Merge pull request #3209 from aurel32/fix-ecp_double_add_mxz
Fix wrong modulo call in ecp_double_add_mxz
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1e3098c..4d17af8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -135,7 +135,7 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
endif()
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow -Wformat-signedness")
endif()
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
diff --git a/ChangeLog.d/fix-gcc-format-signedness-warnings.txt b/ChangeLog.d/fix-gcc-format-signedness-warnings.txt
new file mode 100644
index 0000000..023d15c
--- /dev/null
+++ b/ChangeLog.d/fix-gcc-format-signedness-warnings.txt
@@ -0,0 +1,3 @@
+Changes
+ * Fix warnings about signedness issues in format strings. The build is now
+ clean of -Wformat-signedness warnings. Contributed by Kenneth Soerensen in #3153.
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 82b0188..2fb86c7 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -127,6 +127,36 @@
*/
void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
+/**
+ * \brief Translate the high-level part of an Mbed TLS error code into a string
+ * representation.
+ *
+ * This function returns a const pointer to an un-modifiable string. The caller
+ * must not try to modify the string. It is intended to be used mostly for
+ * logging purposes.
+ *
+ * \param error_code error code
+ *
+ * \return The string representation of the error code, or \c NULL if the error
+ * code is unknown.
+ */
+const char * mbedtls_high_level_strerr( int error_code );
+
+/**
+ * \brief Translate the low-level part of an Mbed TLS error code into a string
+ * representation.
+ *
+ * This function returns a const pointer to an un-modifiable string. The caller
+ * must not try to modify the string. It is intended to be used mostly for
+ * logging purposes.
+ *
+ * \param error_code error code
+ *
+ * \return The string representation of the error code, or \c NULL if the error
+ * code is unknown.
+ */
+const char * mbedtls_low_level_strerr( int error_code );
+
#ifdef __cplusplus
}
#endif
diff --git a/library/aes.c b/library/aes.c
index 604d0f3..962b0b9 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1847,7 +1847,7 @@
mode = i & 1;
if( verbose != 0 )
- mbedtls_printf( " AES-ECB-%3d (%s): ", keybits,
+ mbedtls_printf( " AES-ECB-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( buf, 0, 16 );
@@ -1909,7 +1909,7 @@
mode = i & 1;
if( verbose != 0 )
- mbedtls_printf( " AES-CBC-%3d (%s): ", keybits,
+ mbedtls_printf( " AES-CBC-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( iv , 0, 16 );
@@ -1984,7 +1984,7 @@
mode = i & 1;
if( verbose != 0 )
- mbedtls_printf( " AES-CFB128-%3d (%s): ", keybits,
+ mbedtls_printf( " AES-CFB128-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, aes_test_cfb128_iv, 16 );
@@ -2047,7 +2047,7 @@
mode = i & 1;
if( verbose != 0 )
- mbedtls_printf( " AES-OFB-%3d (%s): ", keybits,
+ mbedtls_printf( " AES-OFB-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, aes_test_ofb_iv, 16 );
diff --git a/library/bignum.c b/library/bignum.c
index d53aefd..d56a16e 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2938,7 +2938,7 @@
cleanup:
if( ret != 0 && verbose != 0 )
- mbedtls_printf( "Unexpected error, return code = %08X\n", ret );
+ mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret );
mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X );
mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V );
diff --git a/library/cmac.c b/library/cmac.c
index 642680d..2d23be5 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -784,7 +784,7 @@
for( i = 0; i < num_tests; i++ )
{
if( verbose != 0 )
- mbedtls_printf( " %s CMAC subkey #%u: ", testname, i + 1 );
+ mbedtls_printf( " %s CMAC subkey #%d: ", testname, i + 1 );
mbedtls_cipher_init( &ctx );
@@ -865,7 +865,7 @@
for( i = 0; i < num_tests; i++ )
{
if( verbose != 0 )
- mbedtls_printf( " %s CMAC #%u: ", testname, i + 1 );
+ mbedtls_printf( " %s CMAC #%d: ", testname, i + 1 );
if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
message_lengths[i], output ) ) != 0 )
@@ -900,7 +900,7 @@
for( i = 0; i < NB_PRF_TESTS; i++ )
{
- mbedtls_printf( " AES CMAC 128 PRF #%u: ", i );
+ mbedtls_printf( " AES CMAC 128 PRF #%d: ", i );
ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output );
if( ret != 0 ||
memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 )
diff --git a/library/debug.c b/library/debug.c
index ae78a69..2b25e99 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -132,7 +132,7 @@
return;
mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
- text, ret, -ret );
+ text, ret, (unsigned int) -ret );
debug_send_line( ssl, level, file, line, str );
}
diff --git a/library/ecp.c b/library/ecp.c
index 1456d58..104e1f1 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -3156,7 +3156,7 @@
cleanup:
if( ret < 0 && verbose != 0 )
- mbedtls_printf( "Unexpected error, return code = %08X\n", ret );
+ mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret );
mbedtls_ecp_group_free( &grp );
mbedtls_ecp_point_free( &R );
diff --git a/library/error.c b/library/error.c
index ee9c852..d2f1b18 100644
--- a/library/error.c
+++ b/library/error.c
@@ -213,10 +213,947 @@
#endif
+const char * mbedtls_high_level_strerr( int error_code )
+{
+ int high_level_error_code;
+ const char *error_description = NULL;
+
+ if( error_code < 0 )
+ error_code = -error_code;
+
+ /* Extract the high-level part from the error code. */
+ high_level_error_code = error_code & 0xFF80;
+
+ switch( high_level_error_code )
+ {
+ /* Begin Auto-Generated Code. */
+#if defined(MBEDTLS_CIPHER_C)
+ case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE):
+ error_description = "CIPHER - The selected feature is not available";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA):
+ error_description = "CIPHER - Bad input parameters";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED):
+ error_description = "CIPHER - Failed to allocate memory";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING):
+ error_description = "CIPHER - Input data contains invalid padding and is rejected";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED):
+ error_description = "CIPHER - Decryption of block requires a full block";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED):
+ error_description = "CIPHER - Authentication failed (for AEAD modes)";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT):
+ error_description = "CIPHER - The context is invalid. For example, because it was freed";
+ break;
+ case -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED):
+ error_description = "CIPHER - Cipher hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_DHM_C)
+ case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA):
+ error_description = "DHM - Bad input parameters";
+ break;
+ case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED):
+ error_description = "DHM - Reading of the DHM parameters failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED):
+ error_description = "DHM - Making of the DHM parameters failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED):
+ error_description = "DHM - Reading of the public values failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED):
+ error_description = "DHM - Making of the public value failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED):
+ error_description = "DHM - Calculation of the DHM secret failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_INVALID_FORMAT):
+ error_description = "DHM - The ASN.1 data is not formatted correctly";
+ break;
+ case -(MBEDTLS_ERR_DHM_ALLOC_FAILED):
+ error_description = "DHM - Allocation of memory failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR):
+ error_description = "DHM - Read or write of file failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED):
+ error_description = "DHM - DHM hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED):
+ error_description = "DHM - Setting the modulus and generator failed";
+ break;
+#endif /* MBEDTLS_DHM_C */
+
+#if defined(MBEDTLS_ECP_C)
+ case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA):
+ error_description = "ECP - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL):
+ error_description = "ECP - The buffer is too small to write to";
+ break;
+ case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE):
+ error_description = "ECP - The requested feature is not available, for example, the requested curve is not supported";
+ break;
+ case -(MBEDTLS_ERR_ECP_VERIFY_FAILED):
+ error_description = "ECP - The signature is not valid";
+ break;
+ case -(MBEDTLS_ERR_ECP_ALLOC_FAILED):
+ error_description = "ECP - Memory allocation failed";
+ break;
+ case -(MBEDTLS_ERR_ECP_RANDOM_FAILED):
+ error_description = "ECP - Generation of random value, such as ephemeral key, failed";
+ break;
+ case -(MBEDTLS_ERR_ECP_INVALID_KEY):
+ error_description = "ECP - Invalid private or public key";
+ break;
+ case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH):
+ error_description = "ECP - The buffer contains a valid signature followed by more data";
+ break;
+ case -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED):
+ error_description = "ECP - The ECP hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_ECP_IN_PROGRESS):
+ error_description = "ECP - Operation in progress, call again with the same parameters to continue";
+ break;
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_MD_C)
+ case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE):
+ error_description = "MD - The selected feature is not available";
+ break;
+ case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA):
+ error_description = "MD - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_MD_ALLOC_FAILED):
+ error_description = "MD - Failed to allocate memory";
+ break;
+ case -(MBEDTLS_ERR_MD_FILE_IO_ERROR):
+ error_description = "MD - Opening or reading of file failed";
+ break;
+ case -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED):
+ error_description = "MD - MD hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
+ case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT):
+ error_description = "PEM - No PEM header or footer found";
+ break;
+ case -(MBEDTLS_ERR_PEM_INVALID_DATA):
+ error_description = "PEM - PEM string is not as expected";
+ break;
+ case -(MBEDTLS_ERR_PEM_ALLOC_FAILED):
+ error_description = "PEM - Failed to allocate memory";
+ break;
+ case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV):
+ error_description = "PEM - RSA IV is not in hex-format";
+ break;
+ case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG):
+ error_description = "PEM - Unsupported key encryption algorithm";
+ break;
+ case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED):
+ error_description = "PEM - Private key password can't be empty";
+ break;
+ case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH):
+ error_description = "PEM - Given private key password does not allow for correct decryption";
+ break;
+ case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE):
+ error_description = "PEM - Unavailable feature, e.g. hashing/encryption combination";
+ break;
+ case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA):
+ error_description = "PEM - Bad input parameters to function";
+ break;
+#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
+
+#if defined(MBEDTLS_PK_C)
+ case -(MBEDTLS_ERR_PK_ALLOC_FAILED):
+ error_description = "PK - Memory allocation failed";
+ break;
+ case -(MBEDTLS_ERR_PK_TYPE_MISMATCH):
+ error_description = "PK - Type mismatch, eg attempt to encrypt with an ECDSA key";
+ break;
+ case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA):
+ error_description = "PK - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_PK_FILE_IO_ERROR):
+ error_description = "PK - Read/write of file failed";
+ break;
+ case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION):
+ error_description = "PK - Unsupported key version";
+ break;
+ case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT):
+ error_description = "PK - Invalid key tag or value";
+ break;
+ case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG):
+ error_description = "PK - Key algorithm is unsupported (only RSA and EC are supported)";
+ break;
+ case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED):
+ error_description = "PK - Private key password can't be empty";
+ break;
+ case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH):
+ error_description = "PK - Given private key password does not allow for correct decryption";
+ break;
+ case -(MBEDTLS_ERR_PK_INVALID_PUBKEY):
+ error_description = "PK - The pubkey tag or value is invalid (only RSA and EC are supported)";
+ break;
+ case -(MBEDTLS_ERR_PK_INVALID_ALG):
+ error_description = "PK - The algorithm tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE):
+ error_description = "PK - Elliptic curve is unsupported (only NIST curves are supported)";
