1 /*
2 * Error message information
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20 #include "common.h"
21
22 #include "mbedtls/error.h"
23
24 #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
25
26 #if defined(MBEDTLS_ERROR_C)
27
28 #if defined(MBEDTLS_PLATFORM_C)
29 #include "mbedtls/platform.h"
30 #else
31 #define mbedtls_snprintf snprintf
32 #endif
33
34 #include <stdio.h>
35 #include <string.h>
36
37 #if defined(MBEDTLS_AES_C)
38 #include "mbedtls/aes.h"
39 #endif
40
41 #if defined(MBEDTLS_ARIA_C)
42 #include "mbedtls/aria.h"
43 #endif
44
45 #if defined(MBEDTLS_ASN1_PARSE_C)
46 #include "mbedtls/asn1.h"
47 #endif
48
49 #if defined(MBEDTLS_BASE64_C)
50 #include "mbedtls/base64.h"
51 #endif
52
53 #if defined(MBEDTLS_BIGNUM_C)
54 #include "mbedtls/bignum.h"
55 #endif
56
57 #if defined(MBEDTLS_BLOWFISH_C)
58 #include "mbedtls/blowfish.h"
59 #endif
60
61 #if defined(MBEDTLS_CAMELLIA_C)
62 #include "mbedtls/camellia.h"
63 #endif
64
65 #if defined(MBEDTLS_CCM_C)
66 #include "mbedtls/ccm.h"
67 #endif
68
69 #if defined(MBEDTLS_CHACHA20_C)
70 #include "mbedtls/chacha20.h"
71 #endif
72
73 #if defined(MBEDTLS_CHACHAPOLY_C)
74 #include "mbedtls/chachapoly.h"
75 #endif
76
77 #if defined(MBEDTLS_CIPHER_C)
78 #include "mbedtls/cipher.h"
79 #endif
80
81 #if defined(MBEDTLS_CTR_DRBG_C)
82 #include "mbedtls/ctr_drbg.h"
83 #endif
84
85 #if defined(MBEDTLS_DES_C)
86 #include "mbedtls/des.h"
87 #endif
88
89 #if defined(MBEDTLS_DHM_C)
90 #include "mbedtls/dhm.h"
91 #endif
92
93 #if defined(MBEDTLS_ECP_C)
94 #include "mbedtls/ecp.h"
95 #endif
96
97 #if defined(MBEDTLS_ENTROPY_C)
98 #include "mbedtls/entropy.h"
99 #endif
100
101 #if defined(MBEDTLS_ERROR_C)
102 #include "mbedtls/error.h"
103 #endif
104
105 #if defined(MBEDTLS_PLATFORM_C)
106 #include "mbedtls/platform.h"
107 #endif
108
109 #if defined(MBEDTLS_GCM_C)
110 #include "mbedtls/gcm.h"
111 #endif
112
113 #if defined(MBEDTLS_HKDF_C)
114 #include "mbedtls/hkdf.h"
115 #endif
116
117 #if defined(MBEDTLS_HMAC_DRBG_C)
118 #include "mbedtls/hmac_drbg.h"
119 #endif
120
121 #if defined(MBEDTLS_MD_C)
122 #include "mbedtls/md.h"
123 #endif
124
125 #if defined(MBEDTLS_NET_C)
126 #include "mbedtls/net_sockets.h"
127 #endif
128
129 #if defined(MBEDTLS_OID_C)
130 #include "mbedtls/oid.h"
131 #endif
132
133 #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
134 #include "mbedtls/pem.h"
135 #endif
136
137 #if defined(MBEDTLS_PK_C)
138 #include "mbedtls/pk.h"
139 #endif
140
141 #if defined(MBEDTLS_PKCS12_C)
142 #include "mbedtls/pkcs12.h"
143 #endif
144
145 #if defined(MBEDTLS_PKCS5_C)
146 #include "mbedtls/pkcs5.h"
147 #endif
148
149 #if defined(MBEDTLS_POLY1305_C)
150 #include "mbedtls/poly1305.h"
151 #endif
152
153 #if defined(MBEDTLS_RSA_C)
154 #include "mbedtls/rsa.h"
155 #endif
156
157 #if defined(MBEDTLS_SHA1_C)
158 #include "mbedtls/sha1.h"
159 #endif
160
161 #if defined(MBEDTLS_SHA256_C)
162 #include "mbedtls/sha256.h"
163 #endif
164
165 #if defined(MBEDTLS_SHA512_C)
166 #include "mbedtls/sha512.h"
167 #endif
168
169 #if defined(MBEDTLS_SSL_TLS_C)
170 #include "mbedtls/ssl.h"
171 #endif
172
173 #if defined(MBEDTLS_THREADING_C)
174 #include "mbedtls/threading.h"
175 #endif
176
177 #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
178 #include "mbedtls/x509.h"
179 #endif
180
181
mbedtls_high_level_strerr(int error_code)182 const char * mbedtls_high_level_strerr( int error_code )
183 {
184 int high_level_error_code;
185
186 if( error_code < 0 )
187 error_code = -error_code;
188
189 /* Extract the high-level part from the error code. */
190 high_level_error_code = error_code & 0xFF80;
191
192 switch( high_level_error_code )
193 {
194 /* Begin Auto-Generated Code. */
195 #if defined(MBEDTLS_CIPHER_C)
196 case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE):
197 return( "CIPHER - The selected feature is not available" );
198 case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA):
199 return( "CIPHER - Bad input parameters" );
200 case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED):
201 return( "CIPHER - Failed to allocate memory" );
202 case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING):
203 return( "CIPHER - Input data contains invalid padding and is rejected" );
204 case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED):
205 return( "CIPHER - Decryption of block requires a full block" );
