commit 02488899507d895c5635e01ed3036f8aa43cea83
author David Benjamin <davidben@chromium.org> Mon Oct 13 15:04:35 2014 -0400
committer Adam Langley <agl@google.com> Mon Oct 13 22:56:28 2014 +0000
tree 7110f9b08b6f6befe4e41ebbdf5f80910eb0bdc0
parent 7ea848165b89577c6e9a1ef12a2cdff9d1beb71f

Don't mix and match libraries and errors.

The same library code applies for both the error and the function, so modules
cannot easily report errors from each other. Switch evp/algorithm.c's error
codes to the EVP library. Remove the original error codes so it's obvious some
changes are needed.

- X509_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED -> EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
  ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED -> EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
  (Actually, the X509 version of this error code doesn't exist in OpenSSL. It should
   have been ASN1.)

- ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM -> EVP_R_UNKNOWN_SIGNATURE_ALGORITHM

- ASN1_R_WRONG_PUBLIC_KEY_TYPE -> EVP_R_WRONG_PUBLIC_KEY_TYPE

- ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM -> EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM

Change-Id: I05b1a05b465d800c85f7d63ca74588edf40847b9
Reviewed-on: https://boringssl-review.googlesource.com/1940
Reviewed-by: Adam Langley <agl@google.com>

crypto/asn1/asn1_error.c

diff --git a/crypto/asn1/asn1_error.c b/crypto/asn1/asn1_error.c
index 81b9aff..8253322 100644
--- a/crypto/asn1/asn1_error.c
+++ b/crypto/asn1/asn1_error.c
@@ -98,7 +98,6 @@
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DECODE_ERROR), "DECODE_ERROR"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DECODING_ERROR), "DECODING_ERROR"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DEPTH_EXCEEDED), "DEPTH_EXCEEDED"},
-  {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "DIGEST_AND_KEY_TYPE_NOT_SUPPORTED"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ENCODE_ERROR), "ENCODE_ERROR"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_GETTING_TIME), "ERROR_GETTING_TIME"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_LOADING_SECTION), "ERROR_LOADING_SECTION"},
@@ -188,17 +187,14 @@
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNEXPECTED_EOC), "UNEXPECTED_EOC"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "UNIVERSALSTRING_IS_WRONG_LENGTH"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_FORMAT), "UNKNOWN_FORMAT"},
-  {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "UNKNOWN_MESSAGE_DIGEST_ALGORITHM"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_OBJECT_TYPE), "UNKNOWN_OBJECT_TYPE"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "UNKNOWN_PUBLIC_KEY_TYPE"},
-  {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), "UNKNOWN_SIGNATURE_ALGORITHM"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_TAG), "UNKNOWN_TAG"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), "UNSUPPORTED_ANY_DEFINED_BY_TYPE"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_CIPHER), "UNSUPPORTED_CIPHER"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), "UNSUPPORTED_ENCRYPTION_ALGORITHM"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "UNSUPPORTED_PUBLIC_KEY_TYPE"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_TYPE), "UNSUPPORTED_TYPE"},
-  {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_PUBLIC_KEY_TYPE), "WRONG_PUBLIC_KEY_TYPE"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TAG), "WRONG_TAG"},
   {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TYPE), "WRONG_TYPE"},
   {0, NULL},

crypto/evp/algorithm.c

diff --git a/crypto/evp/algorithm.c b/crypto/evp/algorithm.c
index 4ec111b..ea28dfa 100644
--- a/crypto/evp/algorithm.c
+++ b/crypto/evp/algorithm.c
@@ -66,9 +66,6 @@
 #include "internal.h"
 
 
-/* These functions use error codes under the ASN1 and X509 namespaces for
- * compatibility with OpenSSL. */
-
 int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
   const EVP_MD *digest;
   EVP_PKEY *pkey;
@@ -101,7 +98,7 @@
   if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest),
                               pkey->ameth->pkey_id)) {
     OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm,
-                      X509_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+                      EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
     return 0;
   }
 
@@ -126,7 +123,7 @@
   if (!OBJ_find_sigid_algs(OBJ_obj2nid(algor->algorithm), &digest_nid,
                            &pkey_nid)) {
     OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm,
-                      ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+                      EVP_R_UNKNOWN_SIGNATURE_ALGORITHM);
     return 0;
   }
 
