From 7c6a0d909abda7c854b44831ef43ebdda49ed42e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sun, 10 Nov 2019 05:16:36 +0100 Subject: [PATCH] Reinstate the KDF error macros For minimum breakage with existing applications that might use them. This reverts commit fe6ec26b204a056aee2a24b79df09a45b2308603 and 37ed62107112d95f7b7c9bf75602a6ac40883a89. Fixes #10340 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10368) --- crypto/build.info | 2 +- crypto/err/err.c | 1 + crypto/kdf/build.info | 2 + crypto/kdf/kdf_err.c | 69 +++++++++++++++++++++++ include/openssl/err.h | 14 +++-- include/openssl/kdferr.h | 116 +++++++++++++++++++++++++++++++++++++++ util/libcrypto.num | 1 + 7 files changed, 198 insertions(+), 7 deletions(-) create mode 100644 crypto/kdf/build.info create mode 100644 crypto/kdf/kdf_err.c create mode 100644 include/openssl/kdferr.h diff --git a/crypto/build.info b/crypto/build.info index 733aba8662..5f90a2eda2 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -1,7 +1,7 @@ # Note that these directories are filtered in Configure. Look for %skipdir # there for further explanations. SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 conf \ - txt_db pkcs7 pkcs12 ui store property \ + txt_db pkcs7 pkcs12 ui kdf store property \ md2 md4 md5 sha mdc2 hmac ripemd whrlpool poly1305 \ siphash sm3 des aes rc2 rc4 rc5 idea aria bf cast camellia \ seed sm4 chacha modes bn ec rsa dsa dh sm2 dso engine \ diff --git a/crypto/err/err.c b/crypto/err/err.c index 28a5db8ad4..bc33a06b7e 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -70,6 +70,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"}, {ERR_PACK(ERR_LIB_CT, 0, 0), "CT routines"}, {ERR_PACK(ERR_LIB_ASYNC, 0, 0), "ASYNC routines"}, + {ERR_PACK(ERR_LIB_KDF, 0, 0), "KDF routines"}, {ERR_PACK(ERR_LIB_OSSL_STORE, 0, 0), "STORE routines"}, {ERR_PACK(ERR_LIB_SM2, 0, 0), "SM2 routines"}, {ERR_PACK(ERR_LIB_ESS, 0, 0), "ESS routines"}, diff --git a/crypto/kdf/build.info b/crypto/kdf/build.info new file mode 100644 index 0000000000..7707c00988 --- /dev/null +++ b/crypto/kdf/build.info @@ -0,0 +1,2 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=kdf_err.c diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c new file mode 100644 index 0000000000..4c3f671637 --- /dev/null +++ b/crypto/kdf/kdf_err.c @@ -0,0 +1,69 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_ERR + +static const ERR_STRING_DATA KDF_str_reasons[] = { + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_BAD_ENCODING), "bad encoding"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_BAD_LENGTH), "bad length"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_BOTH_MODE_AND_MODE_INT), + "both mode and mode int"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INAVLID_UKM_LEN), "inavlid ukm len"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_ITERATION_COUNT), + "invalid iteration count"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_KEY_LEN), "invalid key len"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_MAC_TYPE), "invalid mac type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_MODE), "invalid mode"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_MODE_INT), "invalid