error.c 37.2 KB
Newer Older
1 2 3
/*
 *  Error message information
 *
Manuel Pégourié-Gonnard's avatar
Manuel Pégourié-Gonnard committed
4
 *  Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
5
 *
6
 *  This file is part of mbed TLS (https://tls.mbed.org)
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

23
#if !defined(POLARSSL_CONFIG_FILE)
24
#include "mbedtls/config.h"
25 26 27
#else
#include POLARSSL_CONFIG_FILE
#endif
28

29
#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY)
30
#include "mbedtls/error.h"
31
#include <string.h>
32 33
#endif

34
#if defined(POLARSSL_PLATFORM_C)
35
#include "mbedtls/platform.h"
36 37
#else
#define polarssl_snprintf snprintf
38 39 40
#endif

#if defined(POLARSSL_ERROR_C)
41

42 43
#include <stdio.h>

44
#if defined(POLARSSL_AES_C)
45
#include "mbedtls/aes.h"
46 47 48
#endif

#if defined(POLARSSL_BASE64_C)
49
#include "mbedtls/base64.h"
50 51 52
#endif

#if defined(POLARSSL_BIGNUM_C)
53
#include "mbedtls/bignum.h"
54 55
#endif

56
#if defined(POLARSSL_BLOWFISH_C)
57
#include "mbedtls/blowfish.h"
58 59
#endif

60
#if defined(POLARSSL_CAMELLIA_C)
61
#include "mbedtls/camellia.h"
62 63
#endif

64
#if defined(POLARSSL_CCM_C)
65
#include "mbedtls/ccm.h"
66 67
#endif

68
#if defined(POLARSSL_CIPHER_C)
69
#include "mbedtls/cipher.h"
70 71
#endif

72
#if defined(POLARSSL_CTR_DRBG_C)
73
#include "mbedtls/ctr_drbg.h"
74 75
#endif

76
#if defined(POLARSSL_DES_C)
77
#include "mbedtls/des.h"
78 79 80
#endif

#if defined(POLARSSL_DHM_C)
81
#include "mbedtls/dhm.h"
82 83
#endif

Paul Bakker's avatar
Paul Bakker committed
84
#if defined(POLARSSL_ECP_C)
85
#include "mbedtls/ecp.h"
Paul Bakker's avatar
Paul Bakker committed
86 87
#endif

88
#if defined(POLARSSL_ENTROPY_C)
89
#include "mbedtls/entropy.h"
90 91
#endif

92
#if defined(POLARSSL_GCM_C)
93
#include "mbedtls/gcm.h"
94 95
#endif

96
#if defined(POLARSSL_HMAC_DRBG_C)
97
#include "mbedtls/hmac_drbg.h"
98 99
#endif

100
#if defined(POLARSSL_MD_C)
101
#include "mbedtls/md.h"
102 103
#endif

104
#if defined(POLARSSL_MD2_C)
105
#include "mbedtls/md2.h"
106 107 108
#endif

#if defined(POLARSSL_MD4_C)
109
#include "mbedtls/md4.h"
110 111 112
#endif

#if defined(POLARSSL_MD5_C)
113
#include "mbedtls/md5.h"
114 115
#endif

116
#if defined(POLARSSL_NET_C)
117
#include "mbedtls/net.h"
118 119
#endif

120
#if defined(POLARSSL_OID_C)
121
#include "mbedtls/oid.h"
122 123
#endif

124
#if defined(POLARSSL_PADLOCK_C)
125
#include "mbedtls/padlock.h"
126 127
#endif

128
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
129
#include "mbedtls/pem.h"
130 131
#endif

132
#if defined(POLARSSL_PK_C)
133
#include "mbedtls/pk.h"
134 135
#endif

136
#if defined(POLARSSL_PKCS12_C)
137
#include "mbedtls/pkcs12.h"
138 139
#endif

140
#if defined(POLARSSL_PKCS5_C)
141
#include "mbedtls/pkcs5.h"
142 143
#endif

144
#if defined(POLARSSL_RIPEMD160_C)
145
#include "mbedtls/ripemd160.h"
146 147
#endif

