diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-25 18:01:47 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-25 18:01:47 +0000 |
| commit | 9655bd6400646c32c9b2c92ec7e2fcbb8a2e54f5 (patch) | |
| tree | e129c9023b7248279c0cf839051654725039dd29 /lib | |
| parent | 7d4f764228b751f223777b15a669bcbfa94a8ac9 (diff) | |
| download | gnutls-9655bd6400646c32c9b2c92ec7e2fcbb8a2e54f5.tar.gz | |
Several GNUTLS_E_UNIMPLEMENTED_FEATURE errors were replaced with meaningful error values.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/auth_cert.c | 4 | ||||
| -rw-r--r-- | lib/ext_server_name.c | 2 | ||||
| -rw-r--r-- | lib/gnutls_errors.c | 4 | ||||
| -rw-r--r-- | lib/gnutls_errors_int.h | 43 | ||||
| -rw-r--r-- | lib/gnutls_session_pack.c | 8 | ||||
| -rw-r--r-- | lib/gnutls_sig.c | 4 | ||||
| -rw-r--r-- | lib/x509/crl.c | 2 | ||||
| -rw-r--r-- | lib/x509/crq.c | 8 | ||||
| -rw-r--r-- | lib/x509/mpi.c | 2 | ||||
| -rw-r--r-- | lib/x509/privkey.c | 3 | ||||
| -rw-r--r-- | lib/x509/privkey_pkcs8.c | 2 | ||||
| -rw-r--r-- | lib/x509/sign.c | 2 | ||||
| -rw-r--r-- | lib/x509/verify.c | 2 | ||||
| -rw-r--r-- | lib/x509/x509.c | 2 |
14 files changed, 51 insertions, 37 deletions
diff --git a/lib/auth_cert.c b/lib/auth_cert.c index 7fb8799933..9cc75efc92 100644 --- a/lib/auth_cert.c +++ b/lib/auth_cert.c @@ -819,7 +819,7 @@ int _gnutls_proc_openpgp_server_certificate(gnutls_session session, if (len != 20) { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED; } DECR_LEN(dsize, 20); @@ -863,7 +863,7 @@ int _gnutls_proc_openpgp_server_certificate(gnutls_session session, } else { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } /* ok we now have the peer's key in tmp datum diff --git a/lib/ext_server_name.c b/lib/ext_server_name.c index 4855f868c1..8add6850af 100644 --- a/lib/ext_server_name.c +++ b/lib/ext_server_name.c @@ -175,7 +175,7 @@ int _gnutls_server_name_send_params(gnutls_session session, opaque * data, break; default: gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } } } diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index a52c2de627..b871f851e8 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -130,6 +130,10 @@ static gnutls_error_entry error_algorithms[] = { ERROR_ENTRY("The SRP username supplied by the peer is illegal.", GNUTLS_E_ILLEGAL_SRP_USERNAME, 1), ERROR_ENTRY("The peer advertized SRP but did not supply any SRP username.", GNUTLS_E_EMPTY_SRP_USERNAME, 1), + + ERROR_ENTRY("The OpenPGP fingerprint is not supported.", GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED, 1), + ERROR_ENTRY("The certificate has unsupported attributes.", GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE, 1), + ERROR_ENTRY("The hash algorithm is unknown.", GNUTLS_E_UNKNOWN_HASH_ALGORITHM, 1), {0, 0, 0, 0} }; diff --git a/lib/gnutls_errors_int.h b/lib/gnutls_errors_int.h index f87b4de61d..30aa175b9c 100644 --- a/lib/gnutls_errors_int.h +++ b/lib/gnutls_errors_int.h @@ -40,8 +40,6 @@ #define GNUTLS_E_GOT_APPLICATION_DATA -38 #define GNUTLS_E_RECORD_LIMIT_REACHED -39 #define GNUTLS_E_ENCRYPTION_FAILED -40 -#define GNUTLS_E_CERTIFICATE_ERROR -43 -#define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR #define GNUTLS_E_PK_ENCRYPTION_FAILED -44 #define GNUTLS_E_PK_DECRYPTION_FAILED -45 @@ -59,26 +57,11 @@ #define GNUTLS_E_PKCS1_WRONG_PAD -57 #define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58 #define GNUTLS_E_INTERNAL_ERROR -59 -#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60 -#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ -#define GNUTLS_E_X509_UNKNOWN_SAN -62 #define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63 #define GNUTLS_E_FILE_ERROR -64 -#define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67 -#define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68 -#define GNUTLS_E_ASN1_DER_ERROR -69 -#define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70 -#define GNUTLS_E_ASN1_GENERIC_ERROR -71 -#define GNUTLS_E_ASN1_VALUE_NOT_VALID -72 -#define GNUTLS_E_ASN1_TAG_ERROR -73 -#define GNUTLS_E_ASN1_TAG_IMPLICIT -74 -#define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75 -#define GNUTLS_E_ASN1_SYNTAX_ERROR -76 -#define GNUTLS_E_ASN1_DER_OVERFLOW -77 #define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78 -#define GNUTLS_E_OPENPGP_UID_REVOKED -79 #define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80 -#define GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED -81 + /* returned if libextra functionality was requested but * gnutls_global_init_extra() was not called. @@ -104,6 +87,30 @@ #define GNUTLS_E_EMPTY_SRP_USERNAME -92 #define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93 +/* For certificate and key stuff + */ +#define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67 +#define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68 +#define GNUTLS_E_ASN1_DER_ERROR -69 +#define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70 +#define GNUTLS_E_ASN1_GENERIC_ERROR -71 +#define GNUTLS_E_ASN1_VALUE_NOT_VALID -72 +#define GNUTLS_E_ASN1_TAG_ERROR -73 +#define GNUTLS_E_ASN1_TAG_IMPLICIT -74 +#define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75 +#define GNUTLS_E_ASN1_SYNTAX_ERROR -76 +#define GNUTLS_E_ASN1_DER_OVERFLOW -77 +#define GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED -81 +#define GNUTLS_E_OPENPGP_UID_REVOKED -79 +#define GNUTLS_E_CERTIFICATE_ERROR -43 +#define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR +#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60 +#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ +#define GNUTLS_E_X509_UNKNOWN_SAN -62 +#define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94 +#define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95 +#define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96 + #define GNUTLS_E_UNIMPLEMENTED_FEATURE -250 /* _INT_ internal errors. Not exported */ diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 0e0a170632..17cb8946dc 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -52,7 +52,7 @@ int _gnutls_session_pack(gnutls_session session, gnutls_datum * packed_session) if (packed_session==NULL) { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } @@ -127,7 +127,7 @@ int _gnutls_session_pack(gnutls_session session, gnutls_datum * packed_session) } break; default: - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } @@ -183,7 +183,7 @@ int _gnutls_session_unpack(gnutls_session session, if (packed_session==NULL || packed_session->size == 0) { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } if (session->key->auth_info != NULL) { @@ -287,7 +287,7 @@ int _gnutls_session_unpack(gnutls_session session, break; default: gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index f13ca6372a..277db2aacc 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -199,7 +199,7 @@ int ret; break; default: gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; break; } @@ -260,7 +260,7 @@ int _gnutls_pkcs1_rsa_verify_sig( gnutls_cert *cert, const gnutls_datum *hash_co default: gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } diff --git a/lib/x509/crl.c b/lib/x509/crl.c index 56d9fe2238..d89acacb2e 100644 --- a/lib/x509/crl.c +++ b/lib/x509/crl.c @@ -165,7 +165,7 @@ int gnutls_x509_crl_import(gnutls_x509_crl crl, const gnutls_datum * data, if (len % 8 != 0) { gnutls_assert(); - result = GNUTLS_E_UNIMPLEMENTED_FEATURE; + result = GNUTLS_E_CERTIFICATE_ERROR; goto cleanup; } diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 528d3e733a..c0c7e7d377 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -204,7 +204,7 @@ int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq crq, const char* oid, /* Parses an Attribute list in