Adjust some provider reason codes

BLAKE2 MACs came with a set of new reason codes.  Those talking about
lengths are consistently called PROV_R_INVALID_FOO_LENGTH, for any
name FOO.  The cipher messages were briefer.  In the interest of
having more humanly readable messages, we adjust the reasons used by
the ciphers (that's just IV length and key length).

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 68a95c832b9f3da58ae17f871e0e101724cfd8ac..988e6117ec3b625af4d6c5c648f6775d2a1de1e3 100644 (file)
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2712,8 +2712,8 @@ PROV_R_FAILED_TO_GET_PARAMETER:103:failed to get parameter
 PROV_R_FAILED_TO_SET_PARAMETER:104:failed to set parameter
 PROV_R_INVALID_AAD:108:invalid aad
 PROV_R_INVALID_CUSTOM_LENGTH:111:invalid custom length
-PROV_R_INVALID_IVLEN:109:invalid ivlen
-PROV_R_INVALID_KEYLEN:105:invalid keylen
+PROV_R_INVALID_IV_LENGTH:109:invalid iv length
+PROV_R_INVALID_KEY_LENGTH:105:invalid key length
 PROV_R_INVALID_SALT_LENGTH:112:invalid salt length
 PROV_R_INVALID_TAG:110:invalid tag
 PROV_R_NOT_XOF_OR_INVALID_LENGTH:113:not xof or invalid length

diff --git a/providers/common/ciphers/aes.c b/providers/common/ciphers/aes.c
index a211694a886c26cdda670cfc96f374ef5292af06..32ae19be3f38558c9db42f458f50193cdb9bf29f 100644 (file)
--- a/providers/common/ciphers/aes.c
+++ b/providers/common/ciphers/aes.c
@@ -59,7 +59,7 @@ static int aes_einit(void *vctx, const unsigned char *key, size_t keylen,
     }
     if (key != NULL) {
         if (keylen != ctx->keylen) {
-            PROVerr(PROV_F_AES_EINIT, PROV_R_INVALID_KEYLEN);
+            PROVerr(PROV_F_AES_EINIT, PROV_R_INVALID_KEY_LENGTH);
             return 0;
         }
         return ctx->ciph->init(ctx, key, ctx->keylen);
@@ -79,7 +79,7 @@ static int aes_dinit(void *vctx, const unsigned char *key, size_t keylen,
     }
     if (key != NULL) {
         if (keylen != ctx->keylen) {
-            PROVerr(PROV_F_AES_DINIT, PROV_R_INVALID_KEYLEN);
+            PROVerr(PROV_F_AES_DINIT, PROV_R_INVALID_KEY_LENGTH);
             return 0;
         }
         return ctx->ciph->init(ctx, key, ctx->keylen);

diff --git a/providers/common/ciphers/gcm.c b/providers/common/ciphers/gcm.c
index e3b79f1a94097f0d0fde834e4aa4bd4ff36e4659..164c716483c905effeeb45f31d66968f92bd48fe 100644 (file)
--- a/providers/common/ciphers/gcm.c
+++ b/providers/common/ciphers/gcm.c
@@ -68,7 +68,7 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen,
 
     if (iv != NULL) {
         if (ivlen < ctx->ivlen_min || ivlen > sizeof(ctx->iv)) {
-            PROVerr(0, PROV_R_INVALID_IVLEN);
+            PROVerr(0, PROV_R_INVALID_IV_LENGTH);
             return 0;
         }
         ctx->ivlen = ivlen;
@@ -78,7 +78,7 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen,
 
     if (key != NULL) {
         if (keylen != ctx->keylen) {
-            PROVerr(0, PROV_R_INVALID_KEYLEN);
+            PROVerr(0, PROV_R_INVALID_KEY_LENGTH);
             return 0;
         }
         return ctx->hw->setkey(ctx, key, ctx->keylen);
@@ -120,7 +120,7 @@ static int gcm_ctx_get_params(void *vctx, OSSL_PARAM params[])
         if (ctx->iv_gen != 1 && ctx->iv_gen_rand != 1)
             return 0;
         if (ctx->ivlen != (int)p->data_size) {
-            PROVerr(0, PROV_R_INVALID_IVLEN);
+            PROVerr(0, PROV_R_INVALID_IV_LENGTH);
             return 0;
         }
         if (!OSSL_PARAM_set_octet_string(p, ctx->iv, ctx->ivlen)) {
@@ -177,7 +177,7 @@ static int gcm_ctx_set_params(void *vctx, const OSSL_PARAM params[])
             return 0;
         }
         if (sz == 0 || sz > sizeof(ctx->iv)) {
-            PROVerr(0, PROV_R_INVALID_IVLEN);
+            PROVerr(0, PROV_R_INVALID_IV_LENGTH);
             return 0;
         }
         ctx->ivlen = sz;

diff --git a/providers/common/include/internal/providercommonerr.h b/providers/common/include/internal/providercommonerr.h
index ad961b09a64a042c1e9527e0863bfef35adb9b08..7c4a175c25bd015749d0064df85ca0591391573b 100644 (file)
--- a/providers/common/include/internal/providercommonerr.h
+++ b/providers/common/include/internal/providercommonerr.h
@@ -51,8 +51,8 @@ int ERR_load_PROV_strings(void);
 # define PROV_R_FAILED_TO_SET_PARAMETER                   104
 # define PROV_R_INVALID_AAD                               108
 # define PROV_R_INVALID_CUSTOM_LENGTH                     111
-# define PROV_R_INVALID_IVLEN                             109
-# define PROV_R_INVALID_KEYLEN                            105
+# define PROV_R_INVALID_IV_LENGTH                         109
+# define PROV_R_INVALID_KEY_LENGTH                        105
 # define PROV_R_INVALID_SALT_LENGTH                       112
 # define PROV_R_INVALID_TAG                               110
 # define PROV_R_NOT_XOF_OR_INVALID_LENGTH                 113

diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c
index f1039cd93006f34f94546d274db846725d669d41..b7f90057d47e2fc8f96e6f5f5748ccc2f0623c38 100644 (file)
--- a/providers/common/provider_err.c
+++ b/providers/common/provider_err.c
@@ -25,12 +25,12 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
     "failed to set parameter"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_AAD), "invalid aad"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_CUSTOM_LENGTH),
-    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IVLEN), "invalid ivlen"},
-    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEYLEN), "invalid keylen"},
+    "invalid custom length"},
+    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IV_LENGTH), "invalid iv length"},
+    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LENGTH), "invalid key length"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SALT_LENGTH),
     "invalid salt length"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"},
-    "invalid custom length"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_XOF_OR_INVALID_LENGTH),
     "not xof or invalid length"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NO_KEY_SET), "no key set"},