diff options
author | David Monniaux <david.monniaux@univ-grenoble-alpes.fr> | 2020-03-03 08:17:40 +0100 |
---|---|---|
committer | David Monniaux <david.monniaux@univ-grenoble-alpes.fr> | 2020-03-03 08:17:40 +0100 |
commit | 1ab7b51c30e1b10ac45b0bd64cefdc01da0f7f68 (patch) | |
tree | 210ffc156c83f04fb0c61a40b4f9037d7ba8a7e1 /test/monniaux/BearSSL/tools/errors.c | |
parent | 222c9047d61961db9c6b19fed5ca49829223fd33 (diff) | |
parent | 12be46d59a2483a10d77fa8ee67f7e0ca1bd702f (diff) | |
download | compcert-kvx-1ab7b51c30e1b10ac45b0bd64cefdc01da0f7f68.tar.gz compcert-kvx-1ab7b51c30e1b10ac45b0bd64cefdc01da0f7f68.zip |
Merge branch 'mppa-cse2' of gricad-gitlab.univ-grenoble-alpes.fr:sixcy/CompCert into mppa-work
Diffstat (limited to 'test/monniaux/BearSSL/tools/errors.c')
-rw-r--r-- | test/monniaux/BearSSL/tools/errors.c | 344 |
1 files changed, 344 insertions, 0 deletions
diff --git a/test/monniaux/BearSSL/tools/errors.c b/test/monniaux/BearSSL/tools/errors.c new file mode 100644 index 00000000..22f0c305 --- /dev/null +++ b/test/monniaux/BearSSL/tools/errors.c @@ -0,0 +1,344 @@ +/* + * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org> + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdint.h> +#include <errno.h> + +#include "brssl.h" +#include "bearssl.h" + +static struct { + int err; + const char *name; + const char *comment; +} errors[] = { + { + BR_ERR_BAD_PARAM, + "BR_ERR_BAD_PARAM", + "Caller-provided parameter is incorrect." + }, { + BR_ERR_BAD_STATE, + "BR_ERR_BAD_STATE", + "Operation requested by the caller cannot be applied with" + " the current context state (e.g. reading data while" + " outgoing data is waiting to be sent)." + }, { + BR_ERR_UNSUPPORTED_VERSION, + "BR_ERR_UNSUPPORTED_VERSION", + "Incoming protocol or record version is unsupported." + }, { + BR_ERR_BAD_VERSION, + "BR_ERR_BAD_VERSION", + "Incoming record version does not match the expected version." + }, { + BR_ERR_BAD_LENGTH, + "BR_ERR_BAD_LENGTH", + "Incoming record length is invalid." + }, { + BR_ERR_TOO_LARGE, + "BR_ERR_TOO_LARGE", + "Incoming record is too large to be processed, or buffer" + " is too small for the handshake message to send." + }, { + BR_ERR_BAD_MAC, + "BR_ERR_BAD_MAC", + "Decryption found an invalid padding, or the record MAC is" + " not correct." + }, { + BR_ERR_NO_RANDOM, + "BR_ERR_NO_RANDOM", + "No initial entropy was provided, and none can be obtained" + " from the OS." + }, { + BR_ERR_UNKNOWN_TYPE, + "BR_ERR_UNKNOWN_TYPE", + "Incoming record type is unknown." + }, { + BR_ERR_UNEXPECTED, + "BR_ERR_UNEXPECTED", + "Incoming record or message has wrong type with regards to" + " the current engine state." + }, { + BR_ERR_BAD_CCS, + "BR_ERR_BAD_CCS", + "ChangeCipherSpec message from the peer has invalid contents." + }, { + BR_ERR_BAD_ALERT, + "BR_ERR_BAD_ALERT", + "Alert message from the peer has invalid contents" + " (odd length)." + }, { + BR_ERR_BAD_HANDSHAKE, + "BR_ERR_BAD_HANDSHAKE", + "Incoming handshake message decoding