+ break;
+ case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE):
+ error_description = "PK - Unavailable feature, e.g. RSA disabled for RSA key";
+ break;
+ case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH):
+ error_description = "PK - The buffer contains a valid signature followed by more data";
+ break;
+ case -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED):
+ error_description = "PK - PK hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+ case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA):
+ error_description = "PKCS12 - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE):
+ error_description = "PKCS12 - Feature not available, e.g. unsupported encryption scheme";
+ break;
+ case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT):
+ error_description = "PKCS12 - PBE ASN.1 data not as expected";
+ break;
+ case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH):
+ error_description = "PKCS12 - Given private key password does not allow for correct decryption";
+ break;
+#endif /* MBEDTLS_PKCS12_C */
+
+#if defined(MBEDTLS_PKCS5_C)
+ case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA):
+ error_description = "PKCS5 - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT):
+ error_description = "PKCS5 - Unexpected ASN.1 data";
+ break;
+ case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE):
+ error_description = "PKCS5 - Requested encryption or digest alg not available";
+ break;
+ case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH):
+ error_description = "PKCS5 - Given private key password does not allow for correct decryption";
+ break;
+#endif /* MBEDTLS_PKCS5_C */
+
+#if defined(MBEDTLS_RSA_C)
+ case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA):
+ error_description = "RSA - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_RSA_INVALID_PADDING):
+ error_description = "RSA - Input data contains invalid padding and is rejected";
+ break;
+ case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED):
+ error_description = "RSA - Something failed during generation of a key";
+ break;
+ case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED):
+ error_description = "RSA - Key failed to pass the validity check of the library";
+ break;
+ case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED):
+ error_description = "RSA - The public key operation failed";
+ break;
+ case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED):
+ error_description = "RSA - The private key operation failed";
+ break;
+ case -(MBEDTLS_ERR_RSA_VERIFY_FAILED):
+ error_description = "RSA - The PKCS#1 verification failed";
+ break;
+ case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE):
+ error_description = "RSA - The output buffer for decryption is not large enough";
+ break;
+ case -(MBEDTLS_ERR_RSA_RNG_FAILED):
+ error_description = "RSA - The random generator failed to generate non-zeros";
+ break;
+ case -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION):
+ error_description = "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality";
+ break;
+ case -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED):
+ error_description = "RSA - RSA hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SSL_TLS_C)
+ case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE):
+ error_description = "SSL - The requested feature is not available";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA):
+ error_description = "SSL - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_SSL_INVALID_MAC):
+ error_description = "SSL - Verification of the message MAC failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_INVALID_RECORD):
+ error_description = "SSL - An invalid SSL record was received";
+ break;
+ case -(MBEDTLS_ERR_SSL_CONN_EOF):
+ error_description = "SSL - The connection indicated an EOF";
+ break;
+ case -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER):
+ error_description = "SSL - An unknown cipher was received";
+ break;
+ case -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN):
+ error_description = "SSL - The server has no ciphersuites in common with the client";
+ break;
+ case -(MBEDTLS_ERR_SSL_NO_RNG):
+ error_description = "SSL - No RNG was provided to the SSL module";
+ break;
+ case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE):
+ error_description = "SSL - No client certification received from the client, but required by the authentication mode";
+ break;
+ case -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE):
+ error_description = "SSL - Our own certificate(s) is/are too large to send in an SSL message";
+ break;
+ case -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED):
+ error_description = "SSL - The own certificate is not set, but needed by the server";
+ break;
+ case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED):
+ error_description = "SSL - The own private key or pre-shared key is not set, but needed";
+ break;
+ case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED):
+ error_description = "SSL - No CA Chain is set, but required to operate";
+ break;
+ case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE):
+ error_description = "SSL - An unexpected message was received from our peer";
+ break;
+ case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE):
+ error_description = "SSL - A fatal alert message was received from our peer";
+ break;
+ case -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED):
+ error_description = "SSL - Verification of our peer failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY):
+ error_description = "SSL - The peer notified us that the connection is going to be closed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO):
+ error_description = "SSL - Processing of the ClientHello handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO):
+ error_description = "SSL - Processing of the ServerHello handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE):
+ error_description = "SSL - Processing of the Certificate handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST):
+ error_description = "SSL - Processing of the CertificateRequest handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE):
+ error_description = "SSL - Processing of the ServerKeyExchange handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE):
+ error_description = "SSL - Processing of the ServerHelloDone handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE):
+ error_description = "SSL - Processing of the ClientKeyExchange handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP):
+ error_description = "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS):
+ error_description = "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY):
+ error_description = "SSL - Processing of the CertificateVerify handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC):
+ error_description = "SSL - Processing of the ChangeCipherSpec handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED):
+ error_description = "SSL - Processing of the Finished handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_ALLOC_FAILED):
+ error_description = "SSL - Memory allocation failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED):
+ error_description = "SSL - Hardware acceleration function returned with error";
+ break;
+ case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH):
+ error_description = "SSL - Hardware acceleration function skipped / left alone data";
+ break;
+ case -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED):
+ error_description = "SSL - Processing of the compression / decompression failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION):
+ error_description = "SSL - Handshake protocol not within min/max boundaries";
+ break;
+ case -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET):
+ error_description = "SSL - Processing of the NewSessionTicket handshake message failed";
+ break;
+ case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED):
+ error_description = "SSL - Session ticket has expired";
+ break;
+ case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH):
+ error_description = "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)";
+ break;
+ case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY):
+ error_description = "SSL - Unknown identity received (eg, PSK identity)";
+ break;
+ case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR):
+ error_description = "SSL - Internal error (eg, unexpected failure in lower-level module)";
+ break;
+ case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING):
+ error_description = "SSL - A counter would wrap (eg, too many messages exchanged)";
+ break;
+ case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO):
+ error_description = "SSL - Unexpected message at ServerHello in renegotiation";
+ break;
+ case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED):
+ error_description = "SSL - DTLS client must retry for hello verification";
+ break;
+ case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL):
+ error_description = "SSL - A buffer is too small to receive or write a message";
+ break;
+ case -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE):
+ error_description = "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)";
+ break;
+ case -(MBEDTLS_ERR_SSL_WANT_READ):
+ error_description = "SSL - No data of requested type currently available on underlying transport";
+ break;
+ case -(MBEDTLS_ERR_SSL_WANT_WRITE):
+ error_description = "SSL - Connection requires a write call";
+ break;
+ case -(MBEDTLS_ERR_SSL_TIMEOUT):
+ error_description = "SSL - The operation timed out";
+ break;
+ case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT):
+ error_description = "SSL - The client initiated a reconnect from the same port";
+ break;
+ case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD):
+ error_description = "SSL - Record header looks valid but is not expected";
+ break;
+ case -(MBEDTLS_ERR_SSL_NON_FATAL):
+ error_description = "SSL - The alert message received indicates a non-fatal error";
+ break;
+ case -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH):
+ error_description = "SSL - Couldn't set the hash for verifying CertificateVerify";
+ break;
+ case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING):
+ error_description = "SSL - Internal-only message signaling that further message-processing should be done";
+ break;
+ case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS):
+ error_description = "SSL - The asynchronous operation is not completed yet";
+ break;
+ case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE):
+ error_description = "SSL - Internal-only message signaling that a message arrived early";
+ break;
+ case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID):
+ error_description = "SSL - An encrypted DTLS-frame with an unexpected CID was received";
+ break;
+ case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH):
+ error_description = "SSL - An operation failed due to an unexpected version or configuration";
+ break;
+ case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS):
+ error_description = "SSL - A cryptographic operation is in progress. Try again later";
+ break;
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+ case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE):
+ error_description = "X509 - Unavailable feature, e.g. RSA hashing/encryption combination";
+ break;
+ case -(MBEDTLS_ERR_X509_UNKNOWN_OID):
+ error_description = "X509 - Requested OID is unknown";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_FORMAT):
+ error_description = "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_VERSION):
+ error_description = "X509 - The CRT/CRL/CSR version element is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_SERIAL):
+ error_description = "X509 - The serial tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_ALG):
+ error_description = "X509 - The algorithm tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_NAME):
+ error_description = "X509 - The name tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_DATE):
+ error_description = "X509 - The date tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE):
+ error_description = "X509 - The signature tag or value invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS):
+ error_description = "X509 - The extension tag or value is invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION):
+ error_description = "X509 - CRT/CRL/CSR has an unsupported version number";
+ break;
+ case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG):
+ error_description = "X509 - Signature algorithm (oid) is unsupported";
+ break;
+ case -(MBEDTLS_ERR_X509_SIG_MISMATCH):
+ error_description = "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)";
+ break;
+ case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED):
