diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-09-17 11:31:29 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-09-17 11:43:39 +0200 |
commit | 2a98a39d7d986f740f21fa14e54cd4d1a5d6dca4 (patch) | |
tree | a7eec2639cd811aece45b30b7227d4b05e6b1163 /lib/nettle/pk.c | |
parent | b96164f0cfcacfd5e89440f09fd844eb1e1827bc (diff) | |
download | gnutls-2a98a39d7d986f740f21fa14e54cd4d1a5d6dca4.tar.gz |
Introduced separate error codes for invalid private and public keys
This allows functions like decryption and verification to report
the specific issue they encountered on public key error.
The new codes are GNUTLS_E_PK_INVALID_PUBKEY and GNUTLS_E_PK_INVALID_PRIVKEY
Diffstat (limited to 'lib/nettle/pk.c')
-rw-r--r-- | lib/nettle/pk.c | 26 |
1 files changed, 10 insertions, 16 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index c50e7efc8d..ffa6476e4a 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -113,7 +113,7 @@ _rsa_params_to_pubkey(const gnutls_pk_params_st * pk_params, memcpy(pub->n, pk_params->params[RSA_MODULUS], SIZEOF_MPZT); memcpy(pub->e, pk_params->params[RSA_PUB], SIZEOF_MPZT); if (rsa_public_key_prepare(pub) == 0) - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY); return 0; } @@ -126,7 +126,7 @@ _ecc_params_to_privkey(const gnutls_pk_params_st * pk_params, ecc_scalar_init(priv, curve); if (ecc_scalar_set(priv, pk_params->params[ECC_K]) == 0) { ecc_scalar_clear(priv); - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); } return 0; @@ -140,7 +140,7 @@ _ecc_params_to_pubkey(const gnutls_pk_params_st * pk_params, if (ecc_point_set (pub, pk_params->params[ECC_X], pk_params->params[ECC_Y]) == 0) { ecc_point_clear(pub); - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY); } return 0; @@ -348,9 +348,7 @@ _wrap_nettle_pk_encrypt(gnutls_pk_algorithm_t algo, ret = _rsa_params_to_pubkey(pk_params, &pub); if (ret < 0) { - ret = - gnutls_assert_val - (GNUTLS_E_ENCRYPTION_FAILED); + gnutls_assert(); goto cleanup; } @@ -413,9 +411,7 @@ _wrap_nettle_pk_decrypt(gnutls_pk_algorithm_t algo, ret = _rsa_params_to_pubkey(pk_params, &pub); if (ret < 0) return - gnutls_assert_val - (GNUTLS_E_DECRYPTION_FAILED); - + gnutls_assert_val(ret); if (ciphertext->size != pub.size) return @@ -590,8 +586,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo, ret = _rsa_params_to_pubkey(pk_params, &pub); if (ret < 0) return - gnutls_assert_val - (GNUTLS_E_PK_SIGN_FAILED); + gnutls_assert_val(ret); mpz_init(s); @@ -731,8 +726,7 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo, ret = _rsa_params_to_pubkey(pk_params, &pub); if (ret < 0) return - gnutls_assert_val - (GNUTLS_E_PK_SIG_VERIFY_FAILED); + gnutls_assert_val(ret); if (signature->size != pub.size) return @@ -1816,12 +1810,12 @@ wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo, } if (mpz_cmp_ui(TOMPZ(params->params[RSA_PRIME1]), 0) == 0) - return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); if (mpz_invert(TOMPZ(params->params[RSA_COEF]), TOMPZ(params->params[RSA_PRIME2]), TOMPZ(params->params[RSA_PRIME1])) == 0) - return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); /* calculate exp1 [6] and exp2 [7] */ zrelease_mpi_key(¶ms->params[RSA_E1]); @@ -1837,7 +1831,7 @@ wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo, _rsa_params_to_privkey(params, &priv); ret = rsa_private_key_prepare(&priv); if (ret == 0) { - return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); } } |