206 case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED):
207 return( "CIPHER - Authentication failed (for AEAD modes)" );
208 case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT):
209 return( "CIPHER - The context is invalid. For example, because it was freed" );
210 #endif /* MBEDTLS_CIPHER_C */
211
212 #if defined(MBEDTLS_DHM_C)
213 case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA):
214 return( "DHM - Bad input parameters" );
215 case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED):
216 return( "DHM - Reading of the DHM parameters failed" );
217 case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED):
218 return( "DHM - Making of the DHM parameters failed" );
219 case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED):
220 return( "DHM - Reading of the public values failed" );
221 case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED):
222 return( "DHM - Making of the public value failed" );
223 case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED):
224 return( "DHM - Calculation of the DHM secret failed" );
225 case -(MBEDTLS_ERR_DHM_INVALID_FORMAT):
226 return( "DHM - The ASN.1 data is not formatted correctly" );
227 case -(MBEDTLS_ERR_DHM_ALLOC_FAILED):
228 return( "DHM - Allocation of memory failed" );
229 case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR):
230 return( "DHM - Read or write of file failed" );
231 case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED):
232 return( "DHM - Setting the modulus and generator failed" );
233 #endif /* MBEDTLS_DHM_C */
234
235 #if defined(MBEDTLS_ECP_C)
236 case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA):
237 return( "ECP - Bad input parameters to function" );
238 case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL):
239 return( "ECP - The buffer is too small to write to" );
240 case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE):
241 return( "ECP - The requested feature is not available, for example, the requested curve is not supported" );
242 case -(MBEDTLS_ERR_ECP_VERIFY_FAILED):
243 return( "ECP - The signature is not valid" );
244 case -(MBEDTLS_ERR_ECP_ALLOC_FAILED):
245 return( "ECP - Memory allocation failed" );
246 case -(MBEDTLS_ERR_ECP_RANDOM_FAILED):
247 return( "ECP - Generation of random value, such as ephemeral key, failed" );
248 case -(MBEDTLS_ERR_ECP_INVALID_KEY):
249 return( "ECP - Invalid private or public key" );
250 case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH):
251 return( "ECP - The buffer contains a valid signature followed by more data" );
252 case -(MBEDTLS_ERR_ECP_IN_PROGRESS):
253 return( "ECP - Operation in progress, call again with the same parameters to continue" );
254 #endif /* MBEDTLS_ECP_C */
255
256 #if defined(MBEDTLS_MD_C)
257 case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE):
258 return( "MD - The selected feature is not available" );
259 case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA):
260 return( "MD - Bad input parameters to function" );
261 case -(MBEDTLS_ERR_MD_ALLOC_FAILED):
262 return( "MD - Failed to allocate memory" );
263 case -(MBEDTLS_ERR_MD_FILE_IO_ERROR):
264 return( "MD - Opening or reading of file failed" );
265 #endif /* MBEDTLS_MD_C */
266
267 #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
268 case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT):
269 return( "PEM - No PEM header or footer found" );
270 case -(MBEDTLS_ERR_PEM_INVALID_DATA):
271 return( "PEM - PEM string is not as expected" );
272 case -(MBEDTLS_ERR_PEM_ALLOC_FAILED):
273 return( "PEM - Failed to allocate memory" );
274 case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV):
275 return( "PEM - RSA IV is not in hex-format" );
276 case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG):
277 return( "PEM - Unsupported key encryption algorithm" );
278 case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED):
279 return( "PEM - Private key password can't be empty" );
280 case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH):
281 return( "PEM - Given private key password does not allow for correct decryption" );
282 case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE):
283 return( "PEM - Unavailable feature, e.g. hashing/encryption combination" );
284 case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA):