@@ -134,7 +131,7 @@
   ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
   if (ameth == NULL || ameth->pkey_id != pkey->ameth->pkey_id) {
     OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm,
-                      ASN1_R_WRONG_PUBLIC_KEY_TYPE);
+                      EVP_R_WRONG_PUBLIC_KEY_TYPE);
     return 0;
   }
 
@@ -142,7 +139,7 @@
   if (digest_nid == NID_undef) {
     if (!pkey->ameth || !pkey->ameth->digest_verify_init_from_algorithm) {
       OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm,
-                        ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+                        EVP_R_UNKNOWN_SIGNATURE_ALGORITHM);
       return 0;
     }
 
@@ -153,7 +150,7 @@
   digest = EVP_get_digestbynid(digest_nid);
   if (digest == NULL) {
     OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm,
-                      ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+                      EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
     return 0;
   }
 

crypto/evp/evp_error.c

diff --git a/crypto/evp/evp_error.c b/crypto/evp/evp_error.c
index fae1aa7..d2d8aba 100644
--- a/crypto/evp/evp_error.c
+++ b/crypto/evp/evp_error.c
@@ -68,6 +68,7 @@
   {ERR_PACK(ERR_LIB_EVP, EVP_F_pkey_rsa_encrypt, 0), "pkey_rsa_encrypt"},
   {ERR_PACK(ERR_LIB_EVP, EVP_F_pkey_rsa_sign, 0), "pkey_rsa_sign"},
   {ERR_PACK(ERR_LIB_EVP, EVP_F_rsa_algor_to_md, 0), "rsa_algor_to_md"},
+  {ERR_PACK(ERR_LIB_EVP, EVP_F_rsa_digest_verify_init_from_algorithm, 0), "rsa_digest_verify_init_from_algorithm"},
   {ERR_PACK(ERR_LIB_EVP, EVP_F_rsa_item_verify, 0), "rsa_item_verify"},
   {ERR_PACK(ERR_LIB_EVP, EVP_F_rsa_mgf1_to_md, 0), "rsa_mgf1_to_md"},
   {ERR_PACK(ERR_LIB_EVP, EVP_F_rsa_priv_decode, 0), "rsa_priv_decode"},
@@ -80,6 +81,7 @@
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DECODE_ERROR), "DECODE_ERROR"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_KEY_TYPES), "DIFFERENT_KEY_TYPES"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS), "DIFFERENT_PARAMETERS"},
+  {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "DIGEST_AND_KEY_TYPE_NOT_SUPPORTED"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIGEST_DOES_NOT_MATCH), "DIGEST_DOES_NOT_MATCH"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_AN_DSA_KEY), "EXPECTING_AN_DSA_KEY"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_AN_EC_KEY_KEY), "EXPECTING_AN_EC_KEY_KEY"},
@@ -114,12 +116,15 @@
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_SHARED_INFO_ERROR), "SHARED_INFO_ERROR"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "UNKNOWN_DIGEST"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_MASK_DIGEST), "UNKNOWN_MASK_DIGEST"},
+  {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "UNKNOWN_MESSAGE_DIGEST_ALGORITHM"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE), "UNKNOWN_PUBLIC_KEY_TYPE"},
+  {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM), "UNKNOWN_SIGNATURE_ALGORITHM"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_ALGORITHM), "UNSUPPORTED_ALGORITHM"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_MASK_ALGORITHM), "UNSUPPORTED_MASK_ALGORITHM"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_MASK_PARAMETER), "UNSUPPORTED_MASK_PARAMETER"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "UNSUPPORTED_PUBLIC_KEY_TYPE"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_SIGNATURE_TYPE), "UNSUPPORTED_SIGNATURE_TYPE"},
+  {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_PUBLIC_KEY_TYPE), "WRONG_PUBLIC_KEY_TYPE"},
   {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_X931_UNSUPPORTED), "X931_UNSUPPORTED"},
   {0, NULL},
 };

