yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add two error codes to the Error module

Browse source 
One of the error codes was already reserved, this commit just makes it
explicit. The other one is a new error code for initializing return
values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should
not be returned by the library. If it is returned, then it is surely a
bug in the library or somebody is tampering with the device.
This commit is contained in:
Janos Follath 2019-12-03 15:55:56 +00:00
parent ab534cfd62
commit 2d20567122
3 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
include/mbedtls/error.h
View file

@ -52,9 +52,10 @@
* For historical reasons, low-level error codes are divided in even and odd, * For historical reasons, low-level error codes are divided in even and odd,
* even codes were assigned first, and -1 is reserved for other errors. * even codes were assigned first, and -1 is reserved for other errors.
* *
* Low-level module errors (0x0002-0x007E, 0x0003-0x007F) * Low-level module errors (0x0002-0x007E, 0x0001-0x007F)
* *
* Module Nr Codes assigned * Module Nr Codes assigned
* ERROR 2 0x006E 0x0001
* MPI 7 0x0002-0x0010 * MPI 7 0x0002-0x0010
* GCM 3 0x0012-0x0014 0x0013-0x0013 * GCM 3 0x0012-0x0014 0x0013-0x0013
* BLOWFISH 3 0x0016-0x0018 0x0017-0x0017 * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017
@ -112,6 +113,9 @@
extern "C" { extern "C" {
#endif #endif
#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */
/** /**
* \brief Translate a mbed TLS error code into a string representation, * \brief Translate a mbed TLS error code into a string representation,
* Result is truncated if necessary and always includes a terminating * Result is truncated if necessary and always includes a terminating

11
library/error.c
View file

@ -109,6 +109,10 @@
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#endif #endif
#if defined(MBEDTLS_ERROR_C)
#include "mbedtls/error.h"
#endif
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#endif #endif
@ -754,6 +758,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" );
#endif /* MBEDTLS_ENTROPY_C */ #endif /* MBEDTLS_ENTROPY_C */
#if defined(MBEDTLS_ERROR_C)
if( use_ret == -(MBEDTLS_ERR_ERROR_GENERIC_ERROR) )
mbedtls_snprintf( buf, buflen, "ERROR - Generic error" );
if( use_ret == -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED) )
mbedtls_snprintf( buf, buflen, "ERROR - This is a bug in the library" );
#endif /* MBEDTLS_ERROR_C */
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) ) if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );

2
scripts/generate_errors.pl
View file

@ -38,7 +38,7 @@ my $error_format_file = $data_dir.'/error.fmt';
my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5 ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
SHA1 SHA256 SHA512 THREADING XTEA ); SHA1 SHA256 SHA512 THREADING XTEA );
my @high_level_modules = qw( CIPHER DHM ECP MD my @high_level_modules = qw( CIPHER DHM ECP MD