinfo"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_RSA_KEY), "invalid rsa key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SALT_LENGTH), "invalid salt length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SEED_LENGTH), @@ -115,12 +98,15 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid signature size"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_STATE), "invalid state"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAGLEN), "invalid taglen"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG_LENGTH), + "invalid tag_length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_UKM_LENGTH), "invalid ukm length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_X931_DIGEST), "invalid x931 digest"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_IN_ERROR_STATE), "in error state"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_KEY_SETUP_FAILED), + "key setup failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_KEY_SIZE_TOO_SMALL), "key size too small"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CEK_ALG), "missing cek alg"}, @@ -168,7 +154,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "personalisation string too long"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_PSS_SALTLEN_TOO_SMALL), "pss saltlen too small"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_READ_KEY), "read key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_REQUEST_TOO_LARGE_FOR_DRBG), "request too large for drbg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_REQUIRE_CTR_MODE_CIPHER), @@ -182,27 +167,22 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "self test kat failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_SELF_TEST_POST_FAILURE), "self test post failure"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOTSET), "tag notset"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOT_SET), "tag not set"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOT_NEEDED), "tag not needed"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TOO_MANY_RECORDS), "too many records"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_FIND_CIPHERS), "unable to find ciphers"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_ENTROPY), - "unable to get entropy"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_NONCE), - "unable to get nonce"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_PARENT_STRENGTH), "unable to get parent strength"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_PASSPHRASE), + "unable to get passphrase"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_INITIALISE_CIPHERS), "unable to initialise ciphers"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOAD_SHA1), - "unable to load sha1"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOAD_SHA256), "unable to load sha256"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOCK_PARENT), "unable to lock parent"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_RESEED), "unable to reseed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNKNOWN_PADDING_TYPE), - "unknown padding type"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_CEK_ALG), "unsupported cek alg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_KEY_SIZE), diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c index 3aed088171..588e030417 100644 --- a/providers/implementations/ciphers/cipher_aes_hw.c +++ b/providers/implementations/ciphers/cipher_aes_hw.c @@ -114,7 +114,7 @@ static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc index 13b52d5987..a2358b43f9 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc @@ -45,7 +45,7 @@ static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_hw_t4.inc index 2ccc383e9d..826ff0239d 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_t4.inc @@ -78,7 +78,7 @@ static int cipher_hw_aes_t4_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index b94d7644df..faa6cb470c 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -451,7 +451,7 @@ static int aes_ocb_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc || p->data_size != ctx->taglen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, ctx->taglen); diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index f457aaf750..67a282f59c 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <openssl/proverr.h> #include "cipher_aria.h" static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, @@ -21,7 +22,7 @@ static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, else ret = aria_set_decrypt_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } dat->ks = ks; diff --git a/providers/implementations/ciphers/cipher_camellia_hw.c b/providers/implementations/ciphers/cipher_camellia_hw.c index 06b29ca287..66a2b143c3 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw.c +++ b/providers/implementations/ciphers/cipher_camellia_hw.c @@ -13,6 +13,8 @@ */ #include "internal/deprecated.h" +#include <openssl/camellia.h> +#include <openssl/proverr.h> #include "cipher_camellia.h" static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, @@ -25,7 +27,7 @@ static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, dat->ks = ks; ret = Camellia_set_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } if (dat->enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) { diff --git a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc index c04613700a..032402a556 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc @@ -67,7 +67,7 @@ static int cipher_hw_camellia_t4_initkey(PROV_CIPHER_CTX *dat, } } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_CAMELLIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } return 1; diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 0565b05f39..b328cdb993 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -113,11 +113,11 @@ static int chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, p->data_size); @@ -180,7 +180,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } if (p->data != NULL) { @@ -214,7 +214,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (hw->tls_iv_set_fixed(&ctx->base, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index dd8bbefa36..11688080ce 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -89,7 +89,7 