285 return( "PEM - Bad input parameters to function" );
286 #endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
287
288 #if defined(MBEDTLS_PK_C)
289 case -(MBEDTLS_ERR_PK_ALLOC_FAILED):
290 return( "PK - Memory allocation failed" );
291 case -(MBEDTLS_ERR_PK_TYPE_MISMATCH):
292 return( "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
293 case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA):
294 return( "PK - Bad input parameters to function" );
295 case -(MBEDTLS_ERR_PK_FILE_IO_ERROR):
296 return( "PK - Read/write of file failed" );
297 case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION):
298 return( "PK - Unsupported key version" );
299 case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT):
300 return( "PK - Invalid key tag or value" );
301 case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG):
302 return( "PK - Key algorithm is unsupported (only RSA and EC are supported)" );
303 case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED):
304 return( "PK - Private key password can't be empty" );
305 case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH):
306 return( "PK - Given private key password does not allow for correct decryption" );
307 case -(MBEDTLS_ERR_PK_INVALID_PUBKEY):
308 return( "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" );
309 case -(MBEDTLS_ERR_PK_INVALID_ALG):
310 return( "PK - The algorithm tag or value is invalid" );
311 case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE):
312 return( "PK - Elliptic curve is unsupported (only NIST curves are supported)" );
313 case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE):
314 return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
315 case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH):
316 return( "PK - The buffer contains a valid signature followed by more data" );
317 case -(MBEDTLS_ERR_PK_BUFFER_TOO_SMALL):
318 return( "PK - The output buffer is too small" );
319 #endif /* MBEDTLS_PK_C */
320
321 #if defined(MBEDTLS_PKCS12_C)
322 case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA):
323 return( "PKCS12 - Bad input parameters to function" );
324 case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE):
325 return( "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
326 case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT):
327 return( "PKCS12 - PBE ASN.1 data not as expected" );
328 case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH):
329 return( "PKCS12 - Given private key password does not allow for correct decryption" );
330 #endif /* MBEDTLS_PKCS12_C */
331
332 #if defined(MBEDTLS_PKCS5_C)
333 case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA):
334 return( "PKCS5 - Bad input parameters to function" );
335 case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT):
336 return( "PKCS5 - Unexpected ASN.1 data" );
337 case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE):
338 return( "PKCS5 - Requested encryption or digest alg not available" );
339 case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH):
340 return( "PKCS5 - Given private key password does not allow for correct decryption" );
341 #endif /* MBEDTLS_PKCS5_C */
342
343 #if defined(MBEDTLS_RSA_C)
344 case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA):
345 return( "RSA - Bad input parameters to function" );
346 case -(MBEDTLS_ERR_RSA_INVALID_PADDING):
347 return( "RSA - Input data contains invalid padding and is rejected" );
348 case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED):
349 return( "RSA - Something failed during generation of a key" );
350 case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED):
351 return( "RSA - Key failed to pass the validity check of the library" );
352 case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED):
353 return( "RSA - The public key operation failed" );
354 case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED):
355 return( "RSA - The private key operation failed" );
356 case -(MBEDTLS_ERR_RSA_VERIFY_FAILED):
357 return( "RSA - The PKCS#1 verification failed" );
358 case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE):
359 return( "RSA - The output buffer for decryption is not large enough" );
360 case -(MBEDTLS_ERR_RSA_RNG_FAILED):
361 return( "RSA - The random generator failed to generate non-zeros" );
362 #endif /* MBEDTLS_RSA_C */
363
