1 /* 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"). 5 * You may not use this file except in compliance with the License. 6 * A copy of the License is located at 7 * 8 * http://aws.amazon.com/apache2.0 9 * 10 * or in the "license" file accompanying this file. This file is distributed 11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 * express or implied. See the License for the specific language governing 13 * permissions and limitations under the License. 14 */ 15 16 #pragma once 17 18 #include <s2n.h> 19 #include <stdio.h> 20 #include <stdbool.h> 21 #include <utils/s2n_ensure.h> 22 23 /* 24 * To easily retrieve error types, we split error values into two parts. 25 * The upper 6 bits describe the error type and the lower bits describe the value within the category. 26 * [ Error Type Bits(31-26) ][ Value Bits(25-0) ] 27 */ 28 #define S2N_ERR_NUM_VALUE_BITS 26 29 30 /* Start value for each error type. */ 31 #define S2N_ERR_T_OK_START (S2N_ERR_T_OK << S2N_ERR_NUM_VALUE_BITS) 32 #define S2N_ERR_T_IO_START (S2N_ERR_T_IO << S2N_ERR_NUM_VALUE_BITS) 33 #define S2N_ERR_T_CLOSED_START (S2N_ERR_T_CLOSED << S2N_ERR_NUM_VALUE_BITS) 34 #define S2N_ERR_T_BLOCKED_START (S2N_ERR_T_BLOCKED << S2N_ERR_NUM_VALUE_BITS) 35 #define S2N_ERR_T_ALERT_START (S2N_ERR_T_ALERT << S2N_ERR_NUM_VALUE_BITS) 36 #define S2N_ERR_T_PROTO_START (S2N_ERR_T_PROTO << S2N_ERR_NUM_VALUE_BITS) 37 #define S2N_ERR_T_INTERNAL_START (S2N_ERR_T_INTERNAL << S2N_ERR_NUM_VALUE_BITS) 38 #define S2N_ERR_T_USAGE_START (S2N_ERR_T_USAGE << S2N_ERR_NUM_VALUE_BITS) 39 40 /* clang-format off */ 41 /* Order of values in this enum is important. New error values should be placed at the end of their respective category. 42 * For example, a new TLS protocol related error belongs in the S2N_ERR_T_PROTO category. It should be placed 43 * immediately before S2N_ERR_T_INTERNAL_START(the first value of he next category). 