+ error_description = "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed";
+ break;
+ case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT):
+ error_description = "X509 - Format not recognized as DER or PEM";
+ break;
+ case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA):
+ error_description = "X509 - Input invalid";
+ break;
+ case -(MBEDTLS_ERR_X509_ALLOC_FAILED):
+ error_description = "X509 - Allocation of memory failed";
+ break;
+ case -(MBEDTLS_ERR_X509_FILE_IO_ERROR):
+ error_description = "X509 - Read/write of file failed";
+ break;
+ case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL):
+ error_description = "X509 - Destination buffer is too small";
+ break;
+ case -(MBEDTLS_ERR_X509_FATAL_ERROR):
+ error_description = "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed";
+ break;
+#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
+ /* End Auto-Generated Code. */
+
+ default:
+ break;
+ }
+
+ return error_description;
+}
+
+const char * mbedtls_low_level_strerr( int error_code )
+{
+ int low_level_error_code;
+ const char *error_description = NULL;
+
+ if( error_code < 0 )
+ error_code = -error_code;
+
+ /* Extract the low-level part from the error code. */
+ low_level_error_code = error_code & ~0xFF80;
+
+ switch( low_level_error_code )
+ {
+ /* Begin Auto-Generated Code. */
+#if defined(MBEDTLS_AES_C)
+ case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH):
+ error_description = "AES - Invalid key length";
+ break;
+ case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH):
+ error_description = "AES - Invalid data input length";
+ break;
+ case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA):
+ error_description = "AES - Invalid input data";
+ break;
+ case -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE):
+ error_description = "AES - Feature not available. For example, an unsupported AES key size";
+ break;
+ case -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED):
+ error_description = "AES - AES hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+ case -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED):
+ error_description = "ARC4 - ARC4 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_ARIA_C)
+ case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA):
+ error_description = "ARIA - Bad input data";
+ break;
+ case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH):
+ error_description = "ARIA - Invalid data input length";
+ break;
+ case -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE):
+ error_description = "ARIA - Feature not available. For example, an unsupported ARIA key size";
+ break;
+ case -(MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED):
+ error_description = "ARIA - ARIA hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+ case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA):
+ error_description = "ASN1 - Out of data when parsing an ASN1 data structure";
+ break;
+ case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG):
+ error_description = "ASN1 - ASN1 tag was of an unexpected value";
+ break;
+ case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH):
+ error_description = "ASN1 - Error when trying to determine the length or invalid length";
+ break;
+ case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH):
+ error_description = "ASN1 - Actual length differs from expected length";
+ break;
+ case -(MBEDTLS_ERR_ASN1_INVALID_DATA):
+ error_description = "ASN1 - Data is invalid";
+ break;
+ case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED):
+ error_description = "ASN1 - Memory allocation failed";
+ break;
+ case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL):
+ error_description = "ASN1 - Buffer too small when writing ASN.1 data structure";
+ break;
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_BASE64_C)
+ case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL):
+ error_description = "BASE64 - Output buffer too small";
+ break;
+ case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER):
+ error_description = "BASE64 - Invalid character in input";
+ break;
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+ case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR):
+ error_description = "BIGNUM - An error occurred while reading from or writing to a file";
+ break;
+ case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA):
+ error_description = "BIGNUM - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER):
+ error_description = "BIGNUM - There is an invalid character in the digit string";
+ break;
+ case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL):
+ error_description = "BIGNUM - The buffer is too small to write to";
+ break;
+ case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE):
+ error_description = "BIGNUM - The input arguments are negative or result in illegal output";
+ break;
+ case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO):
+ error_description = "BIGNUM - The input argument for division is zero, which is not allowed";
+ break;
+ case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE):
+ error_description = "BIGNUM - The input arguments are not acceptable";
+ break;
+ case -(MBEDTLS_ERR_MPI_ALLOC_FAILED):
+ error_description = "BIGNUM - Memory allocation failed";
+ break;
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+ case -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA):
+ error_description = "BLOWFISH - Bad input data";
+ break;
+ case -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH):
+ error_description = "BLOWFISH - Invalid data input length";
+ break;
+ case -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED):
+ error_description = "BLOWFISH - Blowfish hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+ case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA):
+ error_description = "CAMELLIA - Bad input data";
+ break;
+ case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH):
+ error_description = "CAMELLIA - Invalid data input length";
+ break;
+ case -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED):
+ error_description = "CAMELLIA - Camellia hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_CCM_C)
+ case -(MBEDTLS_ERR_CCM_BAD_INPUT):
+ error_description = "CCM - Bad input parameters to the function";
+ break;
+ case -(MBEDTLS_ERR_CCM_AUTH_FAILED):
+ error_description = "CCM - Authenticated decryption failed";
+ break;
+ case -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED):
+ error_description = "CCM - CCM hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+ case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA):
+ error_description = "CHACHA20 - Invalid input parameter(s)";
+ break;
+ case -(MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE):
+ error_description = "CHACHA20 - Feature not available. For example, s part of the API is not implemented";
+ break;
+ case -(MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED):
+ error_description = "CHACHA20 - Chacha20 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE):
+ error_description = "CHACHAPOLY - The requested operation is not permitted in the current state";
+ break;
+ case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED):
+ error_description = "CHACHAPOLY - Authenticated decryption failed: data was not authentic";
+ break;
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+#if defined(MBEDTLS_CMAC_C)
+ case -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED):
+ error_description = "CMAC - CMAC hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED):
+ error_description = "CTR_DRBG - The entropy source failed";
+ break;
+ case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG):
+ error_description = "CTR_DRBG - The requested random buffer length is too big";
+ break;
+ case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG):
+ error_description = "CTR_DRBG - The input (entropy + additional data) is too large";
+ break;
+ case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR):
+ error_description = "CTR_DRBG - Read or write error in file";
+ break;
+#endif /* MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_DES_C)
+ case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH):
+ error_description = "DES - The data input has an invalid length";
+ break;
+ case -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED):
+ error_description = "DES - DES hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ENTROPY_C)
+ case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED):
+ error_description = "ENTROPY - Critical entropy source failure";
+ break;
+ case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES):
+ error_description = "ENTROPY - No more sources can be added";
+ break;
+ case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED):
+ error_description = "ENTROPY - No sources have been added to poll";
+ break;
+ case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE):
+ error_description = "ENTROPY - No strong sources have been added to poll";
+ break;
+ case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR):
+ error_description = "ENTROPY - Read/write error in file";
+ break;
+#endif /* MBEDTLS_ENTROPY_C */
+
+#if defined(MBEDTLS_ERROR_C)
+ case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR):
+ error_description = "ERROR - Generic error";
+ break;
+ case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED):
+ error_description = "ERROR - This is a bug in the library";
+ break;
+#endif /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_GCM_C)
+ case -(MBEDTLS_ERR_GCM_AUTH_FAILED):
+ error_description = "GCM - Authenticated decryption failed";
+ break;
+ case -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED):
+ error_description = "GCM - GCM hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_GCM_BAD_INPUT):
+ error_description = "GCM - Bad input parameters to function";
+ break;
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HKDF_C)
+ case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA):
+ error_description = "HKDF - Bad input parameters to function";
+ break;
+#endif /* MBEDTLS_HKDF_C */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+ case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG):
+ error_description = "HMAC_DRBG - Too many random requested in single call";
+ break;
+ case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG):
+ error_description = "HMAC_DRBG - Input too large (Entropy + additional)";
+ break;
+ case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR):
+ error_description = "HMAC_DRBG - Read/write error in file";
+ break;
+ case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED):
+ error_description = "HMAC_DRBG - The entropy source failed";
+ break;
+#endif /* MBEDTLS_HMAC_DRBG_C */
+
+#if defined(MBEDTLS_MD2_C)
+ case -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED):
+ error_description = "MD2 - MD2 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+ case -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED):
+ error_description = "MD4 - MD4 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+ case -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED):
+ error_description = "MD5 - MD5 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_NET_C)
+ case -(MBEDTLS_ERR_NET_SOCKET_FAILED):
+ error_description = "NET - Failed to open a socket";
+ break;
+ case -(MBEDTLS_ERR_NET_CONNECT_FAILED):
+ error_description = "NET - The connection to the given server / port failed";
+ break;
+ case -(MBEDTLS_ERR_NET_BIND_FAILED):
+ error_description = "NET - Binding of the socket failed";
+ break;
+ case -(MBEDTLS_ERR_NET_LISTEN_FAILED):
+ error_description = "NET - Could not listen on the socket";
+ break;
+ case -(MBEDTLS_ERR_NET_ACCEPT_FAILED):
+ error_description = "NET - Could not accept the incoming connection";
+ break;
+ case -(MBEDTLS_ERR_NET_RECV_FAILED):
+ error_description = "NET - Reading information from the socket failed";
+ break;
+ case -(MBEDTLS_ERR_NET_SEND_FAILED):
+ error_description = "NET - Sending information through the socket failed";
+ break;
+ case -(MBEDTLS_ERR_NET_CONN_RESET):
+ error_description = "NET - Connection was reset by peer";
+ break;
+ case -(MBEDTLS_ERR_NET_UNKNOWN_HOST):
+ error_description = "NET - Failed to get an IP address for the given hostname";
+ break;
+ case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL):
+ error_description = "NET - Buffer is too small to hold the data";
+ break;
+ case -(MBEDTLS_ERR_NET_INVALID_CONTEXT):
+ error_description = "NET - The context is invalid, eg because it was free()ed";
+ break;
+ case -(MBEDTLS_ERR_NET_POLL_FAILED):
+ error_description = "NET - Polling the net context failed";
+ break;
+ case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA):
+ error_description = "NET - Input invalid";
+ break;
+#endif /* MBEDTLS_NET_C */
+
+#if defined(MBEDTLS_OID_C)
+ case -(MBEDTLS_ERR_OID_NOT_FOUND):