148
#if defined(POLARSSL_RSA_C)
149
#include "mbedtls/rsa.h"
150 151
#endif

152
#if defined(POLARSSL_SHA1_C)
153
#include "mbedtls/sha1.h"
154 155
#endif

156
#if defined(POLARSSL_SHA256_C)
157
#include "mbedtls/sha256.h"
158 159
#endif

160
#if defined(POLARSSL_SHA512_C)
161
#include "mbedtls/sha512.h"
162 163
#endif

164
#if defined(POLARSSL_SSL_TLS_C)
165
#include "mbedtls/ssl.h"
166 167
#endif

168
#if defined(POLARSSL_THREADING_C)
169
#include "mbedtls/threading.h"
170 171
#endif

172
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
173
#include "mbedtls/x509.h"
174 175 176
#endif

#if defined(POLARSSL_XTEA_C)
177
#include "mbedtls/xtea.h"
178 179
#endif

180 181
#if defined(_MSC_VER) && !defined  snprintf && !defined(EFIX64) && \
    !defined(EFI32)
182 183 184
#define  snprintf  _snprintf
#endif

185
void polarssl_strerror( int ret, char *buf, size_t buflen )
186 187 188 189
{
    size_t len;
    int use_ret;

190 191 192
    if( buflen == 0 )
        return;

193
    memset( buf, 0x00, buflen );
194 195 196
    /* Reduce buflen to make sure MSVC _snprintf() ends with \0 as well */
    buflen -= 1;

197 198 199 200 201 202 203 204 205
    if( ret < 0 )
        ret = -ret;

    if( ret & 0xFF80 )
    {
        use_ret = ret & 0xFF80;

        // High level error codes
        //
206
        // BEGIN generated code
207 208
#if defined(POLARSSL_CIPHER_C)
        if( use_ret == -(POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE) )
209
            polarssl_snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
210
        if( use_ret == -(POLARSSL_ERR_CIPHER_BAD_INPUT_DATA) )
211
            polarssl_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" );
212
        if( use_ret == -(POLARSSL_ERR_CIPHER_ALLOC_FAILED) )
213
            polarssl_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
214
        if( use_ret == -(POLARSSL_ERR_CIPHER_INVALID_PADDING) )
215
            polarssl_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" );
216
        if( use_ret == -(POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED) )
217
            polarssl_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" );
218
        if( use_ret == -(POLARSSL_ERR_CIPHER_AUTH_FAILED) )
219
            polarssl_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
220 221
#endif /* POLARSSL_CIPHER_C */

222 223
#if defined(POLARSSL_DHM_C)
        if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) )
224
            polarssl_snprintf( buf, buflen, "DHM - Bad input parameters to function" );
225
        if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) )
226
            polarssl_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
227
        if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) )
228
            polarssl_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" );
229
        if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) )
230
            polarssl_snprintf( buf, buflen, "DHM - Reading of the public values failed" );
231
        if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) )
232
            polarssl_snprintf( buf, buflen, "DHM - Making of the public value failed" );
233
        if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) )
234
            polarssl_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" );
235
        if( use_ret == -(POLARSSL_ERR_DHM_INVALID_FORMAT) )
236
            polarssl_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" );
237
        if( use_ret == -(POLARSSL_ERR_DHM_MALLOC_FAILED) )
238
            polarssl_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
239
        if( use_ret == -(POLARSSL_ERR_DHM_FILE_IO_ERROR) )
240
            polarssl_snprintf( buf, buflen, "DHM - Read/write of file failed" );
241 242
#endif /* POLARSSL_DHM_C */

Paul Bakker's avatar
Paul Bakker committed
243 244
#if defined(POLARSSL_ECP_C)
        if( use_ret == -(POLARSSL_ERR_ECP_BAD_INPUT_DATA) )
245
            polarssl_snprintf( buf, buflen, "ECP - Bad input parameters to function" );
246
        if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) )
247
            polarssl_snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
Paul Bakker's avatar
Paul Bakker committed
248
        if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) )
249
            polarssl_snprintf( buf, buflen, "ECP - Requested curve not available" );
250
        if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) )
251
            polarssl_snprintf( buf, buflen, "ECP - The signature is not valid" );
252
        if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) )
253
            polarssl_snprintf( buf, buflen, "ECP - Memory allocation failed" );
254
        if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) )
255
            polarssl_snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
256
        if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
257
            polarssl_snprintf( buf, buflen, "ECP - Invalid private or public key" );
258
        if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) )
259
            polarssl_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
Paul Bakker's avatar
Paul Bakker committed
260 261
#endif /* POLARSSL_ECP_C */