44 */ 45 typedef enum { 46 /* S2N_ERR_T_OK */ 47 S2N_ERR_OK = S2N_ERR_T_OK_START, 48 S2N_ERR_T_OK_END, 49 50 /* S2N_ERR_T_IO */ 51 S2N_ERR_IO = S2N_ERR_T_IO_START, 52 S2N_ERR_T_IO_END, 53 54 /* S2N_ERR_T_CLOSED */ 55 S2N_ERR_CLOSED = S2N_ERR_T_CLOSED_START, 56 S2N_ERR_T_CLOSED_END, 57 58 /* S2N_ERR_T_BLOCKED */ 59 S2N_ERR_IO_BLOCKED = S2N_ERR_T_BLOCKED_START, 60 S2N_ERR_ASYNC_BLOCKED, 61 S2N_ERR_EARLY_DATA_BLOCKED, 62 S2N_ERR_T_BLOCKED_END, 63 64 /* S2N_ERR_T_ALERT */ 65 S2N_ERR_ALERT = S2N_ERR_T_ALERT_START, 66 S2N_ERR_T_ALERT_END, 67 68 /* S2N_ERR_T_PROTO */ 69 S2N_ERR_ENCRYPT = S2N_ERR_T_PROTO_START, 70 S2N_ERR_DECRYPT, 71 S2N_ERR_BAD_MESSAGE, 72 S2N_ERR_KEY_INIT, 73 S2N_ERR_KEY_DESTROY, 74 S2N_ERR_DH_SERIALIZING, 75 S2N_ERR_DH_SHARED_SECRET, 76 S2N_ERR_DH_WRITING_PUBLIC_KEY, 77 S2N_ERR_DH_FAILED_SIGNING, 78 S2N_ERR_DH_COPYING_PARAMETERS, 79 S2N_ERR_DH_GENERATING_PARAMETERS, 80 S2N_ERR_CIPHER_NOT_SUPPORTED, 81 S2N_ERR_NO_APPLICATION_PROTOCOL, 82 S2N_ERR_FALLBACK_DETECTED, 83 S2N_ERR_HASH_DIGEST_FAILED, 84 S2N_ERR_HASH_INIT_FAILED, 85 S2N_ERR_HASH_UPDATE_FAILED, 86 S2N_ERR_HASH_COPY_FAILED, 87 S2N_ERR_HASH_WIPE_FAILED, 88 S2N_ERR_HASH_NOT_READY, 89 S2N_ERR_ALLOW_MD5_FOR_FIPS_FAILED, 90 S2N_ERR_DECODE_CERTIFICATE, 91 S2N_ERR_DECODE_PRIVATE_KEY, 92 S2N_ERR_INVALID_HELLO_RETRY, 93 S2N_ERR_INVALID_SIGNATURE_ALGORITHM, 94 S2N_ERR_INVALID_SIGNATURE_SCHEME, 95 S2N_ERR_CBC_VERIFY, 96 S2N_ERR_DH_COPYING_PUBLIC_KEY, 97 S2N_ERR_SIGN, 98 S2N_ERR_VERIFY_SIGNATURE, 99 S2N_ERR_ECDHE_GEN_KEY, 100 S2N_ERR_ECDHE_SHARED_SECRET, 101 S2N_ERR_ECDHE_UNSUPPORTED_CURVE, 102 S2N_ERR_ECDSA_UNSUPPORTED_CURVE, 103 S2N_ERR_ECDHE_SERIALIZING, 104 S2N_ERR_KEM_UNSUPPORTED_PARAMS, 105 S2N_ERR_SHUTDOWN_RECORD_TYPE, 106 S2N_ERR_SHUTDOWN_CLOSED, 107 S2N_ERR_NON_EMPTY_RENEGOTIATION_INFO, 108 S2N_ERR_RECORD_LIMIT, 109 S2N_ERR_CERT_UNTRUSTED, 110 S2N_ERR_CERT_TYPE_UNSUPPORTED, 111 S2N_ERR_INVALID_MAX_FRAG_LEN, 112 S2N_ERR_MAX_FRAG_LEN_MISMATCH, 113 S2N_ERR_PROTOCOL_VERSION_UNSUPPORTED, 114 S2N_ERR_BAD_KEY_SHARE, 115 S2N_ERR_CANCELLED, 116 S2N_ERR_PROTOCOL_DOWNGRADE_DETECTED, 117 S2N_ERR_MAX_INNER_PLAINTEXT_SIZE, 118 S2N_ERR_RECORD_STUFFER_SIZE, 119 S2N_ERR_FRAGMENT_LENGTH_TOO_LARGE, 120 S2N_ERR_FRAGMENT_LENGTH_TOO_SMALL, 121 S2N_ERR_RECORD_STUFFER_NEEDS_DRAINING, 122 S2N_ERR_MISSING_EXTENSION, 123 S2N_ERR_UNSUPPORTED_EXTENSION, 124 S2N_ERR_DUPLICATE_EXTENSION, 125 S2N_ERR_MAX_EARLY_DATA_SIZE, 126 