364 #if defined(MBEDTLS_SSL_TLS_C)
365 case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS):
366 return( "SSL - A cryptographic operation is in progress. Try again later" );
367 case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE):
368 return( "SSL - The requested feature is not available" );
369 case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA):
370 return( "SSL - Bad input parameters to function" );
371 case -(MBEDTLS_ERR_SSL_INVALID_MAC):
372 return( "SSL - Verification of the message MAC failed" );
373 case -(MBEDTLS_ERR_SSL_INVALID_RECORD):
374 return( "SSL - An invalid SSL record was received" );
375 case -(MBEDTLS_ERR_SSL_CONN_EOF):
376 return( "SSL - The connection indicated an EOF" );
377 case -(MBEDTLS_ERR_SSL_DECODE_ERROR):
378 return( "SSL - A message could not be parsed due to a syntactic error" );
379 case -(MBEDTLS_ERR_SSL_NO_RNG):
380 return( "SSL - No RNG was provided to the SSL module" );
381 case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE):
382 return( "SSL - No client certification received from the client, but required by the authentication mode" );
383 case -(MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION):
384 return( "SSL - Client received an extended server hello containing an unsupported extension" );
385 case -(MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL):
386 return( "SSL - No ALPN protocols supported that the client advertises" );
387 case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED):
388 return( "SSL - The own private key or pre-shared key is not set, but needed" );
389 case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED):
390 return( "SSL - No CA Chain is set, but required to operate" );
391 case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE):
392 return( "SSL - An unexpected message was received from our peer" );
393 case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE):
394 return( "SSL - A fatal alert message was received from our peer" );
395 case -(MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME):
396 return( "SSL - No server could be identified matching the client's SNI" );
397 case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY):
398 return( "SSL - The peer notified us that the connection is going to be closed" );
399 case -(MBEDTLS_ERR_SSL_BAD_CERTIFICATE):
400 return( "SSL - Processing of the Certificate handshake message failed" );
401 case -(MBEDTLS_ERR_SSL_ALLOC_FAILED):
402 return( "SSL - Memory allocation failed" );
403 case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED):
404 return( "SSL - Hardware acceleration function returned with error" );
405 case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH):
406 return( "SSL - Hardware acceleration function skipped / left alone data" );
407 case -(MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION):
408 return( "SSL - Handshake protocol not within min/max boundaries" );
409 case -(MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE):
410 return( "SSL - The handshake negotiation failed" );
411 case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED):
412 return( "SSL - Session ticket has expired" );
413 case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH):
414 return( "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" );
415 case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY):
416 return( "SSL - Unknown identity received (eg, PSK identity)" );
417 case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR):
418 return( "SSL - Internal error (eg, unexpected failure in lower-level module)" );
419 case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING):
420 return( "SSL - A counter would wrap (eg, too many messages exchanged)" );
421 case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO):
422 return( "SSL - Unexpected message at ServerHello in renegotiation" );
423 case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED):
424 return( "SSL - DTLS client must retry for hello verification" );
425 case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL):
426 return( "SSL - A buffer is too small to receive or write a message" );
427 case -(MBEDTLS_ERR_SSL_WANT_READ):
428 return( "SSL - No data of requested type currently available on underlying transport" );
429 case -(MBEDTLS_ERR_SSL_WANT_WRITE):