+ error_description = "OID - OID is not found";
+ break;
+ case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL):
+ error_description = "OID - output buffer is too small";
+ break;
+#endif /* MBEDTLS_OID_C */
+
+#if defined(MBEDTLS_PADLOCK_C)
+ case -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED):
+ error_description = "PADLOCK - Input data should be aligned";
+ break;
+#endif /* MBEDTLS_PADLOCK_C */
+
+#if defined(MBEDTLS_PLATFORM_C)
+ case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED):
+ error_description = "PLATFORM - Hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED):
+ error_description = "PLATFORM - The requested feature is not supported by the platform";
+ break;
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if defined(MBEDTLS_POLY1305_C)
+ case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA):
+ error_description = "POLY1305 - Invalid input parameter(s)";
+ break;
+ case -(MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE):
+ error_description = "POLY1305 - Feature not available. For example, s part of the API is not implemented";
+ break;
+ case -(MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED):
+ error_description = "POLY1305 - Poly1305 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_POLY1305_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+ case -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED):
+ error_description = "RIPEMD160 - RIPEMD160 hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_SHA1_C)
+ case -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED):
+ error_description = "SHA1 - SHA-1 hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA):
+ error_description = "SHA1 - SHA-1 input data was malformed";
+ break;
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+ case -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED):
+ error_description = "SHA256 - SHA-256 hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA):
+ error_description = "SHA256 - SHA-256 input data was malformed";
+ break;
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+ case -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED):
+ error_description = "SHA512 - SHA-512 hardware accelerator failed";
+ break;
+ case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA):
+ error_description = "SHA512 - SHA-512 input data was malformed";
+ break;
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_THREADING_C)
+ case -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE):
+ error_description = "THREADING - The selected feature is not available";
+ break;
+ case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA):
+ error_description = "THREADING - Bad input parameters to function";
+ break;
+ case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR):
+ error_description = "THREADING - Locking / unlocking / free failed with error code";
+ break;
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_XTEA_C)
+ case -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH):
+ error_description = "XTEA - The data input has an invalid length";
+ break;
+ case -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED):
+ error_description = "XTEA - XTEA hardware accelerator failed";
+ break;
+#endif /* MBEDTLS_XTEA_C */
+ /* End Auto-Generated Code. */
+
+ default:
+ break;
+ }
+
+ return error_description;
+}
+
void mbedtls_strerror( int ret, char *buf, size_t buflen )
{
size_t len;
int use_ret;
+ const char * high_level_error_description = NULL;
+ const char * low_level_error_description = NULL;
if( buflen == 0 )
return;
@@ -230,356 +1167,20 @@
{
use_ret = ret & 0xFF80;
- // High level error codes
- //
- // BEGIN generated code
-#if defined(MBEDTLS_CIPHER_C)
- if( use_ret == -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_PADDING) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_AUTH_FAILED) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
- mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid. For example, because it was freed" );
- if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
-#endif /* MBEDTLS_CIPHER_C */
+ // Translate high level error code.
+ high_level_error_description = mbedtls_high_level_strerr( ret );
-#if defined(MBEDTLS_DHM_C)
- if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
- if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Reading of the public values failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Making of the public value failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_INVALID_FORMAT) )
- mbedtls_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" );
- if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED) )
- mbedtls_snprintf( buf, buflen, "DHM - Setting the modulus and generator failed" );
-#endif /* MBEDTLS_DHM_C */
-
-#if defined(MBEDTLS_ECP_C)
- if( use_ret == -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "ECP - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
- if( use_ret == -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "ECP - The requested feature is not available, for example, the requested curve is not supported" );
- if( use_ret == -(MBEDTLS_ERR_ECP_VERIFY_FAILED) )
- mbedtls_snprintf( buf, buflen, "ECP - The signature is not valid" );
- if( use_ret == -(MBEDTLS_ERR_ECP_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "ECP - Memory allocation failed" );
- if( use_ret == -(MBEDTLS_ERR_ECP_RANDOM_FAILED) )
- mbedtls_snprintf( buf, buflen, "ECP - Generation of random value, such as ephemeral key, failed" );
- if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) )
- mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
- if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" );
- if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "ECP - The ECP hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_ECP_IN_PROGRESS) )
- mbedtls_snprintf( buf, buflen, "ECP - Operation in progress, call again with the same parameters to continue" );
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_MD_C)
- if( use_ret == -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "MD - The selected feature is not available" );
- if( use_ret == -(MBEDTLS_ERR_MD_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "MD - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_MD_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
- if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
- if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
-#endif /* MBEDTLS_MD_C */
-
-#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
- if( use_ret == -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) )
- mbedtls_snprintf( buf, buflen, "PEM - No PEM header or footer found" );
- if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_DATA) )
- mbedtls_snprintf( buf, buflen, "PEM - PEM string is not as expected" );
- if( use_ret == -(MBEDTLS_ERR_PEM_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "PEM - Failed to allocate memory" );
- if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_ENC_IV) )
- mbedtls_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" );
- if( use_ret == -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG) )
- mbedtls_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" );
- if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "PEM - Private key password can't be empty" );
- if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" );
- if( use_ret == -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" );
- if( use_ret == -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "PEM - Bad input parameters to function" );
-#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
-
-#if defined(MBEDTLS_PK_C)
- if( use_ret == -(MBEDTLS_ERR_PK_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "PK - Memory allocation failed" );
- if( use_ret == -(MBEDTLS_ERR_PK_TYPE_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
- if( use_ret == -(MBEDTLS_ERR_PK_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "PK - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_PK_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "PK - Read/write of file failed" );
- if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION) )
- mbedtls_snprintf( buf, buflen, "PK - Unsupported key version" );
- if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT) )
- mbedtls_snprintf( buf, buflen, "PK - Invalid key tag or value" );
- if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG) )
- mbedtls_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" );
- if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "PK - Private key password can't be empty" );
- if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" );
- if( use_ret == -(MBEDTLS_ERR_PK_INVALID_PUBKEY) )
- mbedtls_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" );
- if( use_ret == -(MBEDTLS_ERR_PK_INVALID_ALG) )
- mbedtls_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE) )
- mbedtls_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" );
- if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
- if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PK - The buffer contains a valid signature followed by more data" );
- if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
-#endif /* MBEDTLS_PK_C */
-
-#if defined(MBEDTLS_PKCS12_C)
- if( use_ret == -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
- if( use_ret == -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT) )
- mbedtls_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
- if( use_ret == -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" );
-#endif /* MBEDTLS_PKCS12_C */
-
-#if defined(MBEDTLS_PKCS5_C)
- if( use_ret == -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT) )
- mbedtls_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" );
- if( use_ret == -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" );
- if( use_ret == -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" );
-#endif /* MBEDTLS_PKCS5_C */
-
-#if defined(MBEDTLS_RSA_C)
- if( use_ret == -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "RSA - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_RSA_INVALID_PADDING) )
- mbedtls_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" );
- if( use_ret == -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
- if( use_ret == -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the validity check of the library" );
- if( use_ret == -(MBEDTLS_ERR_RSA_PUBLIC_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - The public key operation failed" );
- if( use_ret == -(MBEDTLS_ERR_RSA_PRIVATE_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - The private key operation failed" );
- if( use_ret == -(MBEDTLS_ERR_RSA_VERIFY_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" );
- if( use_ret == -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) )
- mbedtls_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
- if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
- if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
- mbedtls_snprintf( buf, buflen, "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" );
- if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
-#endif /* MBEDTLS_RSA_C */
+ if( high_level_error_description == NULL )
+ mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
+ else
+ mbedtls_snprintf( buf, buflen, "%s", high_level_error_description );
#if defined(MBEDTLS_SSL_TLS_C)
- if( use_ret == -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "SSL - The requested feature is not available" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "SSL - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_MAC) )
- mbedtls_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_RECORD) )
- mbedtls_snprintf( buf, buflen, "SSL - An invalid SSL record was received" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CONN_EOF) )
- mbedtls_snprintf( buf, buflen, "SSL - The connection indicated an EOF" );
- if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER) )
- mbedtls_snprintf( buf, buflen, "SSL - An unknown cipher was received" );
- if( use_ret == -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN) )
- mbedtls_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
- if( use_ret == -(MBEDTLS_ERR_SSL_NO_RNG) )
- mbedtls_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" );
- if( use_ret == -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE) )
- mbedtls_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE) )
- mbedtls_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" );
- if( use_ret == -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" );
- if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) )
- mbedtls_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" );
- if( use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE) )
- {
- mbedtls_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" );
+ // Early return in case of a fatal error - do not try to translate low
+ // level code.