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, keylen); diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 2accb24b0a..59c8a976cc 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -80,7 +80,7 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, ctx->keylen); diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 2e0603ce19..9f6c82bddd 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -191,7 +191,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, if (key != NULL) { if (ctx->variable_keylength == 0) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } } else { @@ -613,7 +613,7 @@ int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, { if (ivlen != ctx->ivlen || ivlen > sizeof(ctx->iv)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->iv_set = 1; diff --git a/providers/implementations/ciphers/ciphercommon_ccm.c b/providers/implementations/ciphers/ciphercommon_ccm.c index a87bf487e6..a780e7aed3 100644 --- a/providers/implementations/ciphers/ciphercommon_ccm.c +++ b/providers/implementations/ciphers/ciphercommon_ccm.c @@ -78,7 +78,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if ((p->data_size & 1) || (p->data_size < 4) || p->data_size > 16) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } @@ -103,7 +103,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } ivlen = 15 - sz; if (ivlen < 2 || ivlen > 8) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->l = ivlen; @@ -130,7 +130,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if (ccm_tls_iv_set_fixed(ctx, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } @@ -162,7 +162,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -175,7 +175,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -200,7 +200,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL) { if (!ctx->enc || !ctx->tag_set) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_type != OSSL_PARAM_OCTET_STRING) { @@ -228,7 +228,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, if (iv != NULL) { if (ivlen != ccm_get_ivlen(ctx)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } memcpy(ctx->iv, iv, ivlen); @@ -236,7 +236,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, } if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->setkey(ctx, key, keylen); diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index 8b9d06b0a4..02a496d1dd 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -513,7 +513,7 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, * side only. */ if (ctx->enc && ++ctx->tls_enc_records == 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_TOO_MANY_RECORDS); + ERR_raise(ERR_LIB_PROV, PROV_R_TOO_MANY_RECORDS); goto err; } diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index a22e3a6406..09776127d4 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -87,7 +87,7 @@ static int der_from_p8(unsigned char **new_der, long *new_der_len, size_t plen = 0; if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); } else { const X509_ALGOR *alg = NULL; const ASN1_OCTET_STRING *oct = NULL; diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index a8c9432f2d..8f868249ee 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -96,7 +96,7 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, &ctx->pwdata)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); return NULL; } /* First argument == -1 means "standard" */ diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index 7420819a09..a3ecea2b03 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -285,13 +285,13 @@ static int pbkdf2_derive(const char *pass, size_t passlen, * results in an overflow of the loop counter 'i'. */ if ((keylen / mdlen) >= KDF_PBKDF2_MAX_KEY_LEN_DIGEST_RATIO) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (lower_bound_checks) { if ((keylen * 8) < KDF_PBKDF2_MIN_KEY_LEN_BITS) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); return 0; } if (saltlen < KDF_PBKDF2_MIN_SALT_LEN) { diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 08de2a07cc..0f7f65ddbb 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -16,6 +16,7 @@ #include <openssl/params.h> #include <openssl/err.h> #include <openssl/evp.h> +#include <openssl/proverr.h> #include "openssl/param_build.h" #include "internal/param_build_set.h" #include "prov/implementations.h" @@ -464,7 +465,7 @@ static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg) return key; if (gctx->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); ossl_mac_key_free(key); return NULL; } diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c index c9d404d5ea..1d5d26f170 100644 --- a/providers/implementations/macs/gmac_prov.c +++ b/providers/implementations/macs/gmac_prov.c @@ -191,7 +191,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) if (EVP_CIPHER_mode(ossl_prov_cipher_cipher(&macctx->cipher)) != EVP_CIPH_GCM_MODE) { - ERR_raise(ERR_LIB_PROV, EVP_R_CIPHER_NOT_GCM_MODE); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE); return 0; } if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher), @@ -204,7 +204,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; if (p->data_size != (size_t)EVP_CIPHER_CTX_key_length(ctx)) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY_LENGTH); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (!EVP_EncryptInit_ex(ctx, NULL, NULL, p->data, NULL)) diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 8f74c2306a..3a57dd0db6 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -258,7 +258,7 @@ static int kmac_init(void *vmacctx) /* Check key has been set */ if (kctx->key_len == 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); return 0; } if (!EVP_DigestInit_ex(kctx->ctx, ossl_prov_digest_md(&kctx->digest), diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index 09b33bbdb7..cb68de3b3e 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -1245,7 +1245,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) * lowest saltlen number possible. */ if (saltlen < RSA_PSS_SALTLEN_MAX) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH); return 0; } @@ -1253,7 +1253,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) switch (saltlen) { case RSA_PSS_SALTLEN_AUTO: if (prsactx->operation == EVP_PKEY_OP_VERIFY) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH, + "Cannot use autodetected salt length"); return 0; } break; |