the asn1_struct, and searches for the * given OID. The index indicates the attribute value to be returned. * - * Only printable data are returned, or GNUTLS_E_UNIMPLEMENTED_FEATURE. + * Only printable data are returned, or GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE. * * asn1_attr_name must be a string in the form "certificationRequestInfo.attributes" * @@ -326,7 +326,7 @@ static int parse_attribute(ASN1_TYPE asn1_struct, return 0; } else { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE; } } @@ -417,7 +417,7 @@ uint8 null = version; * @key: holds a private key * * This function will set the public parameters from the given private key to the - * request. + * request. Only RSA keys are currently supported. * * On success zero is returned. * @@ -436,7 +436,7 @@ int der_size, result; pk = _gnutls_x509_pk2oid( key->pk_algorithm); if (pk == NULL) { gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; + return GNUTLS_E_UNKNOWN_PK_ALGORITHM; } /* write the RSA OID diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index abd5a27b61..3793712956 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -350,7 +350,7 @@ int len, result; *ret = _gnutls_read_uint32(tmpstr); else { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_INTERNAL_ERROR; } return 0; diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 4dc64b4ae8..fd5d54a3d4 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -808,7 +808,8 @@ static int _encode_rsa( ASN1_TYPE* c2, MPI* params) * @flags: unused for now. Must be 0. * * This function will generate a random private key. Note that - * this function must be called on an empty private key. + * this function must be called on an empty private key. Currently only RSA + * keys can be generated. * * Returns 0 on success or a negative value on error. * diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index c4f2e127b6..0ea0d4e65a 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -291,6 +291,7 @@ static ASN1_TYPE encode_to_pkcs8_key( const gnutls_datum *raw_key, * @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters) * * This function will export the private key to a PKCS8 structure. + * Currently only RSA keys can be exported. * * If the buffer provided is not long enough to hold the output, then * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned. @@ -564,6 +565,7 @@ static ASN1_TYPE decode_private_key_info( const gnutls_datum* der, gnutls_x509_p * * This function will convert the given DER or PEM encoded PKCS8 2.0 encrypted key * to the native gnutls_x509_privkey format. The output will be stored in 'key'. + * Currently only RSA keys can be imported. * * If the Certificate is PEM encoded it should have a header of "ENCRYPTED PRIVATE KEY", * or "PRIVATE KEY". You only need to specify the flags if the key is DER encoded. diff --git a/lib/x509/sign.c b/lib/x509/sign.c index 2c878b88b1..5ce6918645 100644 --- a/lib/x509/sign.c +++ b/lib/x509/sign.c @@ -52,7 +52,7 @@ const char* algo; algo = _gnutls_x509_mac2oid( hash); if (algo == NULL) { gnutls_assert(); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_UNKNOWN_PK_ALGORITHM; } if ((result=asn1_create_element( _gnutls_get_gnutls_asn(), diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 60d28ea0e2..071def4f86 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -397,7 +397,7 @@ int len; gnutls_assert(); asn1_delete_structure(&dinfo); - return GNUTLS_E_UNIMPLEMENTED_FEATURE; + return GNUTLS_E_UNKNOWN_HASH_ALGORITHM; } result = diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 0df385b2cd..7a8dcf3910 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -224,7 +224,7 @@ int gnutls_x509_crt_import(gnutls_x509_crt cert, const gnutls_datum * data, if (len % 8 != 0) { gnutls_assert(); - result = GNUTLS_E_UNIMPLEMENTED_FEATURE; + result = GNUTLS_E_CERTIFICATE_ERROR; goto cleanup; } |