S2N_ERR_EARLY_DATA_TRIAL_DECRYPT, 127 S2N_ERR_T_PROTO_END, 128 129 /* S2N_ERR_T_INTERNAL */ 130 S2N_ERR_MADVISE = S2N_ERR_T_INTERNAL_START, 131 S2N_ERR_ALLOC, 132 S2N_ERR_MLOCK, 133 S2N_ERR_MUNLOCK, 134 S2N_ERR_FSTAT, 135 S2N_ERR_OPEN, 136 S2N_ERR_MMAP, 137 S2N_ERR_ATEXIT, 138 S2N_ERR_NOMEM, 139 S2N_ERR_NULL, 140 S2N_ERR_SAFETY, 141 S2N_ERR_INITIALIZED, 142 S2N_ERR_NOT_INITIALIZED, 143 S2N_ERR_RANDOM_UNINITIALIZED, 144 S2N_ERR_OPEN_RANDOM, 145 S2N_ERR_RESIZE_STATIC_STUFFER, 146 S2N_ERR_RESIZE_TAINTED_STUFFER, 147 S2N_ERR_STUFFER_OUT_OF_DATA, 148 S2N_ERR_STUFFER_IS_FULL, 149 S2N_ERR_STUFFER_NOT_FOUND, 150 S2N_ERR_STUFFER_HAS_UNPROCESSED_DATA, 151 S2N_ERR_HASH_INVALID_ALGORITHM, 152 S2N_ERR_PRF_INVALID_ALGORITHM, 153 S2N_ERR_PRF_INVALID_SEED, 154 S2N_ERR_P_HASH_INVALID_ALGORITHM, 155 S2N_ERR_P_HASH_INIT_FAILED, 156 S2N_ERR_P_HASH_UPDATE_FAILED, 157 S2N_ERR_P_HASH_FINAL_FAILED, 158 S2N_ERR_P_HASH_WIPE_FAILED, 159 S2N_ERR_HMAC_INVALID_ALGORITHM, 160 S2N_ERR_HKDF_OUTPUT_SIZE, 161 S2N_ERR_ALERT_PRESENT, 162 S2N_ERR_HANDSHAKE_STATE, 163 S2N_ERR_SHUTDOWN_PAUSED, 164 S2N_ERR_SIZE_MISMATCH, 165 S2N_ERR_DRBG, 166 S2N_ERR_DRBG_REQUEST_SIZE, 167 S2N_ERR_KEY_CHECK, 168 S2N_ERR_CIPHER_TYPE, 169 S2N_ERR_MAP_DUPLICATE, 170 S2N_ERR_MAP_IMMUTABLE, 171 S2N_ERR_MAP_MUTABLE, 172 S2N_ERR_MAP_INVALID_MAP_SIZE, 173 S2N_ERR_INITIAL_HMAC, 174 S2N_ERR_INVALID_NONCE_TYPE, 175 S2N_ERR_UNIMPLEMENTED, 176 S2N_ERR_HANDSHAKE_UNREACHABLE, 177 S2N_ERR_READ, 178 S2N_ERR_WRITE, 179 S2N_ERR_BAD_FD, 180 S2N_ERR_RDRAND_FAILED, 181 S2N_ERR_FAILED_CACHE_RETRIEVAL, 182 S2N_ERR_X509_TRUST_STORE, 183 S2N_ERR_UNKNOWN_PROTOCOL_VERSION, 184 S2N_ERR_NULL_CN_NAME, 185 S2N_ERR_NULL_SANS, 186 S2N_ERR_CLIENT_HELLO_VERSION, 187 S2N_ERR_CLIENT_PROTOCOL_VERSION, 188 S2N_ERR_SERVER_PROTOCOL_VERSION, 189 S2N_ERR_ACTUAL_PROTOCOL_VERSION, 190 S2N_ERR_POLLING_FROM_SOCKET, 191 S2N_ERR_RECV_STUFFER_FROM_CONN, 192 S2N_ERR_SEND_STUFFER_TO_CONN, 193 S2N_ERR_PRECONDITION_VIOLATION, 194 S2N_ERR_POSTCONDITION_VIOLATION, 195 S2N_ERR_INTEGER_OVERFLOW, 196 S2N_ERR_ARRAY_INDEX_OOB, 197 S2N_ERR_FREE_STATIC_BLOB, 198 S2N_ERR_RESIZE_STATIC_BLOB, 199 S2N_ERR_NO_SUPPORTED_LIBCRYPTO_API, 200 