From 1651d4eeae64ee265e56973bc8b0184373489762 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 13 Nov 2024 01:15:28 -0600 Subject: [PATCH] add second wolfCrypt error code span, and add DEADLOCK_AVERTED_E. --- src/internal.c | 6 ++++-- src/ssl.c | 10 ++++++---- tests/api.c | 12 ++++++------ wolfcrypt/src/error.c | 7 +++++-- wolfcrypt/test/test.c | 6 ++++-- wolfssl/error-ssl.h | 4 ++++ wolfssl/wolfcrypt/error-crypt.h | 18 ++++++++++++++---- 7 files changed, 43 insertions(+), 20 deletions(-) diff --git a/src/internal.c b/src/internal.c index fc0139e2ee..4fc5190be6 100644 --- a/src/internal.c +++ b/src/internal.c @@ -25672,7 +25672,9 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e) } /* pass to wolfCrypt */ - if (error <= WC_FIRST_E && error >= WC_LAST_E) { + if ((error <= WC_SPAN1_FIRST_E && error >= WC_SPAN1_LAST_E) || + (error <= WC_SPAN2_FIRST_E && error >= WC_SPAN2_LAST_E)) + { return wc_GetErrorString(error); } @@ -25684,7 +25686,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e) #endif } - switch ((enum wolfSSL_ErrorCodes)error) { + switch ((enum wolfSSL_ErrorCodes)error) { /* // NOLINT(clang-analyzer-optin.core.EnumCastOutOfRange) */ case UNSUPPORTED_SUITE : return "unsupported cipher suite"; diff --git a/src/ssl.c b/src/ssl.c index bf204d373e..acd1fdac9a 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5659,12 +5659,13 @@ static int wolfSSL_RAND_InitMutex(void); #if WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS #ifndef WOLFSSL_ATOMIC_OPS - #error WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS with !WOLFSSL_MUTEX_INITIALIZER requires WOLFSSL_ATOMIC_OPS + #error WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS requires WOLFSSL_ATOMIC_OPS #endif #ifndef WOLFSSL_ATOMIC_INITIALIZER - #error WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS with !WOLFSSL_MUTEX_INITIALIZER requires WOLFSSL_ATOMIC_INITIALIZER + #error WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS requires WOLFSSL_ATOMIC_INITIALIZER #endif - static wolfSSL_Atomic_Int inits_count_mutex_valid2 = WOLFSSL_ATOMIC_INITIALIZER(0); + static wolfSSL_Atomic_Int inits_count_mutex_valid2 = + WOLFSSL_ATOMIC_INITIALIZER(0); #endif /* WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS && !WOLFSSL_MUTEX_INITIALIZER */ #if defined(OPENSSL_EXTRA) && defined(HAVE_ATEXIT) @@ -15776,7 +15777,8 @@ int wolfSSL_ERR_GET_REASON(unsigned long err) ret = 0 - ret; /* setting as negative value */ /* wolfCrypt range is less than MAX (-100) wolfSSL range is MIN (-300) and lower */ - if ((ret <= WC_FIRST_E && ret >= WC_LAST_E) || + if ((ret <= WC_SPAN1_FIRST_E && ret >= WC_SPAN1_LAST_E) || + (ret <= WC_SPAN2_FIRST_E && ret >= WC_SPAN2_LAST_E) || (ret <= WOLFSSL_FIRST_E && ret >= WOLFSSL_LAST_E)) { return ret; diff --git a/tests/api.c b/tests/api.c index 8136bdbc9b..2d58d508ce 100644 --- a/tests/api.c +++ b/tests/api.c @@ -89866,9 +89866,9 @@ static int error_test(void) { -15, -17 }, { -19, -19 }, { -26, -27 }, - { -30, WC_FIRST_E+1 }, + { -30, WC_SPAN1_FIRST_E + 1 }, #else - { -9, WC_FIRST_E+1 }, + { -9, WC_SPAN1_FIRST_E + 1 }, #endif { -124, -124 }, { -166, -169 }, @@ -89879,14 +89879,15 @@ static int error_test(void) { -358, -358 }, { -384, -384 }, { -466, -499 }, - { WOLFSSL_LAST_E-1, WOLFSSL_LAST_E-1 } + { WOLFSSL_LAST_E - 1, WC_SPAN2_FIRST_E + 1 }, + { WC_SPAN2_LAST_E - 1, WC_SPAN2_MIN_CODE_E } }; /* Check that all errors have a string and it's the same through the two * APIs. Check that the values that are not errors map to the unknown * string. */ - for (i = 0; i >= WOLFSSL_LAST_E-1; i--) { + for (i = 0; i >= WC_SPAN2_MIN_CODE_E; i--) { int this_missing = 0; for (j = 0; j < (int)XELEM_CNT(missing); ++j) { if ((i <= missing[j].first) && (i >= missing[j].last)) { @@ -89948,8 +89949,7 @@ static int test_wolfSSL_ERR_strings(void) ExpectNotNull(err = wolfSSL_ERR_func_error_string(WC_NO_ERR_TRACE((word32)UNSUPPORTED_SUITE))); ExpectIntEQ((*err == '\0'), 1); - /* The value -MIN_CODE_E+2 is PEM_R_PROBLEMS_GETTING_PASSWORD. */ - ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-MIN_CODE_E+2)); + ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-WOLFSSL_PEM_R_PROBLEMS_GETTING_PASSWORD_E)); ExpectIntEQ((*err == '\0'), 1); #endif #endif diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c index deedcbe1a6..dd0e449238 100644 --- a/wolfcrypt/src/error.c +++ b/wolfcrypt/src/error.c @@ -642,8 +642,11 @@ const char* wc_GetErrorString(int error) case PBKDF2_KAT_FIPS_E: return "wolfCrypt FIPS PBKDF2 Known Answer Test Failure"; - case MAX_CODE_E: - case MIN_CODE_E: + case DEADLOCK_AVERTED_E: + return "Deadlock averted -- retry the call"; + + case WC_SPAN1_MIN_CODE_E: + case WC_SPAN2_MIN_CODE_E: default: return "unknown error number"; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 5a42966e02..0afb0422e5 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -2777,14 +2777,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void) int last; } missing[] = { { -124, -124 }, - { -166, -169 } + { -166, -169 }, + { WC_SPAN1_LAST_E - 1, WC_SPAN2_FIRST_E + 1 }, + { WC_SPAN2_LAST_E - 1, WC_SPAN2_MIN_CODE_E } }; /* Check that all errors have a string and it's the same through the two * APIs. Check that the values that are not errors map to the unknown * string. */ - for (i = WC_FIRST_E; i >= WC_LAST_E; i--) { + for (i = WC_SPAN1_FIRST_E; i >= WC_SPAN2_MIN_CODE_E; i--) { int this_missing = 0; for (j = 0; j < (int)XELEM_CNT(missing); ++j) { if ((i <= missing[j].first) && (i >= missing[j].last)) { diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h index fe6ee78d04..7cfc4256fa 100644 --- a/wolfssl/error-ssl.h +++ b/wolfssl/error-ssl.h @@ -233,8 +233,12 @@ enum wolfSSL_ErrorCodes { WOLFSSL_EVP_R_PRIVATE_KEY_DECODE_ERROR = -515, WOLFSSL_LAST_E = -515 + + /* codes -1000 to -1999 are reserved for wolfCrypt. */ }; +wc_static_assert(WC_LAST_E <= WOLFSSL_LAST_E); + /* I/O Callback default errors */ enum IOerrors { WOLFSSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */ diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index 3f188f7444..5cf93e34e7 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -47,8 +47,7 @@ enum wolfCrypt_ErrorCodes { * reasons of backward compatibility. */ - MAX_CODE_E = -96, /* errors -97 - -299 */ - WC_FIRST_E = -97, /* errors -97 - -299 */ + WC_SPAN1_FIRST_E = -97, /* errors -97 - -299 */ MP_MEM = -97, /* MP dynamic memory allocation failed. */ MP_VAL = -98, /* MP value passed is not able to be used. */ @@ -290,8 +289,19 @@ enum wolfCrypt_ErrorCodes { SM4_GCM_AUTH_E = -298, /* SM4-GCM Authentication check failure */ SM4_CCM_AUTH_E = -299, /* SM4-CCM Authentication check failure */ - WC_LAST_E = -299, /* Update this to indicate last error */ - MIN_CODE_E = -300 /* errors -2 - -299 */ + WC_SPAN1_LAST_E = -299, + WC_SPAN1_MIN_CODE_E = -300, /* Last usable code in span 1 */ + + WC_SPAN2_FIRST_E = -1000, + + DEADLOCK_AVERTED_E = -1000, /* Deadlock averted -- retry the call */ + + WC_SPAN2_LAST_E = -1000, /* Update to indicate last used error code */ + WC_SPAN2_MIN_CODE_E = -1999, /* Last usable code in span 2 */ + + WC_LAST_E = -1999 /* the last code allocated either here or in + * error-ssl.h + */ /* add new companion error id strings for any new error codes wolfcrypt/src/error.c !!! */