+ if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE))
return;
- }
- if( use_ret == -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED) )
- mbedtls_snprintf( buf, buflen, "SSL - Verification of our peer failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) )
- mbedtls_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "SSL - Memory allocation failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" );
- if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) )
- mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" );
- if( use_ret == -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) )
- mbedtls_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) )
- mbedtls_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" );
- if( use_ret == -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) )
- mbedtls_snprintf( buf, buflen, "SSL - Session ticket has expired" );
- if( use_ret == -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" );
- if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) )
- mbedtls_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" );
- if( use_ret == -(MBEDTLS_ERR_SSL_INTERNAL_ERROR) )
- mbedtls_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
- if( use_ret == -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING) )
- mbedtls_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
- if( use_ret == -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) )
- mbedtls_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" );
- if( use_ret == -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) )
- mbedtls_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" );
- if( use_ret == -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" );
- if( use_ret == -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) )
- mbedtls_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" );
- if( use_ret == -(MBEDTLS_ERR_SSL_WANT_READ) )
- mbedtls_snprintf( buf, buflen, "SSL - No data of requested type currently available on underlying transport" );
- if( use_ret == -(MBEDTLS_ERR_SSL_WANT_WRITE) )
- mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" );
- if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) )
- mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT) )
- mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" );
- if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) )
- mbedtls_snprintf( buf, buflen, "SSL - Record header looks valid but is not expected" );
- if( use_ret == -(MBEDTLS_ERR_SSL_NON_FATAL) )
- mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" );
- if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) )
- mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) )
- mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that further message-processing should be done" );
- if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) )
- mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" );
- if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) )
- mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" );
- if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_CID) )
- mbedtls_snprintf( buf, buflen, "SSL - An encrypted DTLS-frame with an unexpected CID was received" );
- if( use_ret == -(MBEDTLS_ERR_SSL_VERSION_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "SSL - An operation failed due to an unexpected version or configuration" );
- if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) )
- mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" );
#endif /* MBEDTLS_SSL_TLS_C */
-
-#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
- if( use_ret == -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
- if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_OID) )
- mbedtls_snprintf( buf, buflen, "X509 - Requested OID is unknown" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_FORMAT) )
- mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_VERSION) )
- mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SERIAL) )
- mbedtls_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_ALG) )
- mbedtls_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_NAME) )
- mbedtls_snprintf( buf, buflen, "X509 - The name tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_DATE) )
- mbedtls_snprintf( buf, buflen, "X509 - The date tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SIGNATURE) )
- mbedtls_snprintf( buf, buflen, "X509 - The signature tag or value invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS) )
- mbedtls_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_VERSION) )
- mbedtls_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" );
- if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG) )
- mbedtls_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" );
- if( use_ret == -(MBEDTLS_ERR_X509_SIG_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" );
- if( use_ret == -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) )
- mbedtls_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
- if( use_ret == -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT) )
- mbedtls_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
- if( use_ret == -(MBEDTLS_ERR_X509_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "X509 - Input invalid" );
- if( use_ret == -(MBEDTLS_ERR_X509_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "X509 - Allocation of memory failed" );
- if( use_ret == -(MBEDTLS_ERR_X509_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" );
- if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
- if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
- mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" );
-#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
- // END generated code
-
- if( strlen( buf ) == 0 )
- mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
use_ret = ret & ~0xFF80;
@@ -603,311 +1204,13 @@
buflen -= len + 3;
}
- // Low level error codes
- //
- // BEGIN generated code
-#if defined(MBEDTLS_AES_C)
- if( use_ret == -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH) )
- mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
- if( use_ret == -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
- if( use_ret == -(MBEDTLS_ERR_AES_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "AES - Invalid input data" );
- if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "AES - Feature not available. For example, an unsupported AES key size" );
- if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
-#endif /* MBEDTLS_AES_C */
+ // Translate low level error code.
+ low_level_error_description = mbedtls_low_level_strerr( ret );
-#if defined(MBEDTLS_ARC4_C)
- if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
-#endif /* MBEDTLS_ARC4_C */
-
-#if defined(MBEDTLS_ARIA_C)
- if( use_ret == -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "ARIA - Bad input data" );
- if( use_ret == -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "ARIA - Invalid data input length" );
- if( use_ret == -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "ARIA - Feature not available. For example, an unsupported ARIA key size" );
- if( use_ret == -(MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "ARIA - ARIA hardware accelerator failed" );
-#endif /* MBEDTLS_ARIA_C */
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
- if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) )
- mbedtls_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_LENGTH) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_DATA) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
- if( use_ret == -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" );
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-#if defined(MBEDTLS_BASE64_C)
- if( use_ret == -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "BASE64 - Output buffer too small" );
- if( use_ret == -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER) )
- mbedtls_snprintf( buf, buflen, "BASE64 - Invalid character in input" );
-#endif /* MBEDTLS_BASE64_C */
-
-#if defined(MBEDTLS_BIGNUM_C)
- if( use_ret == -(MBEDTLS_ERR_MPI_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" );
- if( use_ret == -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_MPI_INVALID_CHARACTER) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
- if( use_ret == -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
- if( use_ret == -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
- if( use_ret == -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
- if( use_ret == -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
- if( use_ret == -(MBEDTLS_ERR_MPI_ALLOC_FAILED) )
- mbedtls_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
-#endif /* MBEDTLS_BIGNUM_C */
-
-#if defined(MBEDTLS_BLOWFISH_C)
- if( use_ret == -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "BLOWFISH - Bad input data" );
- if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
- if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_CAMELLIA_C)
- if( use_ret == -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "CAMELLIA - Bad input data" );
- if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
- if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
-#endif /* MBEDTLS_CAMELLIA_C */
-
-#if defined(MBEDTLS_CCM_C)
- if( use_ret == -(MBEDTLS_ERR_CCM_BAD_INPUT) )
- mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to the function" );
- if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
- mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
- if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
-#endif /* MBEDTLS_CCM_C */
-
-#if defined(MBEDTLS_CHACHA20_C)
- if( use_ret == -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "CHACHA20 - Invalid input parameter(s)" );
- if( use_ret == -(MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "CHACHA20 - Feature not available. For example, s part of the API is not implemented" );
- if( use_ret == -(MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "CHACHA20 - Chacha20 hardware accelerator failed" );
-#endif /* MBEDTLS_CHACHA20_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
- if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE) )
- mbedtls_snprintf( buf, buflen, "CHACHAPOLY - The requested operation is not permitted in the current state" );
- if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED) )
- mbedtls_snprintf( buf, buflen, "CHACHAPOLY - Authenticated decryption failed: data was not authentic" );
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-#if defined(MBEDTLS_CMAC_C)
- if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
-#endif /* MBEDTLS_CMAC_C */
-
-#if defined(MBEDTLS_CTR_DRBG_C)
- if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
- mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
- if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG) )
- mbedtls_snprintf( buf, buflen, "CTR_DRBG - The requested random buffer length is too big" );
- if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG) )
- mbedtls_snprintf( buf, buflen, "CTR_DRBG - The input (entropy + additional data) is too large" );
- if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read or write error in file" );
-#endif /* MBEDTLS_CTR_DRBG_C */
-
-#if defined(MBEDTLS_DES_C)
- if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
- if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_ENTROPY_C)
- if( use_ret == -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED) )
- mbedtls_snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" );
- if( use_ret == -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES) )
- mbedtls_snprintf( buf, buflen, "ENTROPY - No more sources can be added" );
- if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED) )