262 263
#if defined(POLARSSL_MD_C)
        if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) )
264
            polarssl_snprintf( buf, buflen, "MD - The selected feature is not available" );
265
        if( use_ret == -(POLARSSL_ERR_MD_BAD_INPUT_DATA) )
266
            polarssl_snprintf( buf, buflen, "MD - Bad input parameters to function" );
267
        if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) )
268
            polarssl_snprintf( buf, buflen, "MD - Failed to allocate memory" );
269
        if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) )
270
            polarssl_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
271 272
#endif /* POLARSSL_MD_C */

273
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
274
        if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT) )
275
            polarssl_snprintf( buf, buflen, "PEM - No PEM header or footer found" );
276
        if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) )
277
            polarssl_snprintf( buf, buflen, "PEM - PEM string is not as expected" );
278
        if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) )
279
            polarssl_snprintf( buf, buflen, "PEM - Failed to allocate memory" );
280
        if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) )
281
            polarssl_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" );
282
        if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) )
283
            polarssl_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" );
284
        if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) )
285
            polarssl_snprintf( buf, buflen, "PEM - Private key password can't be empty" );
286
        if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) )
287
            polarssl_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" );
288
        if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) )
289
            polarssl_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" );
290
        if( use_ret == -(POLARSSL_ERR_PEM_BAD_INPUT_DATA) )
291
            polarssl_snprintf( buf, buflen, "PEM - Bad input parameters to function" );
292
#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */
293

294 295
#if defined(POLARSSL_PK_C)
        if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) )
296
            polarssl_snprintf( buf, buflen, "PK - Memory alloation failed" );
297
        if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) )
298
            polarssl_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
Manuel Pégourié-Gonnard's avatar
Manuel Pégourié-Gonnard committed
299
        if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) )
300
            polarssl_snprintf( buf, buflen, "PK - Bad input parameters to function" );
301
        if( use_ret == -(POLARSSL_ERR_PK_FILE_IO_ERROR) )
302
            polarssl_snprintf( buf, buflen, "PK - Read/write of file failed" );
303
        if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_VERSION) )
304
            polarssl_snprintf( buf, buflen, "PK - Unsupported key version" );
305
        if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_FORMAT) )
306
            polarssl_snprintf( buf, buflen, "PK - Invalid key tag or value" );
307
        if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_PK_ALG) )
308
            polarssl_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" );
309
        if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_REQUIRED) )
310
            polarssl_snprintf( buf, buflen, "PK - Private key password can't be empty" );
311
        if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_MISMATCH) )
312
            polarssl_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" );
313
        if( use_ret == -(POLARSSL_ERR_PK_INVALID_PUBKEY) )
314
            polarssl_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" );
315
        if( use_ret == -(POLARSSL_ERR_PK_INVALID_ALG) )
316
            polarssl_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" );
317
        if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE) )
318
            polarssl_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" );
319
        if( use_ret == -(POLARSSL_ERR_PK_FEATURE_UNAVAILABLE) )
320
            polarssl_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
321
        if( use_ret == -(POLARSSL_ERR_PK_SIG_LEN_MISMATCH) )
322
            polarssl_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
323 324
#endif /* POLARSSL_PK_C */

325 326
#if defined(POLARSSL_PKCS12_C)
        if( use_ret == -(POLARSSL_ERR_PKCS12_BAD_INPUT_DATA) )
327
            polarssl_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" );
328
        if( use_ret == -(POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE) )
329
            polarssl_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
330
        if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) )
331
            polarssl_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
332
        if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) )
333
            polarssl_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" );
334 335
#endif /* POLARSSL_PKCS12_C */

