summaryrefslogtreecommitdiff
path: root/src/gcrypt/asn1.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gcrypt/asn1.c')
-rw-r--r--src/gcrypt/asn1.c189
1 files changed, 50 insertions, 139 deletions
diff --git a/src/gcrypt/asn1.c b/src/gcrypt/asn1.c
index cec6364d..c9d0e525 100644
--- a/src/gcrypt/asn1.c
+++ b/src/gcrypt/asn1.c
@@ -1,11 +1,19 @@
-/**
- * XMLSec library
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
* Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
+/**
+ * SECTION:asn1
+ * @Short_description: ASN1 support functions for GCrypt.
+ * @Stability: Private
+ *
+ */
+
#include "globals.h"
#include <string.h>
@@ -202,12 +210,8 @@ xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *bufl
memset(&ti, 0, sizeof(ti));
ret = xmlSecGCryptAsn1ParseTag (&buf, &length, &ti);
if((ret != 0) || (ti.tag != TAG_SEQUENCE) || ti.class || !ti.cons || ti.ndef) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAsn1ParseTag",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "TAG_SEQUENCE is expected: tag=%d",
- (int)ti.tag);
+ xmlSecInternalError2("xmlSecGCryptAsn1ParseTag", NULL,
+ "TAG_SEQUENCE is expected: tag=%d", (int)ti.tag);
return(-1);
}
@@ -217,22 +221,15 @@ xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *bufl
ret = xmlSecGCryptAsn1ParseTag (&buf, &length, &ti);
if((ret != 0) || (ti.tag != TAG_INTEGER) || ti.class || ti.cons || ti.ndef)
{
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAsn1ParseTag",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "TAG_INTEGER is expected - index=%d, tag=%d",
- (int)idx, (int)ti.tag);
+ xmlSecInternalError3("xmlSecGCryptAsn1ParseTag", NULL,
+ "TAG_INTEGER is expected - index=%d, tag=%d",
+ (int)idx, (int)ti.tag);
return(-1);
}
err = gcry_mpi_scan(&(params[idx]), GCRYMPI_FMT_USG, buf, ti.length, NULL);
if((err != GPG_ERR_NO_ERROR) || (params[idx] == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_mpi_scan",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_mpi_scan", err, NULL);
return(-1);
}
buf += ti.length;
@@ -241,12 +238,9 @@ xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *bufl
/* did we parse everything? */
if(length > 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAsn1ParseTag",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "too many params - cur=%d, expected=%d",
- (int)(idx - 1), (int)params_size);
+ xmlSecInternalError3("xmlSecGCryptAsn1ParseTag", NULL,
+ "too many params - cur=%d, expected=%d",
+ (int)(idx - 1), (int)params_size);
return(-1);
}
@@ -278,23 +272,15 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms, sizeof(keyparms) / sizeof(keyparms[0])
);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAsn1ParseIntegerSequence",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGCryptAsn1ParseIntegerSequence", NULL);
goto done;
}
keyparms_num = ret;
/* The value of the first integer should be 0. */
if ((keyparms_num < 1) || (gcry_mpi_cmp_ui(keyparms[0], 0) != 0)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAsn1ParseTag",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "num=%d",
- (int)keyparms_num);
+ xmlSecInternalError2("xmlSecGCryptAsn1ParseTag", NULL,
+ "num=%d", (int)keyparms_num);
goto done;
}
@@ -319,11 +305,8 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
break;
default:
/* unknown */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Unexpected number of parameters, unknown key type",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "keyparms_num=%d", (int)keyparms_num);
+ xmlSecInvalidIntegerDataError("keyparms_num", keyparms_num,
+ "the number of parameters matching key type", NULL);
goto done;
}
}
@@ -334,11 +317,8 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
case xmlSecGCryptDerKeyTypePrivateDsa:
/* check we have enough params */
if(keyparms_num != 6) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Private DSA key: 6 parameters exepcted",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "parms_num=%d", (int)keyparms_num);
+ xmlSecInvalidSizeError("Private DSA key params",
+ keyparms_num, 6, NULL);
goto done;
}
@@ -354,11 +334,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms[1], keyparms[2], keyparms[3], keyparms[4], keyparms[5]
);
if((err != GPG_ERR_NO_ERROR) || (s_priv_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(private-key/dsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(private-key/dsa)", err, NULL);
goto done;
}
@@ -367,32 +343,20 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms[1], keyparms[2], keyparms[3], keyparms[5]
);
if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(public-key/dsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(public-key/dsa)", err, NULL);
goto done;
}
/* construct key and key data */
key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId);
if(key_data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataDsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId)", NULL);
goto done;
}
ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(key_data, s_pub_key, s_priv_key);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptKeyDataDsaAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataDsaId");
+ xmlSecInternalError("xmlSecGCryptKeyDataDsaAdoptKey(xmlSecGCryptKeyDataDsaId)", NULL);
xmlSecKeyDataDestroy(key_data);
key_data = NULL;
goto done;