failed." + }, { + BR_ERR_OVERSIZED_ID, + "BR_ERR_OVERSIZED_ID", + "ServerHello contains a session ID which is larger than" + " 32 bytes." + }, { + BR_ERR_BAD_CIPHER_SUITE, + "BR_ERR_BAD_CIPHER_SUITE", + "Server wants to use a cipher suite that we did not claim" + " to support. This is also reported if we tried to advertise" + " a cipher suite that we do not support." + }, { + BR_ERR_BAD_COMPRESSION, + "BR_ERR_BAD_COMPRESSION", + "Server wants to use a compression that we did not claim" + " to support." + }, { + BR_ERR_BAD_FRAGLEN, + "BR_ERR_BAD_FRAGLEN", + "Server's max fragment length does not match client's." + }, { + BR_ERR_BAD_SECRENEG, + "BR_ERR_BAD_SECRENEG", + "Secure renegotiation failed." + }, { + BR_ERR_EXTRA_EXTENSION, + "BR_ERR_EXTRA_EXTENSION", + "Server sent an extension type that we did not announce," + " or used the same extension type several times in a" + " single ServerHello." + }, { + BR_ERR_BAD_SNI, + "BR_ERR_BAD_SNI", + "Invalid Server Name Indication contents (when used by" + " the server, this extension shall be empty)." + }, { + BR_ERR_BAD_HELLO_DONE, + "BR_ERR_BAD_HELLO_DONE", + "Invalid ServerHelloDone from the server (length is not 0)." + }, { + BR_ERR_LIMIT_EXCEEDED, + "BR_ERR_LIMIT_EXCEEDED", + "Internal limit exceeded (e.g. server's public key is too" + " large)." + }, { + BR_ERR_BAD_FINISHED, + "BR_ERR_BAD_FINISHED", + "Finished message from peer does not match the expected" + " value." + }, { + BR_ERR_RESUME_MISMATCH, + "BR_ERR_RESUME_MISMATCH", + "Session resumption attempt with distinct version or cipher" + " suite." + }, { + BR_ERR_INVALID_ALGORITHM, + "BR_ERR_INVALID_ALGORITHM", + "Unsupported or invalid algorithm (ECDHE curve, signature" + " algorithm, hash function)." + }, { + BR_ERR_BAD_SIGNATURE, + "BR_ERR_BAD_SIGNATURE", + "Invalid signature in ServerKeyExchange or" + " CertificateVerify message." + }, { + BR_ERR_WRONG_KEY_USAGE, + "BR_ERR_WRONG_KEY_USAGE", + "Peer's public key does not have the proper type or is" + " not allowed for the requested operation." + }, { + BR_ERR_NO_CLIENT_AUTH, + "BR_ERR_NO_CLIENT_AUTH", + "Client did not send a certificate upon request, or the" + " client certificate could not be validated." + }, { + BR_ERR_IO, + "BR_ERR_IO", + "I/O error or premature close on transport stream." + }, { + BR_ERR_X509_INVALID_VALUE, + "BR_ERR_X509_INVALID_VALUE", + "Invalid value in an ASN.1 structure." + }, + { + BR_ERR_X509_TRUNCATED, + "BR_ERR_X509_TRUNCATED", + "Truncated certificate or other ASN.1 object." + }, + { + BR_ERR_X509_EMPTY_CHAIN, + "BR_ERR_X509_EMPTY_CHAIN", + "Empty certificate chain (no certificate at all)." + }, + { + BR_ERR_X509_INNER_TRUNC, + "BR_ERR_X509_INNER_TRUNC", + "Decoding error: inner element extends beyond outer element" + " size." + }, + { + BR_ERR_X509_BAD_TAG_CLASS, + "BR_ERR_X509_BAD_TAG_CLASS", + "Decoding error: unsupported tag class (application or" + " private)." + }, + { + BR_ERR_X509_BAD_TAG_VALUE, + "BR_ERR_X509_BAD_TAG_VALUE", + "Decoding error: