1*de0e0e4dSAntonio Huete Jimenez /* $OpenBSD: x509_err.c,v 1.17 2022/07/12 14:42:50 kn Exp $ */
2f5b1c8a1SJohn Marino /* ====================================================================
3f5b1c8a1SJohn Marino * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
4f5b1c8a1SJohn Marino *
5f5b1c8a1SJohn Marino * Redistribution and use in source and binary forms, with or without
6f5b1c8a1SJohn Marino * modification, are permitted provided that the following conditions
7f5b1c8a1SJohn Marino * are met:
8f5b1c8a1SJohn Marino *
9f5b1c8a1SJohn Marino * 1. Redistributions of source code must retain the above copyright
10f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer.
11f5b1c8a1SJohn Marino *
12f5b1c8a1SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright
13f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer in
14f5b1c8a1SJohn Marino * the documentation and/or other materials provided with the
15f5b1c8a1SJohn Marino * distribution.
16f5b1c8a1SJohn Marino *
17f5b1c8a1SJohn Marino * 3. All advertising materials mentioning features or use of this
18f5b1c8a1SJohn Marino * software must display the following acknowledgment:
19f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project
20f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21f5b1c8a1SJohn Marino *
22f5b1c8a1SJohn Marino * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23f5b1c8a1SJohn Marino * endorse or promote products derived from this software without
24f5b1c8a1SJohn Marino * prior written permission. For written permission, please contact
25f5b1c8a1SJohn Marino * openssl-core@OpenSSL.org.
26f5b1c8a1SJohn Marino *
27f5b1c8a1SJohn Marino * 5. Products derived from this software may not be called "OpenSSL"
28f5b1c8a1SJohn Marino * nor may "OpenSSL" appear in their names without prior written
29f5b1c8a1SJohn Marino * permission of the OpenSSL Project.
30f5b1c8a1SJohn Marino *
31f5b1c8a1SJohn Marino * 6. Redistributions of any form whatsoever must retain the following
32f5b1c8a1SJohn Marino * acknowledgment:
33f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project
34f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35f5b1c8a1SJohn Marino *
36f5b1c8a1SJohn Marino * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37f5b1c8a1SJohn Marino * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38f5b1c8a1SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39f5b1c8a1SJohn Marino * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40f5b1c8a1SJohn Marino * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41f5b1c8a1SJohn Marino * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42f5b1c8a1SJohn Marino * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43f5b1c8a1SJohn Marino * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44f5b1c8a1SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45f5b1c8a1SJohn Marino * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46f5b1c8a1SJohn Marino * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47f5b1c8a1SJohn Marino * OF THE POSSIBILITY OF SUCH DAMAGE.
48f5b1c8a1SJohn Marino * ====================================================================
49f5b1c8a1SJohn Marino *
50f5b1c8a1SJohn Marino * This product includes cryptographic software written by Eric Young
51f5b1c8a1SJohn Marino * (eay@cryptsoft.com). This product includes software written by Tim
52f5b1c8a1SJohn Marino * Hudson (tjh@cryptsoft.com).
53f5b1c8a1SJohn Marino *
54f5b1c8a1SJohn Marino */
55f5b1c8a1SJohn Marino
56f5b1c8a1SJohn Marino #include <stdio.h>
57f5b1c8a1SJohn Marino
58f5b1c8a1SJohn Marino #include <openssl/opensslconf.h>
59f5b1c8a1SJohn Marino
60f5b1c8a1SJohn Marino #include <openssl/err.h>
61f5b1c8a1SJohn Marino #include <openssl/x509.h>
628edacedfSDaniel Fojt #include <openssl/x509v3.h>
63f5b1c8a1SJohn Marino
64f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_ERR
65f5b1c8a1SJohn Marino
66f5b1c8a1SJohn Marino #define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
67f5b1c8a1SJohn Marino #define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
68f5b1c8a1SJohn Marino
69f5b1c8a1SJohn Marino static ERR_STRING_DATA X509_str_functs[] = {
7072c33676SMaxim Ag {ERR_FUNC(0xfff), "CRYPTO_internal"},
71f5b1c8a1SJohn Marino {0, NULL}
72f5b1c8a1SJohn Marino };
73f5b1c8a1SJohn Marino
748edacedfSDaniel Fojt static ERR_STRING_DATA X509V3_str_functs[] = {
758edacedfSDaniel Fojt {ERR_FUNC(0xfff), "CRYPTO_internal"},
768edacedfSDaniel Fojt {0, NULL}
778edacedfSDaniel Fojt };
788edacedfSDaniel Fojt
79f5b1c8a1SJohn Marino static ERR_STRING_DATA X509_str_reasons[] = {
80f5b1c8a1SJohn Marino {ERR_REASON(X509_R_BAD_X509_FILETYPE) , "bad x509 filetype"},
81f5b1c8a1SJohn Marino {ERR_REASON(X509_R_BASE64_DECODE_ERROR) , "base64 decode error"},
82f5b1c8a1SJohn Marino {ERR_REASON(X509_R_CANT_CHECK_DH_KEY) , "cant check dh key"},
83f5b1c8a1SJohn Marino {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE), "cert already in hash table"},
84f5b1c8a1SJohn Marino {ERR_REASON(X509_R_ERR_ASN1_LIB) , "err asn1 lib"},
85f5b1c8a1SJohn Marino {ERR_REASON(X509_R_INVALID_DIRECTORY) , "invalid directory"},
86f5b1c8a1SJohn Marino {ERR_REASON(X509_R_INVALID_FIELD_NAME) , "invalid field name"},
87f5b1c8a1SJohn Marino {ERR_REASON(X509_R_INVALID_TRUST) , "invalid trust"},
88f5b1c8a1SJohn Marino {ERR_REASON(X509_R_KEY_TYPE_MISMATCH) , "key type mismatch"},
89f5b1c8a1SJohn Marino {ERR_REASON(X509_R_KEY_VALUES_MISMATCH) , "key values mismatch"},
90f5b1c8a1SJohn Marino {ERR_REASON(X509_R_LOADING_CERT_DIR) , "loading cert dir"},
91f5b1c8a1SJohn Marino {ERR_REASON(X509_R_LOADING_DEFAULTS) , "loading defaults"},
92f5b1c8a1SJohn Marino {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) , "method not supported"},
93*de0e0e4dSAntonio Huete Jimenez {ERR_REASON(X509_R_NO_CERTIFICATE_OR_CRL_FOUND), "no certificate or crl found"},
94f5b1c8a1SJohn Marino {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY), "no cert set for us to verify"},
95f5b1c8a1SJohn Marino {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
96f5b1c8a1SJohn Marino {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
97f5b1c8a1SJohn Marino {ERR_REASON(X509_R_SHOULD_RETRY) , "should retry"},
98f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN), "unable to find parameters in chain"},
99f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY), "unable to get certs public key"},
100f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE) , "unknown key type"},