430 return( "SSL - Connection requires a write call" );
431 case -(MBEDTLS_ERR_SSL_TIMEOUT):
432 return( "SSL - The operation timed out" );
433 case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT):
434 return( "SSL - The client initiated a reconnect from the same port" );
435 case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD):
436 return( "SSL - Record header looks valid but is not expected" );
437 case -(MBEDTLS_ERR_SSL_NON_FATAL):
438 return( "SSL - The alert message received indicates a non-fatal error" );
439 case -(MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER):
440 return( "SSL - A field in a message was incorrect or inconsistent with other fields" );
441 case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING):
442 return( "SSL - Internal-only message signaling that further message-processing should be done" );
443 case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS):
444 return( "SSL - The asynchronous operation is not completed yet" );
445 case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE):
446 return( "SSL - Internal-only message signaling that a message arrived early" );
447 case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID):
448 return( "SSL - An encrypted DTLS-frame with an unexpected CID was received" );
449 case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH):
450 return( "SSL - An operation failed due to an unexpected version or configuration" );
451 case -(MBEDTLS_ERR_SSL_BAD_CONFIG):
452 return( "SSL - Invalid value in SSL config" );
453 #endif /* MBEDTLS_SSL_TLS_C */
454
455 #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
456 case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE):
457 return( "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
458 case -(MBEDTLS_ERR_X509_UNKNOWN_OID):
459 return( "X509 - Requested OID is unknown" );
460 case -(MBEDTLS_ERR_X509_INVALID_FORMAT):
461 return( "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" );
462 case -(MBEDTLS_ERR_X509_INVALID_VERSION):
463 return( "X509 - The CRT/CRL/CSR version element is invalid" );
464 case -(MBEDTLS_ERR_X509_INVALID_SERIAL):
465 return( "X509 - The serial tag or value is invalid" );
466 case -(MBEDTLS_ERR_X509_INVALID_ALG):
467 return( "X509 - The algorithm tag or value is invalid" );
468 case -(MBEDTLS_ERR_X509_INVALID_NAME):
469 return( "X509 - The name tag or value is invalid" );
470 case -(MBEDTLS_ERR_X509_INVALID_DATE):
471 return( "X509 - The date tag or value is invalid" );
472 case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE):
473 return( "X509 - The signature tag or value invalid" );
474 case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS):
475 return( "X509 - The extension tag or value is invalid" );
476 case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION):
477 return( "X509 - CRT/CRL/CSR has an unsupported version number" );
478 case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG):
479 return( "X509 - Signature algorithm (oid) is unsupported" );
480 case -(MBEDTLS_ERR_X509_SIG_MISMATCH):
481 return( "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" );
482 case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED):
483 return( "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
484 case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT):
485 return( "X509 - Format not recognized as DER or PEM" );
486 case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA):
487 return( "X509 - Input invalid" );
488 case -(MBEDTLS_ERR_X509_ALLOC_FAILED):
489 return( "X509 - Allocation of memory failed" );
490 case -(MBEDTLS_ERR_X509_FILE_IO_ERROR):
491 return( "X509 - Read/write of file failed" );
492 case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL):
493 return( "X509 - Destination buffer is too small" );
494 case -(MBEDTLS_ERR_X509_FATAL_ERROR):
495 return( "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" );
496 #endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
497 /* End Auto-Generated Code. */
498
499 default:
500 break;
501 }
502
503 return( NULL );
504 }
505
mbedtls_low_level_strerr(int error_code)506 const char * mbedtls_low_level_strerr( int error_code )
507 {
508 int low_level_error_code;
509
510 if( error_code < 0 )
511 error_code = -error_code;
512
513 /* Extract the low-level part from the error code. */
514 low_level_error_code = error_code & ~0xFF80;