mode int"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_SALT_LEN), "invalid salt len"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CEK_ALG), "missing cek alg"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT), + "missing iteration count"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), + "missing message digest"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PARAMETER), "missing parameter"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PASS), "missing pass"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SESSION_ID), "missing session id"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_TYPE), "missing type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_XCGHASH), "missing xcghash"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_NOT_SUPPORTED), "not supported"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNSUPPORTED_CEK_ALG), + "unsupported cek alg"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNSUPPORTED_MAC_TYPE), + "unsupported mac type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), + "wrong output buffer size"}, + {0, NULL} +}; + +# endif + +int ERR_load_KDF_strings(void) +{ +# ifndef OPENSSL_NO_ERR + if (ERR_reason_error_string(KDF_str_reasons[0].error) == NULL) + ERR_load_strings_const(KDF_str_reasons); +# endif + return 1; +} +#endif diff --git a/include/openssl/err.h b/include/openssl/err.h index e5766ee241..9244bb84b1 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -105,12 +105,13 @@ struct err_state_st { /* # define ERR_LIB_JPAKE 49 */ # define ERR_LIB_CT 50 # define ERR_LIB_ASYNC 51 -# define ERR_LIB_SM2 52 -# define ERR_LIB_ESS 53 -# define ERR_LIB_PROP 54 -# define ERR_LIB_CRMF 55 -# define ERR_LIB_PROV 56 -# define ERR_LIB_CMP 57 +# define ERR_LIB_KDF 52 +# define ERR_LIB_SM2 53 +# define ERR_LIB_ESS 54 +# define ERR_LIB_PROP 55 +# define ERR_LIB_CRMF 56 +# define ERR_LIB_PROV 57 +# define ERR_LIB_CMP 58 # define ERR_LIB_USER 128 @@ -149,6 +150,7 @@ struct err_state_st { # define PROVerr(f, r) ERR_raise_data(ERR_LIB_PROV, (r), NULL) # define RANDerr(f, r) ERR_raise_data(ERR_LIB_RAND, (r), NULL) # define RSAerr(f, r) ERR_raise_data(ERR_LIB_RSA, (r), NULL) +# define KDFerr(f, r) ERR_raise_data(ERR_LIB_KDF, (r), NULL) # define SM2err(f, r) ERR_raise_data(ERR_LIB_SM2, (r), NULL) # define SSLerr(f, r) ERR_raise_data(ERR_LIB_SSL, (r), NULL) # define SYSerr(f, r) ERR_raise_data(ERR_LIB_SYS, (r), NULL) diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h new file mode 100644 index 0000000000..a0c6287c1c --- /dev/null +++ b/include/openssl/kdferr.h @@ -0,0 +1,116 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OPENSSL_KDFERR_H +# define OPENSSL_KDFERR_H +# pragma once + +# include +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define HEADER_OSSL_KDFERR_H +# endif + +# include +# include + + +# ifdef __cplusplus +extern "C" +# endif +int ERR_load_KDF_strings(void); + +/* + * KDF function codes. + */ +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define KDF_F_HKDF_EXTRACT 0 +# define KDF_F_KDF_HKDF_DERIVE 0 +# define KDF_F_KDF_HKDF_NEW 0 +# define KDF_F_KDF_HKDF_SIZE 0 +# define KDF_F_KDF_MD2CTRL 0 +# define KDF_F_KDF_PBKDF2_CTRL 0 +# define KDF_F_KDF_PBKDF2_CTRL_STR 0 +# define KDF_F_KDF_PBKDF2_DERIVE 0 +# define KDF_F_KDF_PBKDF2_NEW 0 +# define KDF_F_KDF_SCRYPT_CTRL_STR 0 +# define KDF_F_KDF_SCRYPT_CTRL_UINT32 0 +# define KDF_F_KDF_SCRYPT_CTRL_UINT64 0 +# define KDF_F_KDF_SCRYPT_DERIVE 0 +# define KDF_F_KDF_SCRYPT_NEW 0 +# define KDF_F_KDF_SSHKDF_CTRL 0 +# define KDF_F_KDF_SSHKDF_CTRL_STR 0 +# define KDF_F_KDF_SSHKDF_DERIVE 0 +# define KDF_F_KDF_SSHKDF_NEW 0 +# define KDF_F_KDF_TLS1_PRF_CTRL_STR 0 +# define KDF_F_KDF_TLS1_PRF_DERIVE 0 +# define KDF_F_KDF_TLS1_PRF_NEW 0 +# define KDF_F_PBKDF2_DERIVE 0 +# define KDF_F_PBKDF2_SET_MEMBUF 0 +# define KDF_F_PKEY_HKDF_CTRL_STR 0 +# define KDF_F_PKEY_HKDF_DERIVE 0 +# define KDF_F_PKEY_HKDF_INIT 0 +# define KDF_F_PKEY_SCRYPT_CTRL_STR 0 +# define KDF_F_PKEY_SCRYPT_CTRL_UINT64 0 +# define KDF_F_PKEY_SCRYPT_DERIVE 0 +# define KDF_F_PKEY_SCRYPT_INIT 0 +# define KDF_F_PKEY_SCRYPT_SET_MEMBUF 0 +# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 0 +# define KDF_F_PKEY_TLS1_PRF_DERIVE 0 +# define KDF_F_PKEY_TLS1_PRF_INIT 0 +# define KDF_F_SCRYPT_SET_MEMBUF 0 +# define KDF_F_SSKDF_CTRL_STR 0 +# define KDF_F_SSKDF_DERIVE 0 +# define KDF_F_SSKDF_MAC2CTRL 0 +# define KDF_F_SSKDF_NEW 0 +# define KDF_F_SSKDF_SIZE 0 +# define KDF_F_TLS1_PRF_ALG 0 +# define KDF_F_X942KDF_CTRL 0 +# define KDF_F_X942KDF_DERIVE 0 +# define KDF_F_X942KDF_HASH_KDM 0 +# define KDF_F_X942KDF_NEW 0 +# define KDF_F_X942KDF_SIZE 0 +# define KDF_F_X963KDF_DERIVE 0 +# endif + +/* + * KDF reason codes. + */ +# define KDF_R_BAD_ENCODING 122 +# define KDF_R_BAD_LENGTH 123 +# define KDF_R_BOTH_MODE_AND_MODE_INT 127 +# define KDF_R_INAVLID_UKM_LEN 124 +# define KDF_R_INVALID_DIGEST 100 +# define KDF_R_INVALID_ITERATION_COUNT 119 +# define KDF_R_INVALID_KEY_LEN 120 +# define KDF_R_INVALID_MAC_TYPE 116 +# define KDF_R_INVALID_MODE 128 +# define KDF_R_INVALID_MODE_INT 129 +# define KDF_R_INVALID_SALT_LEN 121 +# define KDF_R_MISSING_CEK_ALG 125 +# define KDF_R_MISSING_ITERATION_COUNT 109 +# define KDF_R_MISSING_KEY 104 +# define KDF_R_MISSING_MESSAGE_DIGEST 105 +# define KDF_R_MISSING_PARAMETER 101 +# define KDF_R_MISSING_PASS 110 +# define KDF_R_MISSING_SALT 111 +# define KDF_R_MISSING_SECRET 107 +# define KDF_R_MISSING_SEED 106 +# define KDF_R_MISSING_SESSION_ID 113 +# define KDF_R_MISSING_TYPE 114 +# define KDF_R_MISSING_XCGHASH 115 +# define KDF_R_NOT_SUPPORTED 118 +# define KDF_R_UNKNOWN_PARAMETER_TYPE 103 +# define KDF_R_UNSUPPORTED_CEK_ALG 126 +# define KDF_R_UNSUPPORTED_MAC_TYPE 117 +# define KDF_R_VALUE_ERROR 108 +# define KDF_R_VALUE_MISSING 102 +# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 + +#endif diff --git a/util/libcrypto.num b/util/libcrypto.num index 69e245e122..8238d754a2 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1807,6 +1807,7 @@ i2d_ASN1_bio_stream 1849 3_0_0 EXIST::FUNCTION: CRYPTO_THREAD_init_local 1850 3_0_0 EXIST::FUNCTION: TS_RESP_CTX_set_serial_cb 1851 3_0_0 EXIST::FUNCTION:TS POLICY_MAPPING_it 1852 3_0_0 EXIST::FUNCTION: +ERR_load_KDF_strings 1853 3_0_0 EXIST::FUNCTION: UI_method_set_reader 1854 3_0_0 EXIST::FUNCTION: BIO_next 1855 3_0_0 EXIST::FUNCTION: ASN1_STRING_set_default_mask_asc 1856 3_0_0 EXIST::FUNCTION: -- 2.34.1