Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 2bf4ad32f195bd734e4d7e7d4ac52c051f182fbf / . / openssl_err.cpp
blob: 38edc058405e4c98c73d7547906b7dfc79b4e8f3 [file] [log] [blame]
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "openssl_err.h"
18
Shawn Willdende4ffa92015-05-05 07:15:24 -0600[diff] [blame]19#include <openssl/err.h>
20#include <openssl/evp.h>
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]21
22#if defined(OPENSSL_IS_BORINGSSL)
23#include <openssl/asn1.h>
24#include <openssl/cipher.h>
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]25#include <openssl/pkcs8.h>
26#include <openssl/x509v3.h>
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]27#endif
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]28
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]29#include <hardware/keymaster_defs.h>
30#include <keymaster/logger.h>
31
32namespace keymaster {
33
34static keymaster_error_t TranslateEvpError(int reason);
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]35#if defined(OPENSSL_IS_BORINGSSL)
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]36static keymaster_error_t TranslateASN1Error(int reason);
37static keymaster_error_t TranslateCipherError(int reason);
38static keymaster_error_t TranslatePKCS8Error(int reason);
39static keymaster_error_t TranslateX509v3Error(int reason);
Shawn Willden2bf4ad32015-06-01 07:33:51 -0600[diff] [blame^]40static keymaster_error_t TranslateRsaError(int reason);
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]41#endif
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]42
43keymaster_error_t TranslateLastOpenSslError(bool log_message) {
44 unsigned long error = ERR_peek_last_error();
45
46 if (log_message) {
47 LOG_D("%s", ERR_error_string(error, NULL));
48 }
49
50 int reason = ERR_GET_REASON(error);
51 switch (ERR_GET_LIB(error)) {
52
53 case ERR_LIB_EVP:
54 return TranslateEvpError(reason);
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]55#if defined(OPENSSL_IS_BORINGSSL)
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]56 case ERR_LIB_ASN1:
57 return TranslateASN1Error(reason);
58 case ERR_LIB_CIPHER:
59 return TranslateCipherError(reason);
60 case ERR_LIB_PKCS8:
61 return TranslatePKCS8Error(reason);
62 case ERR_LIB_X509V3:
63 return TranslateX509v3Error(reason);
Shawn Willden2bf4ad32015-06-01 07:33:51 -0600[diff] [blame^]64 case ERR_LIB_RSA:
65 return TranslateRsaError(reason);
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]66#else
67 case ERR_LIB_ASN1:
68 LOG_E("ASN.1 parsing error %d", reason);
69 return KM_ERROR_INVALID_ARGUMENT;
70#endif
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]71 }
72
Shawn Willdenf01329d2015-03-11 21:51:38 -0600[diff] [blame]73 LOG_E("Openssl error %d, %d", ERR_GET_LIB(error), reason);
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]74 return KM_ERROR_UNKNOWN_ERROR;
75}
76
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]77#if defined(OPENSSL_IS_BORINGSSL)
78
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]79keymaster_error_t TranslatePKCS8Error(int reason) {
80 switch (reason) {
81 case PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM:
82 case PKCS8_R_UNKNOWN_CIPHER:
83 return KM_ERROR_UNSUPPORTED_ALGORITHM;
84
85 case PKCS8_R_PRIVATE_KEY_ENCODE_ERROR:
86 case PKCS8_R_PRIVATE_KEY_DECODE_ERROR:
87 return KM_ERROR_INVALID_KEY_BLOB;
88
89 case PKCS8_R_ENCODE_ERROR:
90 return KM_ERROR_INVALID_ARGUMENT;
91
92 default:
93 return KM_ERROR_UNKNOWN_ERROR;
94 }
95}
96
97keymaster_error_t TranslateCipherError(int reason) {
98 switch (reason) {
99 case CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH:
100 case CIPHER_R_WRONG_FINAL_BLOCK_LENGTH:
101 return KM_ERROR_INVALID_INPUT_LENGTH;
102
103 case CIPHER_R_UNSUPPORTED_KEY_SIZE:
104 case CIPHER_R_BAD_KEY_LENGTH:
105 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
106
107 case CIPHER_R_BAD_DECRYPT:
108 return KM_ERROR_INVALID_ARGUMENT;
109
110 case CIPHER_R_INVALID_KEY_LENGTH:
111 return KM_ERROR_INVALID_KEY_BLOB;
112
113 default:
114 return KM_ERROR_UNKNOWN_ERROR;
115 }
116}
117
118keymaster_error_t TranslateASN1Error(int reason) {