- mbedtls_snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" );
- if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE) )
- mbedtls_snprintf( buf, buflen, "ENTROPY - No strong sources have been added to poll" );
- if( use_ret == -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" );
-#endif /* MBEDTLS_ENTROPY_C */
-
-#if defined(MBEDTLS_ERROR_C)
- if( use_ret == -(MBEDTLS_ERR_ERROR_GENERIC_ERROR) )
- mbedtls_snprintf( buf, buflen, "ERROR - Generic error" );
- if( use_ret == -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED) )
- mbedtls_snprintf( buf, buflen, "ERROR - This is a bug in the library" );
-#endif /* MBEDTLS_ERROR_C */
-
-#if defined(MBEDTLS_GCM_C)
- if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
- mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
- if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
- mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_HKDF_C)
- if( use_ret == -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "HKDF - Bad input parameters to function" );
-#endif /* MBEDTLS_HKDF_C */
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
- if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG) )
- mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" );
- if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG) )
- mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" );
- if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" );
- if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) )
- mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
-#endif /* MBEDTLS_HMAC_DRBG_C */
-
-#if defined(MBEDTLS_MD2_C)
- if( use_ret == -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "MD2 - MD2 hardware accelerator failed" );
-#endif /* MBEDTLS_MD2_C */
-
-#if defined(MBEDTLS_MD4_C)
- if( use_ret == -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "MD4 - MD4 hardware accelerator failed" );
-#endif /* MBEDTLS_MD4_C */
-
-#if defined(MBEDTLS_MD5_C)
- if( use_ret == -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" );
-#endif /* MBEDTLS_MD5_C */
-
-#if defined(MBEDTLS_NET_C)
- if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" );
- if( use_ret == -(MBEDTLS_ERR_NET_CONNECT_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - The connection to the given server / port failed" );
- if( use_ret == -(MBEDTLS_ERR_NET_BIND_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Binding of the socket failed" );
- if( use_ret == -(MBEDTLS_ERR_NET_LISTEN_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Could not listen on the socket" );
- if( use_ret == -(MBEDTLS_ERR_NET_ACCEPT_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Could not accept the incoming connection" );
- if( use_ret == -(MBEDTLS_ERR_NET_RECV_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Reading information from the socket failed" );
- if( use_ret == -(MBEDTLS_ERR_NET_SEND_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Sending information through the socket failed" );
- if( use_ret == -(MBEDTLS_ERR_NET_CONN_RESET) )
- mbedtls_snprintf( buf, buflen, "NET - Connection was reset by peer" );
- if( use_ret == -(MBEDTLS_ERR_NET_UNKNOWN_HOST) )
- mbedtls_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
- if( use_ret == -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "NET - Buffer is too small to hold the data" );
- if( use_ret == -(MBEDTLS_ERR_NET_INVALID_CONTEXT) )
- mbedtls_snprintf( buf, buflen, "NET - The context is invalid, eg because it was free()ed" );
- if( use_ret == -(MBEDTLS_ERR_NET_POLL_FAILED) )
- mbedtls_snprintf( buf, buflen, "NET - Polling the net context failed" );
- if( use_ret == -(MBEDTLS_ERR_NET_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "NET - Input invalid" );
-#endif /* MBEDTLS_NET_C */
-
-#if defined(MBEDTLS_OID_C)
- if( use_ret == -(MBEDTLS_ERR_OID_NOT_FOUND) )
- mbedtls_snprintf( buf, buflen, "OID - OID is not found" );
- if( use_ret == -(MBEDTLS_ERR_OID_BUF_TOO_SMALL) )
- mbedtls_snprintf( buf, buflen, "OID - output buffer is too small" );
-#endif /* MBEDTLS_OID_C */
-
-#if defined(MBEDTLS_PADLOCK_C)
- if( use_ret == -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED) )
- mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
-#endif /* MBEDTLS_PADLOCK_C */
-
-#if defined(MBEDTLS_PLATFORM_C)
- if( use_ret == -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "PLATFORM - Hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) )
- mbedtls_snprintf( buf, buflen, "PLATFORM - The requested feature is not supported by the platform" );
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_POLY1305_C)
- if( use_ret == -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "POLY1305 - Invalid input parameter(s)" );
- if( use_ret == -(MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "POLY1305 - Feature not available. For example, s part of the API is not implemented" );
- if( use_ret == -(MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "POLY1305 - Poly1305 hardware accelerator failed" );
-#endif /* MBEDTLS_POLY1305_C */
-
-#if defined(MBEDTLS_RIPEMD160_C)
- if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
-#endif /* MBEDTLS_RIPEMD160_C */
-
-#if defined(MBEDTLS_SHA1_C)
- if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 input data was malformed" );
-#endif /* MBEDTLS_SHA1_C */
-
-#if defined(MBEDTLS_SHA256_C)
- if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 input data was malformed" );
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
- if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" );
- if( use_ret == -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 input data was malformed" );
-#endif /* MBEDTLS_SHA512_C */
-
-#if defined(MBEDTLS_THREADING_C)
- if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) )
- mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" );
- if( use_ret == -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "THREADING - Bad input parameters to function" );
- if( use_ret == -(MBEDTLS_ERR_THREADING_MUTEX_ERROR) )
- mbedtls_snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" );
-#endif /* MBEDTLS_THREADING_C */
-
-#if defined(MBEDTLS_XTEA_C)
- if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
- mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
- if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
- mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
-#endif /* MBEDTLS_XTEA_C */
- // END generated code
-
- if( strlen( buf ) != 0 )
- return;
-
- mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
+ if( low_level_error_description == NULL )
+ mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
+ else
+ mbedtls_snprintf( buf, buflen, "%s", low_level_error_description );
}
#else /* MBEDTLS_ERROR_C */
diff --git a/library/md.c b/library/md.c
index b56c2dd..30a580b 100644
--- a/library/md.c
+++ b/library/md.c
@@ -553,14 +553,12 @@
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
case MBEDTLS_MD_SHA256:
return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA512_C)
#if !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
#endif
case MBEDTLS_MD_SHA512:
return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
@@ -599,14 +597,12 @@
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
case MBEDTLS_MD_SHA256:
return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA512_C)
#if !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
#endif
case MBEDTLS_MD_SHA512:
return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
@@ -856,14 +852,12 @@
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
case MBEDTLS_MD_SHA256:
return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
#endif
#if defined(MBEDTLS_SHA512_C)
#if !defined(MBEDTLS_SHA512_NO_SHA384)
case MBEDTLS_MD_SHA384:
- return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
#endif
case MBEDTLS_MD_SHA512:
return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
diff --git a/library/oid.c b/library/oid.c
index 891d3cd..e0c0743 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -761,7 +761,7 @@
if( !( oid->p[i] & 0x80 ) )
{
/* Last byte */
- ret = mbedtls_snprintf( p, n, ".%d", value );
+ ret = mbedtls_snprintf( p, n, ".%u", value );
OID_SAFE_SNPRINTF;
value = 0;
}
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 006bc69..9bfda16 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2841,7 +2841,7 @@
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
ssl->handshake->ciphersuite_info;
- size_t dn_size, total_dn_size; /* excluding length bytes */
+ uint16_t dn_size, total_dn_size; /* excluding length bytes */
size_t ct_len, sa_len; /* including length bytes */
unsigned char *buf, *p;
const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
@@ -2969,11 +2969,11 @@
while( crt != NULL && crt->version != 0 )
{
- dn_size = crt->subject_raw.len;
+ /* It follows from RFC 5280 A.1 that this length
+ * can be represented in at most 11 bits. */
+ dn_size = (uint16_t) crt->subject_raw.len;
- if( end < p ||
- (size_t)( end - p ) < dn_size ||
- (size_t)( end - p ) < 2 + dn_size )
+ if( end < p || (size_t)( end - p ) < 2 + (size_t) dn_size )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) );
break;
diff --git a/library/x509.c b/library/x509.c
index c451332..4c2f721 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -870,7 +870,7 @@
ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)",
md_info ? mbedtls_md_get_name( md_info ) : "???",
mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
- pss_opts->expected_salt_len );
+ (unsigned int) pss_opts->expected_salt_len );
MBEDTLS_X509_SAFE_SNPRINTF;
}
#else
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index 048028d..8edf85f 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -118,7 +118,7 @@
ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 );
if( ret != 0 )
{
- mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", -ret );
+ mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -298,7 +298,7 @@
if( fread( buffer, 1, n, fin ) != (size_t) n )
{
- mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", n );
+ mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", n );
goto exit;
}
@@ -413,7 +413,7 @@
if( fwrite( buffer, 1, n, fout ) != (size_t) n )
{
- mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", n );
+ mbedtls_fprintf( stderr, "fwrite(%u bytes) failed\n", n );
goto exit;
}
}
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index a5acf5b..e2949f2 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -219,7 +219,7 @@
p = &argv[6][4];
keylen = 0;
- while( sscanf( p, "%02X", &n ) > 0 &&
+ while( sscanf( p, "%02X", (unsigned int*) &n ) > 0 &&
keylen < (int) sizeof( key ) )
{
key[keylen++] = (unsigned char) n;
@@ -417,7 +417,7 @@
( ( filesize - mbedtls_md_get_size( md_info ) ) %
mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 )
{
- mbedtls_fprintf( stderr, "File content not a multiple of the block size (%d).\n",
+ mbedtls_fprintf( stderr, "File content not a multiple of the block size (%u).\n",
mbedtls_cipher_get_block_size( &cipher_ctx ));
goto exit;
}
@@ -484,7 +484,7 @@
if( fread( buffer, 1, ilen, fin ) != ilen )
{
- mbedtls_fprintf( stderr, "fread(%d bytes) failed\n",
+ mbedtls_fprintf( stderr, "fread(%u bytes) failed\n",
mbedtls_cipher_get_block_size( &cipher_ctx ) );
goto exit;
}
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 23e4e14..9c1a91c 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -302,7 +302,7 @@
NULL, DEV_RANDOM_THRESHOLD,
MBEDTLS_ENTROPY_SOURCE_STRONG ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -315,7 +315,7 @@
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -328,7 +328,7 @@
if( ( ret = mbedtls_pk_setup( &key,