336 337
#if defined(POLARSSL_PKCS5_C)
        if( use_ret == -(POLARSSL_ERR_PKCS5_BAD_INPUT_DATA) )
338
            polarssl_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" );
339
        if( use_ret == -(POLARSSL_ERR_PKCS5_INVALID_FORMAT) )
340
            polarssl_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" );
341
        if( use_ret == -(POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE) )
342
            polarssl_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" );
343
        if( use_ret == -(POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH) )
344
            polarssl_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" );
345 346
#endif /* POLARSSL_PKCS5_C */

347 348
#if defined(POLARSSL_RSA_C)
        if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) )
349
            polarssl_snprintf( buf, buflen, "RSA - Bad input parameters to function" );
350
        if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) )
351
            polarssl_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" );
352
        if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) )
353
            polarssl_snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
354
        if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) )
355
            polarssl_snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" );
356
        if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) )
357
            polarssl_snprintf( buf, buflen, "RSA - The public key operation failed" );
358
        if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) )
359
            polarssl_snprintf( buf, buflen, "RSA - The private key operation failed" );
360
        if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) )
361
            polarssl_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" );
362
        if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) )
363
            polarssl_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
364
        if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) )
365
            polarssl_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
366 367
#endif /* POLARSSL_RSA_C */

368
#if defined(POLARSSL_SSL_TLS_C)
369
        if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) )
370
            polarssl_snprintf( buf, buflen, "SSL - The requested feature is not available" );
371
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) )
372
            polarssl_snprintf( buf, buflen, "SSL - Bad input parameters to function" );
373
        if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) )
374
            polarssl_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" );
375
        if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) )
376
            polarssl_snprintf( buf, buflen, "SSL - An invalid SSL record was received" );
377
        if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) )
378
            polarssl_snprintf( buf, buflen, "SSL - The connection indicated an EOF" );
379
        if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) )
380
            polarssl_snprintf( buf, buflen, "SSL - An unknown cipher was received" );
381
        if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) )
382
            polarssl_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
383
        if( use_ret == -(POLARSSL_ERR_SSL_NO_RNG) )
384
            polarssl_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" );
385
        if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) )
386
            polarssl_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
387
        if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) )
388
            polarssl_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" );
389
        if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) )
390
            polarssl_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" );
391
        if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) )
392
            polarssl_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" );
393
        if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) )
394
            polarssl_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" );
395
        if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) )
396
            polarssl_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" );
397
        if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) )
398
        {
399
            polarssl_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" );
400 401
            return;
        }
402
        if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) )
403
            polarssl_snprintf( buf, buflen, "SSL - Verification of our peer failed" );
404
        if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) )
405
            polarssl_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" );
406
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) )
407
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" );
408
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) )
409
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" );
410
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) )
411
            polarssl_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" );
412
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) )
413
            polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" );
414
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) )
415
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" );
416
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) )
417
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" );
418
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) )
419
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" );
420
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) )
421
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" );
422
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) )
423
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" );
424
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) )
425
            polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" );
426
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) )
427
            polarssl_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
428
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) )
429
            polarssl_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
430
        if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) )
431
            polarssl_snprintf( buf, buflen, "SSL - Memory allocation failed" );
432
        if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FAILED) )
433
            polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" );
434
        if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH) )
435
            polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" );
436
        if( use_ret == -(POLARSSL_ERR_SSL_COMPRESSION_FAILED) )
437
            polarssl_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" );
438
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION) )
439
            polarssl_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" );
440
        if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) )
441
            polarssl_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" );
442
        if( use_ret == -(POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED) )
443
            polarssl_snprintf( buf, buflen, "SSL - Session ticket has expired" );
444
        if( use_ret == -(POLARSSL_ERR_SSL_PK_TYPE_MISMATCH) )
445
            polarssl_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" );
Paul Bakker's avatar
Paul Bakker committed
446
        if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_IDENTITY) )
447
            polarssl_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" );
448
        if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) )
449
            polarssl_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
450
        if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) )
451
            polarssl_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
452
        if( use_ret == -(POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) )
453
            polarssl_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" );
454
        if( use_ret == -(POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED) )
455
            polarssl_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" );
456
        if( use_ret == -(POLARSSL_ERR_SSL_BUFFER_TOO_SMALL) )
457
            polarssl_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" );
458
        if( use_ret == -(POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE) )
459
            polarssl_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" );
460
#endif /* POLARSSL_SSL_TLS_C */
461