S2N_ERR_RECORD_LENGTH_TOO_LARGE, 201 S2N_ERR_SET_DUPLICATE_VALUE, 202 S2N_ERR_INVALID_PARSED_EXTENSIONS, 203 S2N_ERR_ASYNC_CALLBACK_FAILED, 204 S2N_ERR_ASYNC_MORE_THAN_ONE, 205 S2N_ERR_PQ_CRYPTO, 206 S2N_ERR_PQ_DISABLED, 207 S2N_ERR_INVALID_CERT_STATE, 208 S2N_ERR_INVALID_EARLY_DATA_STATE, 209 S2N_ERR_T_INTERNAL_END, 210 211 /* S2N_ERR_T_USAGE */ 212 S2N_ERR_NO_ALERT = S2N_ERR_T_USAGE_START, 213 S2N_ERR_SERVER_MODE, 214 S2N_ERR_CLIENT_MODE, 215 S2N_ERR_CLIENT_MODE_DISABLED, 216 S2N_ERR_TOO_MANY_CERTIFICATES, 217 S2N_ERR_TOO_MANY_SIGNATURE_SCHEMES, 218 S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_FIPS_MODE, 219 S2N_ERR_INVALID_BASE64, 220 S2N_ERR_INVALID_HEX, 221 S2N_ERR_INVALID_PEM, 222 S2N_ERR_DH_PARAMS_CREATE, 223 S2N_ERR_DH_TOO_SMALL, 224 S2N_ERR_DH_PARAMETER_CHECK, 225 S2N_ERR_INVALID_PKCS3, 226 S2N_ERR_NO_CERTIFICATE_IN_PEM, 227 S2N_ERR_SERVER_NAME_TOO_LONG, 228 S2N_ERR_NUM_DEFAULT_CERTIFICATES, 229 S2N_ERR_MULTIPLE_DEFAULT_CERTIFICATES_PER_AUTH_TYPE, 230 S2N_ERR_INVALID_CIPHER_PREFERENCES, 231 S2N_ERR_INVALID_APPLICATION_PROTOCOL, 232 S2N_ERR_KEY_MISMATCH, 233 S2N_ERR_SEND_SIZE, 234 S2N_ERR_CORK_SET_ON_UNMANAGED, 235 S2N_ERR_UNRECOGNIZED_EXTENSION, 236 S2N_ERR_INVALID_SCT_LIST, 237 S2N_ERR_INVALID_OCSP_RESPONSE, 238 S2N_ERR_UPDATING_EXTENSION, 239 S2N_ERR_INVALID_SERIALIZED_SESSION_STATE, 240 S2N_ERR_SERIALIZED_SESSION_STATE_TOO_LONG, 241 S2N_ERR_SESSION_ID_TOO_LONG, 242 S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_SESSION_RESUMPTION_MODE, 243 S2N_ERR_INVALID_TICKET_KEY_LENGTH, 244 S2N_ERR_INVALID_TICKET_KEY_NAME_OR_NAME_LENGTH, 245 S2N_ERR_TICKET_KEY_NOT_UNIQUE, 246 S2N_ERR_TICKET_KEY_LIMIT, 247 S2N_ERR_NO_TICKET_ENCRYPT_DECRYPT_KEY, 248 S2N_ERR_ENCRYPT_DECRYPT_KEY_SELECTION_FAILED, 249 S2N_ERR_KEY_USED_IN_SESSION_TICKET_NOT_FOUND, 250 S2N_ERR_SENDING_NST, 251 S2N_ERR_INVALID_DYNAMIC_THRESHOLD, 252 S2N_ERR_INVALID_ARGUMENT, 253 S2N_ERR_NOT_IN_UNIT_TEST, 254 S2N_ERR_NOT_IN_TEST, 255 S2N_ERR_UNSUPPORTED_CPU, 256 S2N_ERR_SESSION_ID_TOO_SHORT, 257 S2N_ERR_CONNECTION_CACHING_DISALLOWED, 258 S2N_ERR_SESSION_TICKET_NOT_SUPPORTED, 259 S2N_ERR_OCSP_NOT_SUPPORTED, 260 S2N_ERR_INVALID_SIGNATURE_ALGORITHMS_PREFERENCES, 