unsupported tag value." + }, + { + BR_ERR_X509_INDEFINITE_LENGTH, + "BR_ERR_X509_INDEFINITE_LENGTH", + "Decoding error: indefinite length." + }, + { + BR_ERR_X509_EXTRA_ELEMENT, + "BR_ERR_X509_EXTRA_ELEMENT", + "Decoding error: extraneous element." + }, + { + BR_ERR_X509_UNEXPECTED, + "BR_ERR_X509_UNEXPECTED", + "Decoding error: unexpected element." + }, + { + BR_ERR_X509_NOT_CONSTRUCTED, + "BR_ERR_X509_NOT_CONSTRUCTED", + "Decoding error: expected constructed element, but is" + " primitive." + }, + { + BR_ERR_X509_NOT_PRIMITIVE, + "BR_ERR_X509_NOT_PRIMITIVE", + "Decoding error: expected primitive element, but is" + " constructed." + }, + { + BR_ERR_X509_PARTIAL_BYTE, + "BR_ERR_X509_PARTIAL_BYTE", + "Decoding error: BIT STRING length is not multiple of 8." + }, + { + BR_ERR_X509_BAD_BOOLEAN, + "BR_ERR_X509_BAD_BOOLEAN", + "Decoding error: BOOLEAN value has invalid length." + }, + { + BR_ERR_X509_OVERFLOW, + "BR_ERR_X509_OVERFLOW", + "Decoding error: value is off-limits." + }, + { + BR_ERR_X509_BAD_DN, + "BR_ERR_X509_BAD_DN", + "Invalid distinguished name." + }, + { + BR_ERR_X509_BAD_TIME, + "BR_ERR_X509_BAD_TIME", + "Invalid date/time representation." + }, + { + BR_ERR_X509_UNSUPPORTED, + "BR_ERR_X509_UNSUPPORTED", + "Certificate contains unsupported features that cannot be" + " ignored." + }, + { + BR_ERR_X509_LIMIT_EXCEEDED, + "BR_ERR_X509_LIMIT_EXCEEDED", + "Key or signature size exceeds internal limits." + }, + { + BR_ERR_X509_WRONG_KEY_TYPE, + "BR_ERR_X509_WRONG_KEY_TYPE", + "Key type does not match that which was expected." + }, + { + BR_ERR_X509_BAD_SIGNATURE, + "BR_ERR_X509_BAD_SIGNATURE", + "Signature is invalid." + }, + { + BR_ERR_X509_TIME_UNKNOWN, + "BR_ERR_X509_TIME_UNKNOWN", + "Validation time is unknown." + }, + { + BR_ERR_X509_EXPIRED, + "BR_ERR_X509_EXPIRED", + "Certificate is expired or not yet valid." + }, + { + BR_ERR_X509_DN_MISMATCH, + "BR_ERR_X509_DN_MISMATCH", + "Issuer/Subject DN mismatch in the chain." + }, + { + BR_ERR_X509_BAD_SERVER_NAME, + "BR_ERR_X509_BAD_SERVER_NAME", + "Expected server name was not found in the chain." + }, + { + BR_ERR_X509_CRITICAL_EXTENSION, + "BR_ERR_X509_CRITICAL_EXTENSION", + "Unknown critical extension in certificate." + }, + { + BR_ERR_X509_NOT_CA, + "BR_ERR_X509_NOT_CA", + "Not a CA, or path length constraint violation." + }, + { + BR_ERR_X509_FORBIDDEN_KEY_USAGE, + "BR_ERR_X509_FORBIDDEN_KEY_USAGE", + "Key Usage extension prohibits intended usage." + }, + { + BR_ERR_X509_WEAK_PUBLIC_KEY, + "BR_ERR_X509_WEAK_PUBLIC_KEY", + "Public key found in certificate is too small." + }, + { + BR_ERR_X509_NOT_TRUSTED, + "BR_ERR_X509_NOT_TRUSTED", + "Chain could not be linked to a trust anchor." + }, + { 0, 0, 0 } +}; + +/* see brssl.h */ +const char * +find_error_name(int err, const char **comment) +{ + size_t u; + + for (u = 0; errors[u].name; u ++) { + if (errors[u].err == err) { + if (comment != NULL) { + *comment = errors[u].comment; + } + return errors[u].name; + } + } + return NULL; +} |