119 switch (reason) {
Adam Langleyc3326552015-04-28 13:20:52 -0700[diff] [blame]120#if !defined(OPENSSL_IS_BORINGSSL)
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]121 case ASN1_R_UNSUPPORTED_CIPHER:
122 return KM_ERROR_UNSUPPORTED_ALGORITHM;
123
124 case ASN1_R_ERROR_LOADING_SECTION:
125 return KM_ERROR_INVALID_KEY_BLOB;
Adam Langleyc3326552015-04-28 13:20:52 -0700[diff] [blame]126#endif
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]127
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]128 case ASN1_R_ENCODE_ERROR:
129 return KM_ERROR_INVALID_ARGUMENT;
130
131 default:
132 return KM_ERROR_UNKNOWN_ERROR;
133 }
134}
135
136keymaster_error_t TranslateX509v3Error(int reason) {
137 switch (reason) {
138 case X509V3_R_UNKNOWN_OPTION:
139 return KM_ERROR_UNSUPPORTED_ALGORITHM;
140
141 default:
142 return KM_ERROR_UNKNOWN_ERROR;
143 }
144}
145
Shawn Willden2bf4ad32015-06-01 07:33:51 -0600[diff] [blame^]146keymaster_error_t TranslateRsaError(int reason) {
147 switch (reason) {
148 case RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE:
149 case RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE:
150 return KM_ERROR_INVALID_INPUT_LENGTH;
151 default:
152 return KM_ERROR_UNKNOWN_ERROR;
153 };
154}
155
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]156#endif // OPENSSL_IS_BORINGSSL
157
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]158keymaster_error_t TranslateEvpError(int reason) {
159 switch (reason) {
160
161 case EVP_R_UNKNOWN_DIGEST:
162 return KM_ERROR_UNSUPPORTED_DIGEST;
163
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]164#if !defined(OPENSSL_IS_BORINGSSL)
165 case EVP_R_UNSUPPORTED_PRF:
166 case EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM:
167 case EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION:
168 case EVP_R_UNSUPPORTED_SALT_TYPE:
169 case EVP_R_UNKNOWN_PBE_ALGORITHM:
170 case EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS:
171 case EVP_R_UNSUPPORTED_CIPHER:
172 case EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE:
173 case EVP_R_UNKNOWN_CIPHER:
174#endif
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]175 case EVP_R_UNSUPPORTED_ALGORITHM:
176 case EVP_R_OPERATON_NOT_INITIALIZED:
177 case EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]178 return KM_ERROR_UNSUPPORTED_ALGORITHM;
179
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]180#if !defined(OPENSSL_IS_BORINGSSL)
181 case EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH:
182 case EVP_R_WRONG_FINAL_BLOCK_LENGTH:
183 return KM_ERROR_INVALID_INPUT_LENGTH;
184
185 case EVP_R_UNSUPPORTED_KEYLENGTH:
186 case EVP_R_BAD_KEY_LENGTH:
187 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
188#endif
189
190#if !defined(OPENSSL_IS_BORINGSSL)
191 case EVP_R_BAD_BLOCK_LENGTH:
192 case EVP_R_BN_DECODE_ERROR:
193 case EVP_R_BN_PUBKEY_ERROR:
194 case EVP_R_CIPHER_PARAMETER_ERROR:
195 case EVP_R_ERROR_LOADING_SECTION:
196 case EVP_R_EXPECTING_A_ECDSA_KEY:
197 case EVP_R_EXPECTING_A_EC_KEY:
198 case EVP_R_INVALID_DIGEST:
199 case EVP_R_INVALID_KEY_LENGTH:
200 case EVP_R_NO_DSA_PARAMETERS:
201 case EVP_R_PRIVATE_KEY_DECODE_ERROR:
202 case EVP_R_PRIVATE_KEY_ENCODE_ERROR:
203 case EVP_R_PUBLIC_KEY_NOT_RSA:
204#endif
Adam Langleya5fce682015-02-26 13:33:18 -0800[diff] [blame]205 case EVP_R_BUFFER_TOO_SMALL:
206 case EVP_R_EXPECTING_AN_RSA_KEY:
207 case EVP_R_EXPECTING_A_DH_KEY:
208 case EVP_R_EXPECTING_A_DSA_KEY:
209 case EVP_R_MISSING_PARAMETERS:
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]210 case EVP_R_WRONG_PUBLIC_KEY_TYPE:
211 return KM_ERROR_INVALID_KEY_BLOB;
212
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]213#if !defined(OPENSSL_IS_BORINGSSL)
214 case EVP_R_BAD_DECRYPT:
215 case EVP_R_ENCODE_ERROR:
216#endif
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]217 case EVP_R_DIFFERENT_PARAMETERS:
218 case EVP_R_DECODE_ERROR:
Shawn Willden26aaa762015-02-07 00:31:41 -0700[diff] [blame]219 return KM_ERROR_INVALID_ARGUMENT;
220
221 case EVP_R_DIFFERENT_KEY_TYPES:
222 return KM_ERROR_INCOMPATIBLE_ALGORITHM;
223 }
224
225 return KM_ERROR_UNKNOWN_ERROR;
226}
227
228} // namespace keymaster