@@ -404,11 +368,8 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
case xmlSecGCryptDerKeyTypePublicDsa:
/* check we have enough params */
if(keyparms_num != 5) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Public DSA key: 5 parameters exepcted",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "parms_num=%d", (int)keyparms_num);
+ xmlSecInvalidSizeError("Public DSA key params",
+ keyparms_num, 5, NULL);
goto done;
}
@@ -418,32 +379,20 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms[2], keyparms[3], keyparms[4], keyparms[1]
);
if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(public-key/dsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(public-key/dsa)", err, NULL);
goto done;
}
/* construct key and key data */
key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId);
if(key_data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataDsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId)", NULL);
goto done;
}
ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(key_data, s_pub_key, NULL);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptKeyDataDsaAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataDsaId");
+ xmlSecInternalError("xmlSecGCryptKeyDataDsaAdoptKey(xmlSecGCryptKeyDataDsaId)", NULL);
xmlSecKeyDataDestroy(key_data);
key_data = NULL;
goto done;
@@ -456,15 +405,13 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
case xmlSecGCryptDerKeyTypePrivateRsa:
/* check we have enough params */
if(keyparms_num != 9) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Private RSA key: 9 parameters exepcted",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "parms_num=%d", (int)keyparms_num);
+ xmlSecInvalidSizeError("Private RSA key params",
+ keyparms_num, 9, NULL);
goto done;
}
/* Convert from OpenSSL parameter ordering to the OpenPGP order. */
+ /* (http://gnupg.10057.n7.nabble.com/RSA-PKCS-1-signing-differs-from-OpenSSL-s-td27920.html) */
/* First check that p < q; if not swap p and q and recompute u. */
if (gcry_mpi_cmp (keyparms[4], keyparms[5]) > 0) {
gcry_mpi_swap (keyparms[4], keyparms[5]);
@@ -474,16 +421,11 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
/* Build the S-expression. */
err = gcry_sexp_build (&s_priv_key, NULL,
"(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
- keyparms[1], keyparms[2],
- keyparms[3], keyparms[4],
- keyparms[5], keyparms[8]
+ keyparms[1], keyparms[2], keyparms[3],
+ keyparms[4], keyparms[5], keyparms[8]
);
if((err != GPG_ERR_NO_ERROR) || (s_priv_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(private-key/rsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(private-key/rsa)", err, NULL);
goto done;
}
@@ -492,32 +434,20 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms[1], keyparms[2]
);
if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(public-key/rsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(public-key/rsa)", err, NULL);
goto done;
}
/* construct key and key data */
key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId);
if(key_data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataRsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId)", NULL);
goto done;
}
ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(key_data, s_pub_key, s_priv_key);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptKeyDataRsaAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataRsaId");
+ xmlSecInternalError("xmlSecGCryptKeyDataRsaAdoptKey(xmlSecGCryptKeyDataRsaId)", NULL);
xmlSecKeyDataDestroy(key_data);
key_data = NULL;
goto done;
@@ -529,11 +459,8 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
case xmlSecGCryptDerKeyTypePublicRsa:
/* check we have enough params */
if(keyparms_num != 3) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Public RSA key: 3 parameters exepcted",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "parms_num=%d", (int)keyparms_num);
+ xmlSecInvalidSizeError("Public RSA key params",
+ keyparms_num, 3, NULL);
goto done;
}
@@ -543,32 +470,20 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
keyparms[1], keyparms[2]
);
if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_sexp_build(public-key/rsa)",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GCRYPT_REPORT_ERROR(err));
+ xmlSecGCryptError("gcry_sexp_build(public-key/rsa)", err, NULL);
goto done;
}
/* construct key and key data */
key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId);
if(key_data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataRsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId)", NULL);
goto done;
}
ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(key_data, s_pub_key, NULL);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptKeyDataRsaAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGCryptKeyDataRsaId");
+ xmlSecInternalError("xmlSecGCryptKeyDataRsaAdoptKey(xmlSecGCryptKeyDataRsaId)", NULL);
xmlSecKeyDataDestroy(key_data);
key_data = NULL;
goto done;
@@ -578,11 +493,7 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
#endif /* XMLSEC_NO_RSA */
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "Unsupported key type",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "type=%d", (int)type);
+ xmlSecInvalidIntegerTypeError("key_type", type, "supported key type", NULL);
goto done;
break;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 17:59:20 +0000