Make ECP error codes more specific
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 3484a74..8d0b2b5 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -77,7 +77,7 @@
if( key_tries++ > 10 )
{
- ret = POLARSSL_ERR_ECP_GENERIC;
+ ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
@@ -99,7 +99,7 @@
if( sign_tries++ > 10 )
{
- ret = POLARSSL_ERR_ECP_GENERIC;
+ ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
diff --git a/library/ecp.c b/library/ecp.c
index fef9ab6..d8469c0 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -417,7 +417,7 @@
return( mpi_mod_mpi( N, N, &grp->P ) );
if( mpi_cmp_int( N, 0 ) < 0 || mpi_msb( N ) > 2 * grp->pbits )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
MPI_CHK( grp->modp( N ) );
@@ -869,7 +869,7 @@
return( ecp_normalize( grp, T ) );
if( ( c = (mpi *) polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_MALLOC_FAILED );
mpi_init( &u ); mpi_init( &Zi ); mpi_init( &ZZi );
for( i = 0; i < t_len; i++ )
@@ -1033,7 +1033,7 @@
* Make sure Q coordinates are normalized
*/
if( mpi_cmp_int( &Q->Z, 1 ) != 0 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 ); mpi_init( &T4 );
mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z );
@@ -1176,10 +1176,10 @@
}
/*
- * We should have consumed all the bits now
+ * We should have consumed all bits, unless the input value was too big
*/
if( mpi_cmp_int( &M, 0 ) != 0 )
- ret = POLARSSL_ERR_ECP_GENERIC;
+ ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
cleanup:
@@ -1245,7 +1245,7 @@
mpi_shift_r( &l, 1 );
if( count++ > 10 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_RANDOM_FAILED );
}
while( mpi_cmp_int( &l, 1 ) <= 0 );
@@ -1406,19 +1406,19 @@
mpi YY, RHS;
if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_INVALID_KEY );
/*
* pt coordinates must be normalized for our checks
*/
if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_INVALID_KEY );
if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
mpi_cmp_int( &pt->Y, 0 ) < 0 ||
mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_INVALID_KEY );
mpi_init( &YY ); mpi_init( &RHS );
@@ -1433,7 +1433,7 @@
MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
- ret = POLARSSL_ERR_ECP_GENERIC;
+ ret = POLARSSL_ERR_ECP_INVALID_KEY;
cleanup:
@@ -1449,7 +1449,7 @@
{
/* We want 1 <= d <= N-1 */
if ( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_INVALID_KEY );
return( 0 );
}
@@ -1475,7 +1475,7 @@
mpi_shift_r( d, 1 );
if( count++ > 10 )
- return( POLARSSL_ERR_ECP_GENERIC );
+ return( POLARSSL_ERR_ECP_RANDOM_FAILED );
}
while( mpi_cmp_int( d, 1 ) < 0 );
diff --git a/library/error.c b/library/error.c
index 4323e72..04ce28e 100644
--- a/library/error.c
+++ b/library/error.c
@@ -215,12 +215,16 @@
snprintf( buf, buflen, "ECP - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
- if( use_ret == -(POLARSSL_ERR_ECP_GENERIC) )
- snprintf( buf, buflen, "ECP - Generic ECP error" );
if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "ECP - Requested curve not available" );
if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) )
snprintf( buf, buflen, "ECP - The signature is not valid" );
+ if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) )
+ snprintf( buf, buflen, "ECP - Memory allocation failed" );
+ if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) )
+ snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
+ if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
+ snprintf( buf, buflen, "ECP - Invalid private or public key" );
#endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_MD_C)