515
516 switch( low_level_error_code )
517 {
518 /* Begin Auto-Generated Code. */
519 #if defined(MBEDTLS_AES_C)
520 case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH):
521 return( "AES - Invalid key length" );
522 case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH):
523 return( "AES - Invalid data input length" );
524 case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA):
525 return( "AES - Invalid input data" );
526 #endif /* MBEDTLS_AES_C */
527
528 #if defined(MBEDTLS_ARIA_C)
529 case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA):
530 return( "ARIA - Bad input data" );
531 case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH):
532 return( "ARIA - Invalid data input length" );
533 #endif /* MBEDTLS_ARIA_C */
534
535 #if defined(MBEDTLS_ASN1_PARSE_C)
536 case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA):
537 return( "ASN1 - Out of data when parsing an ASN1 data structure" );
538 case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG):
539 return( "ASN1 - ASN1 tag was of an unexpected value" );
540 case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH):
541 return( "ASN1 - Error when trying to determine the length or invalid length" );
542 case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH):
543 return( "ASN1 - Actual length differs from expected length" );
544 case -(MBEDTLS_ERR_ASN1_INVALID_DATA):
545 return( "ASN1 - Data is invalid" );
546 case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED):
547 return( "ASN1 - Memory allocation failed" );
548 case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL):
549 return( "ASN1 - Buffer too small when writing ASN.1 data structure" );
550 #endif /* MBEDTLS_ASN1_PARSE_C */
551
552 #if defined(MBEDTLS_BASE64_C)
553 case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL):
554 return( "BASE64 - Output buffer too small" );
555 case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER):
556 return( "BASE64 - Invalid character in input" );
557 #endif /* MBEDTLS_BASE64_C */
558
559 #if defined(MBEDTLS_BIGNUM_C)
560 case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR):
561 return( "BIGNUM - An error occurred while reading from or writing to a file" );
562 case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA):
563 return( "BIGNUM - Bad input parameters to function" );
564 case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER):
565 return( "BIGNUM - There is an invalid character in the digit string" );
566 case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL):
567 return( "BIGNUM - The buffer is too small to write to" );
568 case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE):
569 return( "BIGNUM - The input arguments are negative or result in illegal output" );
570 case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO):
571 return( "BIGNUM - The input argument for division is zero, which is not allowed" );
572 case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE):
573 return( "BIGNUM - The input arguments are not acceptable" );
574 case -(MBEDTLS_ERR_MPI_ALLOC_FAILED):
575 return( "BIGNUM - Memory allocation failed" );
576 #endif /* MBEDTLS_BIGNUM_C */
577
578 #if defined(MBEDTLS_BLOWFISH_C)
579 case -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA):
580 return( "BLOWFISH - Bad input data" );
581 case -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH):
582 return( "BLOWFISH - Invalid data input length" );
583 #endif /* MBEDTLS_BLOWFISH_C */
584
585 #if defined(MBEDTLS_CAMELLIA_C)
586 case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA):
587 return( "CAMELLIA - Bad input data" );
588 case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH):
589 return( "CAMELLIA - Invalid data input length" );
590 #endif /* MBEDTLS_CAMELLIA_C */
591
592 #if defined(MBEDTLS_CCM_C)
593 case -(MBEDTLS_ERR_CCM_BAD_INPUT):
594 return( "CCM - Bad input parameters to the function" );
595 case -(MBEDTLS_ERR_CCM_AUTH_FAILED):
596 return( "CCM - Authenticated decryption failed" );
597 #endif /* MBEDTLS_CCM_C */
598
599 #if defined(MBEDTLS_CHACHA20_C)
600 case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA):
601 return( "CHACHA20 - Invalid input parameter(s)" );
602 #endif /* MBEDTLS_CHACHA20_C */
603
604 #if defined(MBEDTLS_CHACHAPOLY_C)
605 case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE):