261 S2N_RSA_PSS_NOT_SUPPORTED, 262 S2N_ERR_INVALID_ECC_PREFERENCES, 263 S2N_ERR_INVALID_SECURITY_POLICY, 264 S2N_ERR_INVALID_KEM_PREFERENCES, 265 S2N_ERR_ASYNC_ALREADY_PERFORMED, 266 S2N_ERR_ASYNC_NOT_PERFORMED, 267 S2N_ERR_ASYNC_WRONG_CONNECTION, 268 S2N_ERR_ASYNC_APPLY_WHILE_INVOKING, 269 S2N_ERR_ASYNC_ALREADY_APPLIED, 270 S2N_ERR_UNSUPPORTED_WITH_QUIC, 271 S2N_ERR_DUPLICATE_PSK_IDENTITIES, 272 S2N_ERR_OFFERED_PSKS_TOO_LONG, 273 S2N_ERR_INVALID_SESSION_TICKET, 274 S2N_ERR_REENTRANCY, 275 S2N_ERR_INVALID_STATE, 276 S2N_ERR_EARLY_DATA_NOT_ALLOWED, 277 S2N_ERR_NO_CERT_FOUND, 278 S2N_ERR_CERT_NOT_VALIDATED, 279 S2N_ERR_NO_PRIVATE_KEY, 280 S2N_ERR_PSK_MODE, 281 S2N_ERR_X509_EXTENSION_VALUE_NOT_FOUND, 282 S2N_ERR_INVALID_X509_EXTENSION_TYPE, 283 S2N_ERR_INSUFFICIENT_MEM_SIZE, 284 S2N_ERR_KEYING_MATERIAL_EXPIRED, 285 S2N_ERR_T_USAGE_END, 286 } s2n_error; 287 288 #define S2N_DEBUG_STR_LEN 128 289 extern __thread const char *s2n_debug_str; 290 291 #define TO_STRING(s) #s 292 #define STRING_(s) TO_STRING(s) 293 #define STRING__LINE__ STRING_(__LINE__) 294 295 #define _S2N_DEBUG_LINE "Error encountered in " __FILE__ ":" STRING__LINE__ 296 #define _S2N_ERROR( x ) do { s2n_debug_str = _S2N_DEBUG_LINE; s2n_errno = ( x ); s2n_calculate_stacktrace(); } while (0) 297 #define S2N_ERROR( x ) do { _S2N_ERROR( ( x ) ); return -1; } while (0) 298 #define S2N_ERROR_PRESERVE_ERRNO() do { return -1; } while (0) 299 #define S2N_ERROR_PTR( x ) do { _S2N_ERROR( ( x ) ); return NULL; } while (0) 300 #define S2N_ERROR_IF( cond , x ) do { if ( cond ) { S2N_ERROR( x ); }} while (0) 301 #define S2N_ERROR_IS_BLOCKING( x ) ( s2n_error_get_type(x) == S2N_ERR_T_BLOCKED ) 302 303 /** Calculate and print stacktraces */ 304 struct s2n_stacktrace { 305 char **trace; 306 int trace_size; 307 }; 308 309 extern bool s2n_stack_traces_enabled(); 310 extern int s2n_stack_traces_enabled_set(bool newval); 311 312 extern int s2n_calculate_stacktrace(void); 313 extern int s2n_print_stacktrace(FILE *fptr); 314 extern int s2n_free_stacktrace(void); 315 extern int s2n_get_stacktrace(struct s2n_stacktrace *trace); 316 317 /* clang-format on */ 318