mbedtls_pk_info_from_type( (mbedtls_pk_type_t) opt.type ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_setup returned -0x%04x", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret );
goto exit;
}
@@ -339,7 +339,7 @@
opt.rsa_keysize, 65537 );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", (unsigned int) -ret );
goto exit;
}
}
@@ -353,7 +353,7 @@
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ecp_gen_key returned -0x%04x", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ecp_gen_key returned -0x%04x", (unsigned int) -ret );
goto exit;
}
}
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index 19dcdfe..345b7b8 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -187,7 +187,7 @@
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto cleanup;
}
@@ -248,7 +248,7 @@
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto cleanup;
}
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index 6096429..937fe90 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -299,7 +299,7 @@
if( ret != 0 )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x - %s\n\n", -ret, buf );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -360,7 +360,7 @@
if( ret != 0 )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_key returned -0x%04x - %s\n\n", -ret, buf );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_key returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index bf42507..bccfde0 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -100,7 +100,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -109,7 +109,7 @@
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -124,7 +124,7 @@
}
i = 0;
- while( fscanf( f, "%02X", &c ) > 0 &&
+ while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
i < (int) sizeof( buf ) )
{
buf[i++] = (unsigned char) c;
@@ -142,7 +142,7 @@
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c
index a32b147..16cd3f0 100644
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c
@@ -98,7 +98,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -107,7 +107,7 @@
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -130,7 +130,7 @@
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index a354e5b..4e755c0 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -96,7 +96,7 @@
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -127,7 +127,7 @@
if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index 72caf71..2e08763 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -86,7 +86,7 @@
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
@@ -123,7 +123,7 @@
if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_verify returned -0x%04x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret );
goto exit;
}
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index ff71bd0..3327909 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -160,7 +160,7 @@
i = 0;
- while( fscanf( f, "%02X", &c ) > 0 &&
+ while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
i < (int) sizeof( buf ) )
buf[i++] = (unsigned char) c;
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index 9bcd7a6..78ab176 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -129,7 +129,7 @@
fflush( stdout );
if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", (unsigned int) -ret );
goto exit;
}
@@ -151,7 +151,7 @@
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
20, hash, buf ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret );
goto exit;
}
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 94f0ef9..b531775 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -114,7 +114,7 @@
}
i = 0;
- while( fscanf( f, "%02X", &c ) > 0 &&
+ while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
i < (int) sizeof( buf ) )
buf[i++] = (unsigned char) c;
@@ -144,7 +144,7 @@
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret );
goto exit;
}
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index f492e0e..1dbbc81 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -101,7 +101,7 @@
status = ( expr ); \
if( status != PSA_SUCCESS ) \
{ \
- printf( "Error %d at line %u: %s\n", \
+ printf( "Error %d at line %d: %s\n", \
(int) status, \
__LINE__, \
#expr ); \
diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c
index 6ae63b7..c60aec9 100644
--- a/programs/random/gen_entropy.c
+++ b/programs/random/gen_entropy.c
@@ -80,7 +80,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_entropy_func returned -%04X\n",
- ret );
+ (unsigned int) ret );
goto cleanup;
}
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 3ea2a68..ce1056f 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -149,7 +149,7 @@
mbedtls_test_cas_pem_len );
if( ret < 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -225,7 +225,7 @@
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -303,7 +303,7 @@
goto close_notify;
default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret );
+ mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
}
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index bb32724..f63741f 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -291,7 +291,7 @@
client_ip, cliip_len ) ) != 0 )
{
printf( " failed\n ! "
- "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
+ "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -318,7 +318,7 @@
}
else if( ret != 0 )
{
- printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
+ printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
goto reset;
}
@@ -351,7 +351,7 @@
goto close_notify;
default:
- printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret );
+ printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret );
goto reset;
}
}
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index b723243..3724c64 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -134,7 +134,7 @@
mbedtls_test_cas_pem_len );
if( ret < 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -203,7 +203,7 @@
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
}
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 73a9933..6b09a89 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -833,7 +833,7 @@
break;
default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", -ret );
+ mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
return( -1 );
}
@@ -1077,7 +1077,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
return( ret );
}
@@ -1101,7 +1101,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
return( ret );
}
@@ -1111,7 +1111,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
return( ret );
}
mbedtls_printf( "(%s) Peer CID (length %u Bytes): ",
@@ -2013,7 +2013,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2024,7 +2024,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2082,7 +2082,7 @@
if( ret < 0 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2117,7 +2117,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2142,7 +2142,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2179,7 +2179,7 @@
MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2190,7 +2190,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2208,7 +2208,7 @@
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2249,7 +2249,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2447,7 +2447,7 @@
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2527,7 +2527,7 @@
ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
mbedtls_printf(
" Unable to verify the server's certificate. "
@@ -2599,7 +2599,7 @@
!= 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2620,7 +2620,7 @@
sizeof( eap_tls_iv ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2667,7 +2667,7 @@
&session_data_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2676,7 +2676,7 @@
if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2827,7 +2827,7 @@
ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2955,7 +2955,7 @@
default:
mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -3019,7 +3019,7 @@
goto close_notify;
default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
+ mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
goto exit;
}
}
@@ -3047,7 +3047,7 @@
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3058,7 +3058,7 @@
ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3092,7 +3092,7 @@
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3110,7 +3110,7 @@
buf_len, &buf_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3139,7 +3139,7 @@
context_buf, buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_base64_encode returned "
- "-0x%x\n", -ret );
+ "-0x%x\n", (unsigned int) -ret );
mbedtls_free( b64_buf );
goto exit;
}
@@ -3184,7 +3184,7 @@
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3211,7 +3211,7 @@
buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3283,7 +3283,7 @@
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3294,7 +3294,7 @@
session_data_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -3302,7 +3302,7 @@
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3312,7 +3312,7 @@
MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3323,7 +3323,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3334,7 +3334,7 @@
ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -3353,7 +3353,7 @@
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
- mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf );
+ mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf );
}
#endif
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 3e1d9a4..9668cf9 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -309,7 +309,7 @@
break;
default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
+ mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
break;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 1d03fe2..ca557ca 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -932,7 +932,7 @@
break;
default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", -ret );
+ mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
return( -1 );
}
@@ -1720,7 +1720,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
return( ret );
}
@@ -2755,7 +2755,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2766,7 +2766,7 @@
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2823,7 +2823,7 @@
#endif /* MBEDTLS_CERTS_C */
if( ret < 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -2842,7 +2842,7 @@
if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2851,7 +2851,7 @@
key_cert_init++;
if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
}
@@ -2867,7 +2867,7 @@
if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2877,7 +2877,7 @@
if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -2904,7 +2904,7 @@
mbedtls_test_srv_crt_rsa_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
if( ( ret = mbedtls_pk_parse_key( &pkey,
@@ -2912,7 +2912,7 @@
mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
key_cert_init = 2;
@@ -2923,7 +2923,7 @@
mbedtls_test_srv_crt_ec_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
if( ( ret = mbedtls_pk_parse_key( &pkey2,
@@ -2931,7 +2931,7 @@
mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
{
mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
key_cert_init2 = 2;
@@ -2951,7 +2951,7 @@
if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -2988,7 +2988,7 @@
opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3005,7 +3005,7 @@
opt.transport,
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3064,7 +3064,7 @@
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -3390,7 +3390,7 @@
strlen( opt.psk_identity ) );
if( ret != 0 )
{
- mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
+ mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", (unsigned int) -ret );
goto exit;
}
}
@@ -3431,7 +3431,7 @@
#endif
if( ret != 0 )
{
- mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret );
+ mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", (unsigned int) -ret );
goto exit;
}
#endif
@@ -3444,7 +3444,7 @@