606 return( "CHACHAPOLY - The requested operation is not permitted in the current state" );
607 case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED):
608 return( "CHACHAPOLY - Authenticated decryption failed: data was not authentic" );
609 #endif /* MBEDTLS_CHACHAPOLY_C */
610
611 #if defined(MBEDTLS_CTR_DRBG_C)
612 case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED):
613 return( "CTR_DRBG - The entropy source failed" );
614 case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG):
615 return( "CTR_DRBG - The requested random buffer length is too big" );
616 case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG):
617 return( "CTR_DRBG - The input (entropy + additional data) is too large" );
618 case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR):
619 return( "CTR_DRBG - Read or write error in file" );
620 #endif /* MBEDTLS_CTR_DRBG_C */
621
622 #if defined(MBEDTLS_DES_C)
623 case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH):
624 return( "DES - The data input has an invalid length" );
625 #endif /* MBEDTLS_DES_C */
626
627 #if defined(MBEDTLS_ENTROPY_C)
628 case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED):
629 return( "ENTROPY - Critical entropy source failure" );
630 case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES):
631 return( "ENTROPY - No more sources can be added" );
632 case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED):
633 return( "ENTROPY - No sources have been added to poll" );
634 case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE):
635 return( "ENTROPY - No strong sources have been added to poll" );
636 case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR):
637 return( "ENTROPY - Read/write error in file" );
638 #endif /* MBEDTLS_ENTROPY_C */
639
640 #if defined(MBEDTLS_ERROR_C)
641 case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR):
642 return( "ERROR - Generic error" );
643 case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED):
644 return( "ERROR - This is a bug in the library" );
645 #endif /* MBEDTLS_ERROR_C */
646
647 #if defined(MBEDTLS_PLATFORM_C)
648 case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED):
649 return( "PLATFORM - Hardware accelerator failed" );
650 case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED):
651 return( "PLATFORM - The requested feature is not supported by the platform" );
652 #endif /* MBEDTLS_PLATFORM_C */
653
654 #if defined(MBEDTLS_GCM_C)
655 case -(MBEDTLS_ERR_GCM_AUTH_FAILED):
656 return( "GCM - Authenticated decryption failed" );
657 case -(MBEDTLS_ERR_GCM_BAD_INPUT):
658 return( "GCM - Bad input parameters to function" );
659 case -(MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL):
660 return( "GCM - An output buffer is too small" );
661 #endif /* MBEDTLS_GCM_C */
662
663 #if defined(MBEDTLS_HKDF_C)
664 case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA):
665 return( "HKDF - Bad input parameters to function" );
666 #endif /* MBEDTLS_HKDF_C */
667
668 #if defined(MBEDTLS_HMAC_DRBG_C)
669 case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG):
670 return( "HMAC_DRBG - Too many random requested in single call" );
671 case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG):
672 return( "HMAC_DRBG - Input too large (Entropy + additional)" );
673 case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR):
674 return( "HMAC_DRBG - Read/write error in file" );
675 case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED):
676 return( "HMAC_DRBG - The entropy source failed" );
677 #endif /* MBEDTLS_HMAC_DRBG_C */
678
679 #if defined(MBEDTLS_NET_C)
680 case -(MBEDTLS_ERR_NET_SOCKET_FAILED):
681 return( "NET - Failed to open a socket" );
682 case -(MBEDTLS_ERR_NET_CONNECT_FAILED):
683 return( "NET - The connection to the given server / port failed" );
684 case -(MBEDTLS_ERR_NET_BIND_FAILED):
685 return( "NET - Binding of the socket failed" );
686 case -(MBEDTLS_ERR_NET_LISTEN_FAILED):
687 return( "NET - Could not listen on the socket" );
688 case -(MBEDTLS_ERR_NET_ACCEPT_FAILED):
689 return( "NET - Could not accept the incoming connection" );
690 case -(MBEDTLS_ERR_NET_RECV_FAILED):
691 return( "NET - Reading information from the socket failed" );
692 case -(MBEDTLS_ERR_NET_SEND_FAILED):
693 return( "NET - Sending information through the socket failed" );