101f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNKNOWN_NID) , "unknown nid"},
102f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID) , "unknown purpose id"},
103f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNKNOWN_TRUST_ID) , "unknown trust id"},
104f5b1c8a1SJohn Marino {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
105f5b1c8a1SJohn Marino {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE) , "wrong lookup type"},
106f5b1c8a1SJohn Marino {ERR_REASON(X509_R_WRONG_TYPE) , "wrong type"},
107f5b1c8a1SJohn Marino {0, NULL}
108f5b1c8a1SJohn Marino };
109f5b1c8a1SJohn Marino
1108edacedfSDaniel Fojt static ERR_STRING_DATA X509V3_str_reasons[] = {
1118edacedfSDaniel Fojt {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"},
1128edacedfSDaniel Fojt {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"},
1138edacedfSDaniel Fojt {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"},
1148edacedfSDaniel Fojt {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
1158edacedfSDaniel Fojt {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"},
1168edacedfSDaniel Fojt {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
1178edacedfSDaniel Fojt {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"},
1188edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
1198edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
1208edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
1218edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
1228edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"},
1238edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
1248edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
1258edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
1268edacedfSDaniel Fojt {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
1278edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
1288edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"},
1298edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
1308edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
1318edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"},
1328edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"},
1338edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
1348edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
1358edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
1368edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"},
1378edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"},
1388edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
1398edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"},
1408edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
1418edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"},
1428edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"},
1438edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
1448edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"},
1458edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
1468edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
1478edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"},
1488edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"},
1498edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"},
1508edacedfSDaniel Fojt {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"},
1518edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
1528edacedfSDaniel Fojt {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"},
1538edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
1548edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
1558edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
1568edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"},
1578edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
1588edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
1598edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"},
1608edacedfSDaniel Fojt {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
1618edacedfSDaniel Fojt {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
1628edacedfSDaniel Fojt {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
1638edacedfSDaniel Fojt {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"},
1648edacedfSDaniel Fojt {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
1658edacedfSDaniel Fojt {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
1668edacedfSDaniel Fojt {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
1678edacedfSDaniel Fojt {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
1688edacedfSDaniel Fojt {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
1698edacedfSDaniel Fojt {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"},
1708edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
1718edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
1728edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
1738edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"},
1748edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
1758edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"},
1768edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
1778edacedfSDaniel Fojt {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"},
1788edacedfSDaniel Fojt {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"},
1798edacedfSDaniel Fojt {0, NULL}
1808edacedfSDaniel Fojt };
1818edacedfSDaniel Fojt
182f5b1c8a1SJohn Marino #endif
183f5b1c8a1SJohn Marino
184f5b1c8a1SJohn Marino void
ERR_load_X509_strings(void)185f5b1c8a1SJohn Marino ERR_load_X509_strings(void)
186f5b1c8a1SJohn Marino {
187f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_ERR
188f5b1c8a1SJohn Marino if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
189f5b1c8a1SJohn Marino ERR_load_strings(0, X509_str_functs);
190f5b1c8a1SJohn Marino ERR_load_strings(0, X509_str_reasons);
191f5b1c8a1SJohn Marino }
192f5b1c8a1SJohn Marino #endif
193f5b1c8a1SJohn Marino }
1948edacedfSDaniel Fojt
1958edacedfSDaniel Fojt
1968edacedfSDaniel Fojt void
ERR_load_X509V3_strings(void)1978edacedfSDaniel Fojt ERR_load_X509V3_strings(void)
1988edacedfSDaniel Fojt {
1998edacedfSDaniel Fojt #ifndef OPENSSL_NO_ERR
2008edacedfSDaniel Fojt if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
2018edacedfSDaniel Fojt ERR_load_strings(0, X509V3_str_functs);
2028edacedfSDaniel Fojt ERR_load_strings(0, X509V3_str_reasons);
2038edacedfSDaniel Fojt }
2048edacedfSDaniel Fojt #endif
2058edacedfSDaniel Fojt }
206