narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[crypto] Disambiguate all CMS errors 

Signed-off-by: Michael Brown <mcb30@ipxe.org>
pull/6/head
Michael Brown 2012-03-26 23:34:49 +01:00
parent 2d11a46b71
commit 0f0a94f2fa
1 changed files with 26 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/crypto/cms.c
View File

@ -52,6 +52,27 @@ FILE_LICENCE ( GPL2_OR_LATER );
__einfo_error ( EINFO_EACCES_WRONG_NAME ) __einfo_error ( EINFO_EACCES_WRONG_NAME )
#define EINFO_EACCES_WRONG_NAME \ #define EINFO_EACCES_WRONG_NAME \
__einfo_uniqify ( EINFO_EACCES, 0x04, "Incorrect certificate name" ) __einfo_uniqify ( EINFO_EACCES, 0x04, "Incorrect certificate name" )
#define EINVAL_DIGEST \
__einfo_error ( EINFO_EINVAL_DIGEST )
#define EINFO_EINVAL_DIGEST \
__einfo_uniqify ( EINFO_EINVAL, 0x01, "Not a digest algorithm" )
#define EINVAL_PUBKEY \
__einfo_error ( EINFO_EINVAL_PUBKEY )
#define EINFO_EINVAL_PUBKEY \
__einfo_uniqify ( EINFO_EINVAL, 0x02, "Not a public-key algorithm" )
#define ENOTSUP_SIGNEDDATA \
__einfo_error ( EINFO_ENOTSUP_SIGNEDDATA )
#define EINFO_ENOTSUP_SIGNEDDATA \
__einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Not a digital signature" )
#define ENOTSUP_DIGEST \
__einfo_error ( EINFO_ENOTSUP_DIGEST )
#define EINFO_ENOTSUP_DIGEST \
__einfo_uniqify ( EINFO_ENOTSUP, 0x02, "Unsupported digest algorithm" )
#define ENOTSUP_PUBKEY \
__einfo_error ( EINFO_ENOTSUP_PUBKEY )
#define EINFO_ENOTSUP_PUBKEY \
__einfo_uniqify ( EINFO_ENOTSUP, 0x03, \
"Unsupported public-key algorithm" )
/** "pkcs7-signedData" object identifier */ /** "pkcs7-signedData" object identifier */
static uint8_t oid_signeddata[] = { ASN1_OID_SIGNEDDATA }; static uint8_t oid_signeddata[] = { ASN1_OID_SIGNEDDATA };
@ -79,7 +100,7 @@ static int cms_parse_content_type ( struct cms_signature *sig,
if ( asn1_compare ( &cursor, &oid_signeddata_cursor ) != 0 ) { if ( asn1_compare ( &cursor, &oid_signeddata_cursor ) != 0 ) {
DBGC ( sig, "CMS %p does not contain signedData:\n", sig ); DBGC ( sig, "CMS %p does not contain signedData:\n", sig );
DBGC_HDA ( sig, 0, raw->data, raw->len ); DBGC_HDA ( sig, 0, raw->data, raw->len );
return -ENOTSUP; return -ENOTSUP_SIGNEDDATA;
} }
DBGC ( sig, "CMS %p contains signedData\n", sig ); DBGC ( sig, "CMS %p contains signedData\n", sig );
@ -149,14 +170,14 @@ static int cms_parse_digest_algorithm ( struct cms_signature *sig,
DBGC ( sig, "CMS %p/%p could not identify digest algorithm:\n", DBGC ( sig, "CMS %p/%p could not identify digest algorithm:\n",
sig, info ); sig, info );
DBGC_HDA ( sig, 0, raw->data, raw->len ); DBGC_HDA ( sig, 0, raw->data, raw->len );
return -ENOTSUP; return -ENOTSUP_DIGEST;
} }
/* Check algorithm is a digest algorithm */ /* Check algorithm is a digest algorithm */
if ( ! algorithm->digest ) { if ( ! algorithm->digest ) {
DBGC ( sig, "CMS %p/%p algorithm %s is not a digest " DBGC ( sig, "CMS %p/%p algorithm %s is not a digest "
"algorithm\n", sig, info, algorithm->name ); "algorithm\n", sig, info, algorithm->name );
return -EINVAL; return -EINVAL_DIGEST;
} }
/* Record digest algorithm */ /* Record digest algorithm */
@ -186,14 +207,14 @@ static int cms_parse_signature_algorithm ( struct cms_signature *sig,
DBGC ( sig, "CMS %p/%p could not identify public-key " DBGC ( sig, "CMS %p/%p could not identify public-key "
"algorithm:\n", sig, info ); "algorithm:\n", sig, info );
DBGC_HDA ( sig, 0, raw->data, raw->len ); DBGC_HDA ( sig, 0, raw->data, raw->len );
return -ENOTSUP; return -ENOTSUP_PUBKEY;
} }
/* Check algorithm is a signature algorithm */ /* Check algorithm is a signature algorithm */
if ( ! algorithm->pubkey ) { if ( ! algorithm->pubkey ) {
DBGC ( sig, "CMS %p/%p algorithm %s is not a public-key " DBGC ( sig, "CMS %p/%p algorithm %s is not a public-key "
"algorithm\n", sig, info, algorithm->name ); "algorithm\n", sig, info, algorithm->name );
return -EINVAL; return -EINVAL_PUBKEY;
} }
/* Record signature algorithm */ /* Record signature algorithm */