crypto/evp/p_rsa_asn1.c

diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c
index ab83a8e..40012b3 100644
--- a/crypto/evp/p_rsa_asn1.c
+++ b/crypto/evp/p_rsa_asn1.c
@@ -656,7 +656,8 @@
                                                  EVP_PKEY *pkey) {
   /* Sanity check: make sure it is PSS */
   if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
-    OPENSSL_PUT_ERROR(EVP, rsa_item_verify, EVP_R_UNSUPPORTED_SIGNATURE_TYPE);
+    OPENSSL_PUT_ERROR(EVP, rsa_digest_verify_init_from_algorithm,
+                      EVP_R_UNSUPPORTED_SIGNATURE_TYPE);
     return 0;
   }
   return rsa_pss_to_ctx(ctx, sigalg, pkey);

crypto/x509/x509_error.c

diff --git a/crypto/x509/x509_error.c b/crypto/x509/x509_error.c
index f8f6847..d521281 100644
--- a/crypto/x509/x509_error.c
+++ b/crypto/x509/x509_error.c
@@ -92,7 +92,6 @@
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_CONTEXT_NOT_INITIALISED), "CONTEXT_NOT_INITIALISED"},
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_ALREADY_DELTA), "CRL_ALREADY_DELTA"},
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE), "CRL_VERIFY_FAILURE"},
-  {ERR_PACK(ERR_LIB_X509, 0, X509_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "DIGEST_AND_KEY_TYPE_NOT_SUPPORTED"},
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_ERR_ASN1_LIB), "ERR_ASN1_LIB"},
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "IDP_MISMATCH"},
   {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "INVALID_DIRECTORY"},

include/openssl/asn1.h

diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index a64572c..752100e 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -1161,7 +1161,6 @@
 #define ASN1_R_NOT_ENOUGH_DATA 111
 #define ASN1_R_MSTRING_NOT_UNIVERSAL 112
 #define ASN1_R_UNKNOWN_FORMAT 113
-#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 114
 #define ASN1_R_BAD_PASSWORD_READ 115
 #define ASN1_R_BAD_OBJECT_HEADER 116
 #define ASN1_R_ILLEGAL_CHARACTERS 117
@@ -1227,7 +1226,6 @@
 #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 177
 #define ASN1_R_BUFFER_TOO_SMALL 178
 #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 179
-#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 180
 #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 181
 #define ASN1_R_MIME_PARSE_ERROR 182
 #define ASN1_R_INVALID_OBJECT_ENCODING 183
@@ -1248,7 +1246,6 @@
 #define ASN1_R_NON_HEX_CHARACTERS 198
 #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 199
 #define ASN1_R_EXPECTING_AN_ASN1_SEQUENCE 201
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 202
 #define ASN1_R_STRING_TOO_SHORT 203
 #define ASN1_R_ILLEGAL_OPTIONAL_ANY 204
 #define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 205
@@ -1269,6 +1266,5 @@
 #define ASN1_R_ERROR_PARSING_SET_ELEMENT 220
 #define ASN1_R_WRONG_TAG 221
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 222
-#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 223
 
 #endif

include/openssl/evp.h

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index fcbb085..e3922a3 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -836,6 +836,7 @@
 #define EVP_F_hmac_signctx 154
 #define EVP_F_EVP_DigestVerifyInitFromAlgorithm 155
 #define EVP_F_EVP_DigestSignAlgorithm 156
+#define EVP_F_rsa_digest_verify_init_from_algorithm 157
 #define EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE 100
 #define EVP_R_UNSUPPORTED_SIGNATURE_TYPE 101
 #define EVP_R_INVALID_DIGEST_TYPE 102
@@ -883,5 +884,9 @@
 #define EVP_R_INVALID_PSS_SALTLEN 144
 #define EVP_R_UNKNOWN_PUBLIC_KEY_TYPE 145
 #define EVP_R_CONTEXT_NOT_INITIALISED 146
+#define EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 147
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE 148
+#define EVP_R_UNKNOWN_SIGNATURE_ALGORITHM 149
+#define EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 150
 
 #endif  /* OPENSSL_HEADER_EVP_H */

include/openssl/x509.h

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 1d67ed3..398bec7 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -1294,7 +1294,6 @@
 #define X509_R_UNKNOWN_PURPOSE_ID 116
 #define X509_R_NEWER_CRL_NOT_NEWER 117
 #define X509_R_UNKNOWN_TRUST_ID 118
-#define X509_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 119
 #define X509_R_KEY_TYPE_MISMATCH 120
 #define X509_R_UNKNOWN_KEY_TYPE 121
 #define X509_R_BAD_X509_FILETYPE 122