1 /* $OpenBSD: x509_err.c,v 1.17 2022/07/12 14:42:50 kn Exp $ */ 2 /* ==================================================================== 3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in 14 * the documentation and/or other materials provided with the 15 * distribution. 16 * 17 * 3. All advertising materials mentioning features or use of this 18 * software must display the following acknowledgment: 19 * "This product includes software developed by the OpenSSL Project 20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 21 * 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 23 * endorse or promote products derived from this software without 24 * prior written permission. For written permission, please contact 25 * openssl-core@OpenSSL.org. 26 * 27 * 5. Products derived from this software may not be called "OpenSSL" 28 * nor may "OpenSSL" appear in their names without prior written 29 * permission of the OpenSSL Project. 30 * 31 * 6. Redistributions of any form whatsoever must retain the following 32 * acknowledgment: 33 * "This product includes software developed by the OpenSSL Project 34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 35 * 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 47 * OF THE POSSIBILITY OF SUCH DAMAGE. 48 * ==================================================================== 49 * 50 * This product includes cryptographic software written by Eric Young 51 * (eay@cryptsoft.com). This product includes software written by Tim 52 * Hudson (tjh@cryptsoft.com). 53 * 54 */ 55 56 #include <stdio.h> 57 58 #include <openssl/opensslconf.h> 59 60 #include <openssl/err.h> 61 #include <openssl/x509.h> 62 #include <openssl/x509v3.h> 63 64 #ifndef OPENSSL_NO_ERR 65 66 #define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0) 67 #define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason) 68 69 static ERR_STRING_DATA X509_str_functs[] = { 70 {ERR_FUNC(0xfff), "CRYPTO_internal"}, 71 {0, NULL} 72 }; 73 74 static ERR_STRING_DATA X509V3_str_functs[] = { 75 {ERR_FUNC(0xfff), "CRYPTO_internal"}, 76 {0, NULL} 77 }; 78 79 static ERR_STRING_DATA X509_str_reasons[] = { 80 {ERR_REASON(X509_R_BAD_X509_FILETYPE) , "bad x509 filetype"}, 81 {ERR_REASON(X509_R_BASE64_DECODE_ERROR) , "base64 decode error"}, 82 {ERR_REASON(X509_R_CANT_CHECK_DH_KEY) , "cant check dh key"}, 83 {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE), "cert already in hash table"}, 84 {ERR_REASON(X509_R_ERR_ASN1_LIB) , "err asn1 lib"}, 85 {ERR_REASON(X509_R_INVALID_DIRECTORY) , "invalid directory"}, 86 {ERR_REASON(X509_R_INVALID_FIELD_NAME) , "invalid field name"}, 87 {ERR_REASON(X509_R_INVALID_TRUST) , "invalid trust"}, 88 {ERR_REASON(X509_R_KEY_TYPE_MISMATCH) , "key type mismatch"}, 89 {ERR_REASON(X509_R_KEY_VALUES_MISMATCH) , "key values mismatch"}, 90 {ERR_REASON(X509_R_LOADING_CERT_DIR) , "loading cert dir"}, 91 {ERR_REASON(X509_R_LOADING_DEFAULTS) , "loading defaults"}, 92 {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) , "method not supported"}, 93 {ERR_REASON(X509_R_NO_CERTIFICATE_OR_CRL_FOUND), "no certificate or crl found"}, 94 {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY), "no cert set for us to verify"}, 95 {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"}, 96 {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"}, 97 {ERR_REASON(X509_R_SHOULD_RETRY) , "should retry"}, 98 {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN), "unable to find parameters in chain"}, 99 {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY), "unable to get certs public key"}, 100 {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE) , "unknown key type"}, 101 {ERR_REASON(X509_R_UNKNOWN_NID) , "unknown nid"}, 102 {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID) , "unknown purpose id"}, 103 {ERR_REASON(X509_R_UNKNOWN_TRUST_ID) , "unknown trust id"}, 104 {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"}, 105 {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE) , "wrong lookup type"}, 106 {ERR_REASON(X509_R_WRONG_TYPE) , "wrong type"}, 107 {0, NULL} 108 }; 109 110 static ERR_STRING_DATA X509V3_str_reasons[] = { 111 {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"}, 112 {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"}, 113 {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"}, 114 {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"}, 115 {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"}, 116 {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"}, 117 {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"}, 118 {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"}, 119 {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"}, 120 {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"}, 121 {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"}, 122 {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"}, 123 {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"}, 124 {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"}, 125 {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"}, 126 {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"}, 127 {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"}, 128 {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"}, 129 {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"}, 130 {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"}, 131 {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"}, 132 {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"}, 133 {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"}, 134 {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"}, 135 {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"}, 136 {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"}, 137 {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"}, 138 {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"}, 139 {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"}, 140 {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"}, 141 {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"}, 142 {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"}, 143 {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"}, 144 {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"}, 145 {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"}, 146 {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"}, 147 {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"}, 148 {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"}, 149 {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"}, 150 {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"}, 151 {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"}, 152 {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"}, 153 {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"}, 154 {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"}, 155 {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"}, 156 {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"}, 157 {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"}, 158 {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"}, 159 {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"}, 160 {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"}, 161 {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"}, 162 {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"}, 163 {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"}, 164 {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"}, 165 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"}, 166 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"}, 167 {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"}, 168 {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"}, 169 {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"}, 170 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"}, 171 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"}, 172 {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"}, 173 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"}, 174 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"}, 175 {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"}, 176 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"}, 177 {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"}, 178 {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"}, 179 {0, NULL} 180 }; 181 182 #endif 183 184 void 185 ERR_load_X509_strings(void) 186 { 187 #ifndef OPENSSL_NO_ERR 188 if (ERR_func_error_string(X509_str_functs[0].error) == NULL) { 189 ERR_load_strings(0, X509_str_functs); 190 ERR_load_strings(0, X509_str_reasons); 191 } 192 #endif 193 } 194 195 196 void 197 ERR_load_X509V3_strings(void) 198 { 199 #ifndef OPENSSL_NO_ERR 200 if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) { 201 ERR_load_strings(0, X509V3_str_functs); 202 ERR_load_strings(0, X509V3_str_reasons); 203 } 204 #endif 205 } 206