694 case -(MBEDTLS_ERR_NET_CONN_RESET):
695 return( "NET - Connection was reset by peer" );
696 case -(MBEDTLS_ERR_NET_UNKNOWN_HOST):
697 return( "NET - Failed to get an IP address for the given hostname" );
698 case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL):
699 return( "NET - Buffer is too small to hold the data" );
700 case -(MBEDTLS_ERR_NET_INVALID_CONTEXT):
701 return( "NET - The context is invalid, eg because it was free()ed" );
702 case -(MBEDTLS_ERR_NET_POLL_FAILED):
703 return( "NET - Polling the net context failed" );
704 case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA):
705 return( "NET - Input invalid" );
706 #endif /* MBEDTLS_NET_C */
707
708 #if defined(MBEDTLS_OID_C)
709 case -(MBEDTLS_ERR_OID_NOT_FOUND):
710 return( "OID - OID is not found" );
711 case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL):
712 return( "OID - output buffer is too small" );
713 #endif /* MBEDTLS_OID_C */
714
715 #if defined(MBEDTLS_POLY1305_C)
716 case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA):
717 return( "POLY1305 - Invalid input parameter(s)" );
718 #endif /* MBEDTLS_POLY1305_C */
719
720 #if defined(MBEDTLS_SHA1_C)
721 case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA):
722 return( "SHA1 - SHA-1 input data was malformed" );
723 #endif /* MBEDTLS_SHA1_C */
724
725 #if defined(MBEDTLS_SHA256_C)
726 case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA):
727 return( "SHA256 - SHA-256 input data was malformed" );
728 #endif /* MBEDTLS_SHA256_C */
729
730 #if defined(MBEDTLS_SHA512_C)
731 case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA):
732 return( "SHA512 - SHA-512 input data was malformed" );
733 #endif /* MBEDTLS_SHA512_C */
734
735 #if defined(MBEDTLS_THREADING_C)
736 case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA):
737 return( "THREADING - Bad input parameters to function" );
738 case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR):
739 return( "THREADING - Locking / unlocking / free failed with error code" );
740 #endif /* MBEDTLS_THREADING_C */
741 /* End Auto-Generated Code. */
742
743 default:
744 break;
745 }
746
747 return( NULL );
748 }
749
mbedtls_strerror(int ret,char * buf,size_t buflen)750 void mbedtls_strerror( int ret, char *buf, size_t buflen )
751 {
752 size_t len;
753 int use_ret;
754 const char * high_level_error_description = NULL;
755 const char * low_level_error_description = NULL;
756
757 if( buflen == 0 )
758 return;
759
760 memset( buf, 0x00, buflen );
761
762 if( ret < 0 )
763 ret = -ret;
764
765 if( ret & 0xFF80 )
766 {
767 use_ret = ret & 0xFF80;
768
769 // Translate high level error code.
770 high_level_error_description = mbedtls_high_level_strerr( ret );
771
772 if( high_level_error_description == NULL )
773 mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
774 else
775 mbedtls_snprintf( buf, buflen, "%s", high_level_error_description );
776
777 #if defined(MBEDTLS_SSL_TLS_C)
778 // Early return in case of a fatal error - do not try to translate low
779 // level code.
780 if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE))
781 return;
782 #endif /* MBEDTLS_SSL_TLS_C */
783 }
784
785 use_ret = ret & ~0xFF80;
786
787 if( use_ret == 0 )
788 return;
789
790 // If high level code is present, make a concatenation between both
791 // error strings.
792 //
793 len = strlen( buf );
794
795 if( len > 0 )
796 {
797 if( buflen - len < 5 )
798 return;
799
800 mbedtls_snprintf( buf + len, buflen - len, " : " );
801
802 buf += len + 3;
803 buflen -= len + 3;
804 }
805
806 // Translate low level error code.
807 low_level_error_description = mbedtls_low_level_strerr( ret );
808
809 if( low_level_error_description == NULL )
810 mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
811 else
812 mbedtls_snprintf( buf, buflen, "%s", low_level_error_description );
813 }
814
815 #else /* MBEDTLS_ERROR_C */
816
817 /*
818 * Provide an non-function in case MBEDTLS_ERROR_C is not defined
819 */
mbedtls_strerror(int ret,char * buf,size_t buflen)820 void mbedtls_strerror( int ret, char *buf, size_t buflen )
821 {
822 ((void) ret);
823
824 if( buflen > 0 )
825 buf[0] = '\0';
826 }
827
828 #endif /* MBEDTLS_ERROR_C */
829
830 #if defined(MBEDTLS_TEST_HOOKS)
831 void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
832 #endif
833
834 #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
835