462
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
463
        if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) )
464
            polarssl_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
465
        if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_OID) )
466
            polarssl_snprintf( buf, buflen, "X509 - Requested OID is unknown" );
467
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_FORMAT) )
468
            polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" );
469
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_VERSION) )
470
            polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" );
471
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_SERIAL) )
472
            polarssl_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" );
473
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_ALG) )
474
            polarssl_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" );
475
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_NAME) )
476
            polarssl_snprintf( buf, buflen, "X509 - The name tag or value is invalid" );
477
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_DATE) )
478
            polarssl_snprintf( buf, buflen, "X509 - The date tag or value is invalid" );
479
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_SIGNATURE) )
480
            polarssl_snprintf( buf, buflen, "X509 - The signature tag or value invalid" );
481
        if( use_ret == -(POLARSSL_ERR_X509_INVALID_EXTENSIONS) )
482
            polarssl_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" );
483
        if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_VERSION) )
484
            polarssl_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" );
485
        if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_SIG_ALG) )
486
            polarssl_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" );
487
        if( use_ret == -(POLARSSL_ERR_X509_SIG_MISMATCH) )
488
            polarssl_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::x509_crt sig_oid)" );
489
        if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) )
490
            polarssl_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
491
        if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) )
492
            polarssl_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
493
        if( use_ret == -(POLARSSL_ERR_X509_BAD_INPUT_DATA) )
494
            polarssl_snprintf( buf, buflen, "X509 - Input invalid" );
495
        if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) )
496
            polarssl_snprintf( buf, buflen, "X509 - Allocation of memory failed" );
497
        if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) )
498
            polarssl_snprintf( buf, buflen, "X509 - Read/write of file failed" );
499
#endif /* POLARSSL_X509_USE,X509_CREATE_C */
500
        // END generated code
501

502
        if( strlen( buf ) == 0 )
503
            polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520
    }

    use_ret = ret & ~0xFF80;

    if( use_ret == 0 )
        return;

    // If high level code is present, make a concatenation between both
    // error strings.
    //
    len = strlen( buf );

    if( len > 0 )
    {
        if( buflen - len < 5 )
            return;

521
        polarssl_snprintf( buf + len, buflen - len, " : " );
522 523 524 525 526 527 528

        buf += len + 3;
        buflen -= len + 3;
    }

    // Low level error codes
    //
529
    // BEGIN generated code
530 531
#if defined(POLARSSL_AES_C)
    if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) )
532
        polarssl_snprintf( buf, buflen, "AES - Invalid key length" );
533
    if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) )
534
        polarssl_snprintf( buf, buflen, "AES - Invalid data input length" );
535 536
#endif /* POLARSSL_AES_C */

537 538
#if defined(POLARSSL_ASN1_PARSE_C)
    if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) )
539
        polarssl_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
540
    if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) )
541
        polarssl_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" );
542
    if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) )
543
        polarssl_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" );
544
    if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) )
545
        polarssl_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
546
    if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) )
547
        polarssl_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
548
    if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) )
549
        polarssl_snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
550
    if( use_ret == -(POLARSSL_ERR_ASN1_BUF_TOO_SMALL) )
551
        polarssl_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" );
552 553
#endif /* POLARSSL_ASN1_PARSE_C */

554 555
#if defined(POLARSSL_BASE64_C)
    if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) )
556
        polarssl_snprintf( buf, buflen, "BASE64 - Output buffer too small" );
557
    if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) )
558
        polarssl_snprintf( buf, buflen, "BASE64 - Invalid character in input" );
559 560 561 562
#endif /* POLARSSL_BASE64_C */

#if defined(POLARSSL_BIGNUM_C)
    if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) )
563
        polarssl_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" );
564
    if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) )
565
        polarssl_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" );
566
    if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) )
567
        polarssl_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
568
    if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) )
569
        polarssl_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
570
    if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) )
571
        polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
572
    if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) )
573
        polarssl_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
574
    if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) )
575
        polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
576
    if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) )
577
        polarssl_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
578
#endif /* POLARSSL_BIGNUM_C */
579 580 581

#if defined(POLARSSL_BLOWFISH_C)