- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
diff --git a/library/error.c b/library/error.c
index 33fad85..05e84e7 100644
--- a/library/error.c
+++ b/library/error.c
@@ -67,6 +67,18 @@
#include "polarssl/md.h"
#endif
+#if defined(POLARSSL_MD2_C)
+#include "polarssl/md2.h"
+#endif
+
+#if defined(POLARSSL_MD4_C)
+#include "polarssl/md4.h"
+#endif
+
+#if defined(POLARSSL_MD5_C)
+#include "polarssl/md5.h"
+#endif
+
#if defined(POLARSSL_NET_C)
#include "polarssl/net.h"
#endif
@@ -83,6 +95,18 @@
#include "polarssl/rsa.h"
#endif
+#if defined(POLARSSL_SHA1_C)
+#include "polarssl/sha1.h"
+#endif
+
+#if defined(POLARSSL_SHA2_C)
+#include "polarssl/sha2.h"
+#endif
+
+#if defined(POLARSSL_SHA4_C)
+#include "polarssl/sha4.h"
+#endif
+
#if defined(POLARSSL_SSL_TLS_C)
#include "polarssl/ssl.h"
#endif
@@ -258,6 +282,8 @@
snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) )
snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
+ if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) )
+ snprintf( buf, buflen, "SSL - Memory allocation failed" );
#endif /* POLARSSL_SSL_TLS_C */
#if defined(POLARSSL_X509_PARSE_C)
@@ -299,8 +325,12 @@
snprintf( buf, buflen, "X509 - Invalid RSA key tag or value" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) )
snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
- if( use_ret == -(POLARSSL_ERR_X509_VALUE_TO_LENGTH) )
- snprintf( buf, buflen, "X509 - Not used" );
+ if( use_ret == -(POLARSSL_ERR_X509_INVALID_INPUT) )
+ snprintf( buf, buflen, "X509 - Input invalid" );
+ if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) )
+ snprintf( buf, buflen, "X509 - Allocation of memory failed" );
+ if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "X509 - Read/write of file failed" );
#endif /* POLARSSL_X509_PARSE_C */
if( strlen( buf ) == 0 )
@@ -348,6 +378,8 @@
snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) )
snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
+ if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) )
+ snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
#endif /* POLARSSL_ASN1_PARSE_C */
#if defined(POLARSSL_BASE64_C)
@@ -365,13 +397,15 @@
if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) )
snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) )
- snprintf( buf, buflen, "BIGNUM - The output buffer is too small to write too" );
+ snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) )
snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
+ if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) )
+ snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
#endif /* POLARSSL_BIGNUM_C */
#if defined(POLARSSL_CAMELLIA_C)
@@ -388,6 +422,8 @@
snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) )
snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" );
+ if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" );
#endif /* POLARSSL_CTR_DRBG_C */
#if defined(POLARSSL_DES_C)
@@ -402,6 +438,21 @@
snprintf( buf, buflen, "ENTROPY - No more sources can be added" );
#endif /* POLARSSL_ENTROPY_C */
+#if defined(POLARSSL_MD2_C)
+ if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "MD2 - Read/write error in file" );
+#endif /* POLARSSL_MD2_C */
+
+#if defined(POLARSSL_MD4_C)
+ if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "MD4 - Read/write error in file" );
+#endif /* POLARSSL_MD4_C */
+
+#if defined(POLARSSL_MD5_C)
+ if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "MD5 - Read/write error in file" );
+#endif /* POLARSSL_MD5_C */
+
#if defined(POLARSSL_NET_C)
if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) )
snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
@@ -432,6 +483,21 @@
snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* POLARSSL_PADLOCK_C */
+#if defined(POLARSSL_SHA1_C)
+ if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "SHA1 - Read/write error in file" );
+#endif /* POLARSSL_SHA1_C */
+
+#if defined(POLARSSL_SHA2_C)
+ if( use_ret == -(POLARSSL_ERR_SHA2_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "SHA2 - Read/write error in file" );
+#endif /* POLARSSL_SHA2_C */
+
+#if defined(POLARSSL_SHA4_C)
+ if( use_ret == -(POLARSSL_ERR_SHA4_FILE_IO_ERROR) )
+ snprintf( buf, buflen, "SHA4 - Read/write error in file" );
+#endif /* POLARSSL_SHA4_C */
+
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