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3529,7 +3529,7 @@
}
#endif
- mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3539,7 +3539,7 @@
ret = mbedtls_net_set_block( &client_fd );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -3552,7 +3552,7 @@
client_ip, cliip_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
}
@@ -3615,7 +3615,7 @@
}
else if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
@@ -3709,7 +3709,7 @@
!= 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3730,7 +3730,7 @@
sizeof( eap_tls_iv ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
- -ret );
+ (unsigned int) -ret );
goto exit;
}
@@ -3821,7 +3821,7 @@
goto reset;
default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
+ mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
goto reset;
}
}
@@ -3867,7 +3867,7 @@
}
larger_buf[ori_len + extra_len] = '\0';
- mbedtls_printf( " %u bytes read (%u + %u)\n\n%s\n",
+ mbedtls_printf( " %d bytes read (%d + %d)\n\n%s\n",
ori_len + extra_len, ori_len, extra_len,
(char *) larger_buf );
@@ -3935,7 +3935,7 @@
goto close_notify;
default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
+ mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
goto reset;
}
}
@@ -4092,7 +4092,7 @@
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -4110,7 +4110,7 @@
buf_len, &buf_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -4139,7 +4139,7 @@
context_buf, buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_base64_encode returned "
- "-0x%x\n", -ret );
+ "-0x%x\n", (unsigned int) -ret );
mbedtls_free( b64_buf );
goto exit;
}
@@ -4199,7 +4199,7 @@
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -4232,7 +4232,7 @@
buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned "
- "-0x%x\n\n", -ret );
+ "-0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -4275,7 +4275,7 @@
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
- mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf );
+ mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf );
}
#endif
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 57e8e7e..1575930 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -112,7 +112,7 @@
mbedtls_printf( "FAILED: %s\n", tmp );
#else
#define PRINT_ERROR \
- mbedtls_printf( "FAILED: -0x%04x\n", -ret );
+ mbedtls_printf( "FAILED: -0x%04x\n", (unsigned int) -ret );
#endif
#define TIME_AND_TSC( TITLE, CODE ) \
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index 7447571..d601dcc 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -456,7 +456,7 @@
{
if( ( ret = ctx_buffer_flush( buf ) ) <= 0 )
{
- mbedtls_printf( "ctx_buffer_flush failed with -%#04x", -ret );
+ mbedtls_printf( "ctx_buffer_flush failed with -%#04x", (unsigned int) -ret );
return( ret );
}
}
@@ -495,7 +495,7 @@
ret = mbedtls_net_send( ctx, data, len );
if( ret < 0 )
{
- mbedtls_printf( "net_send returned -%#04x\n", -ret );
+ mbedtls_printf( "net_send returned -%#04x\n", (unsigned int) -ret );
}
return( ret );
}
@@ -999,7 +999,7 @@
{
char error_buf[100];
mbedtls_strerror( ret, error_buf, 100 );
- mbedtls_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf );
+ mbedtls_printf( "Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf );
fflush( stdout );
}
#endif
diff --git a/programs/util/strerror.c b/programs/util/strerror.c
index 458280c..b0487c0 100644
--- a/programs/util/strerror.c
+++ b/programs/util/strerror.c
@@ -79,7 +79,7 @@
{
char error_buf[200];
mbedtls_strerror( val, error_buf, 200 );
- mbedtls_printf("Last error was: -0x%04x - %s\n\n", (int) -val, error_buf );
+ mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf );
}
#if defined(_WIN32)
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 432eefb..7723a37 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -258,7 +258,7 @@
{
if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -268,7 +268,7 @@
{
if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
@@ -282,7 +282,7 @@
{
if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index d36d73c..9a7dc59 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -507,7 +507,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_mpi_read_string "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -527,7 +527,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -537,7 +537,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -561,7 +561,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -571,7 +571,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -596,7 +596,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -612,7 +612,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile "
- "returned -x%02x - %s\n\n", -ret, buf );
+ "returned -x%02x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -646,7 +646,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -654,7 +654,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -669,7 +669,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -678,7 +678,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -696,7 +696,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -716,7 +716,7 @@
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject"
"_key_identifier returned -0x%04x - %s\n\n",
- -ret, buf );
+ (unsigned int) -ret, buf );
goto exit;
}
@@ -735,7 +735,7 @@
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_"
"key_identifier returned -0x%04x - %s\n\n",
- -ret, buf );
+ (unsigned int) -ret, buf );
goto exit;
}
@@ -754,7 +754,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -772,7 +772,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type "
- "returned -0x%04x - %s\n\n", -ret, buf );
+ "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
goto exit;
}
@@ -790,7 +790,7 @@
{
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! write_certificate -0x%04x - %s\n\n",
- -ret, buf );
+ (unsigned int) -ret, buf );
goto exit;
}
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index 6360705..97b74bc 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -42,10 +42,60 @@
HEADER_INCLUDED
+const char * mbedtls_high_level_strerr( int error_code )
+{
+ int high_level_error_code;
+ const char *error_description = NULL;
+
+ if( error_code < 0 )
+ error_code = -error_code;
+
+ /* Extract the high-level part from the error code. */
+ high_level_error_code = error_code & 0xFF80;
+
+ switch( high_level_error_code )
+ {
+ /* Begin Auto-Generated Code. */
+HIGH_LEVEL_CODE_CHECKS
+ /* End Auto-Generated Code. */
+
+ default:
+ break;
+ }
+
+ return error_description;
+}
+
+const char * mbedtls_low_level_strerr( int error_code )
+{
+ int low_level_error_code;
+ const char *error_description = NULL;
+
+ if( error_code < 0 )
+ error_code = -error_code;
+
+ /* Extract the low-level part from the error code. */
+ low_level_error_code = error_code & ~0xFF80;
+
+ switch( low_level_error_code )
+ {
+ /* Begin Auto-Generated Code. */
+LOW_LEVEL_CODE_CHECKS
+ /* End Auto-Generated Code. */
+
+ default:
+ break;
+ }
+
+ return error_description;
+}
+
void mbedtls_strerror( int ret, char *buf, size_t buflen )
{
size_t len;
int use_ret;
+ const char * high_level_error_description = NULL;
+ const char * low_level_error_description = NULL;
if( buflen == 0 )
return;
@@ -59,14 +109,20 @@
{
use_ret = ret & 0xFF80;
- // High level error codes
- //
- // BEGIN generated code
-HIGH_LEVEL_CODE_CHECKS
- // END generated code
+ // Translate high level error code.
+ high_level_error_description = mbedtls_high_level_strerr( ret );
- if( strlen( buf ) == 0 )
- mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
+ if( high_level_error_description == NULL )
+ mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
+ else
+ mbedtls_snprintf( buf, buflen, "%s", high_level_error_description );
+
+#if defined(MBEDTLS_SSL_TLS_C)
+ // Early return in case of a fatal error - do not try to translate low
+ // level code.
+ if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE))
+ return;
+#endif /* MBEDTLS_SSL_TLS_C */
}
use_ret = ret & ~0xFF80;
@@ -90,16 +146,13 @@
buflen -= len + 3;
}
- // Low level error codes
- //
- // BEGIN generated code
-LOW_LEVEL_CODE_CHECKS
- // END generated code
+ // Translate low level error code.
+ low_level_error_description = mbedtls_low_level_strerr( ret );
- if( strlen( buf ) != 0 )
- return;
-
- mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
+ if( low_level_error_description == NULL )
+ mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
+ else
+ mbedtls_snprintf( buf, buflen, "%s", low_level_error_description );
}
#else /* MBEDTLS_ERROR_C */
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 87c8bf7..cb59669 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -119,7 +119,7 @@
{
$code_check = \$ll_code_check;
$old_define = \$ll_old_define;
- $white_space = ' ';
+ $white_space = ' ';
}
else
{
@@ -160,19 +160,9 @@
${$old_define} = $define_name;
}
- if ($error_name eq "MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE")
- {
- ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n".
- "${white_space}\{\n".
- "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n".
- "${white_space} return;\n".
- "${white_space}}\n"
- }
- else
- {
- ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n".
- "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n"
- }
+ ${$code_check} .= "${white_space}case -($error_name):\n".
+ "${white_space} error_description = \"$module_name - $description\";\n".
+ "${white_space} break;\n"
};
if ($ll_old_define ne "")
diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function
index 10f9e11..7d59794 100644
--- a/tests/suites/test_suite_version.function
+++ b/tests/suites/test_suite_version.function
@@ -52,7 +52,7 @@
mbedtls_version_get_string( get_str );
mbedtls_version_get_string_full( get_str_full );
- mbedtls_snprintf( build_str, 100, "%d.%d.%d",
+ mbedtls_snprintf( build_str, 100, "%u.%u.%u",
(get_int >> 24) & 0xFF,
(get_int >> 16) & 0xFF,
(get_int >> 8) & 0xFF );
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 85ff41d..f3e83d6 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -237,7 +237,7 @@
char *p = *buf;
size_t n = *size;
- ret = mbedtls_snprintf( p, n, "type : %u", san->type );
+ ret = mbedtls_snprintf( p, n, "type : %d", san->type );
MBEDTLS_X509_SAFE_SNPRINTF;
switch( san->type )
diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj
index f252298..1ab9e86 100644
--- a/visualc/VS2010/ssl_context_info.vcxproj
+++ b/visualc/VS2010/ssl_context_info.vcxproj
@@ -22,7 +22,7 @@
<ClCompile Include="..\..\programs\ssl\ssl_context_info.c" />
</ItemGroup>
<ItemGroup>
- <ProjectReference Include="mbedTLS.vcxproj">
+ <ProjectReference Include="mbedTLS.vcxproj">
<Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
<LinkLibraryDependencies>true</LinkLibraryDependencies>
</ProjectReference>
@@ -71,22 +71,22 @@
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
- <LinkIncremental>true</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
- <LinkIncremental>true</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
- <LinkIncremental>false</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
- <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
- <LinkIncremental>false</LinkIncremental>
- <IntDir>$(Configuration)\$(TargetName)\</IntDir>
- </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
@@ -101,7 +101,7 @@
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<ShowProgress>NotSet</ShowProgress>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
</Link>
<ProjectReference>
@@ -122,7 +122,7 @@
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<ShowProgress>NotSet</ShowProgress>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
</Link>
<ProjectReference>
@@ -147,7 +147,7 @@
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
- <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">