diff options
| author | Michael Brown | 2012-03-27 00:34:49 +0200 |
|---|---|---|
| committer | Michael Brown | 2012-03-27 00:34:49 +0200 |
| commit | 0f0a94f2facd1da6ccde09fb213eb0f35cf02654 (patch) | |
| tree | 3801cf68b9abe0a66881f502fba09ff5398e2236 /src/crypto | |
| parent | [image] Log results of image signature checks (diff) | |
| download | ipxe-0f0a94f2facd1da6ccde09fb213eb0f35cf02654.tar.gz ipxe-0f0a94f2facd1da6ccde09fb213eb0f35cf02654.tar.xz ipxe-0f0a94f2facd1da6ccde09fb213eb0f35cf02654.zip | |
[crypto] Disambiguate all CMS errors
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/cms.c | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/src/crypto/cms.c b/src/crypto/cms.c index 1e253afa..12f17810 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -52,6 +52,27 @@ FILE_LICENCE ( GPL2_OR_LATER ); __einfo_error ( EINFO_EACCES_WRONG_NAME ) #define EINFO_EACCES_WRONG_NAME \ __einfo_uniqify ( EINFO_EACCES, 0x04, "Incorrect certificate name" ) +#define EINVAL_DIGEST \ + __einfo_error ( EINFO_EINVAL_DIGEST ) +#define EINFO_EINVAL_DIGEST \ + __einfo_uniqify ( EINFO_EINVAL, 0x01, "Not a digest algorithm" ) +#define EINVAL_PUBKEY \ + __einfo_error ( EINFO_EINVAL_PUBKEY ) +#define EINFO_EINVAL_PUBKEY \ + __einfo_uniqify ( EINFO_EINVAL, 0x02, "Not a public-key algorithm" ) +#define ENOTSUP_SIGNEDDATA \ + __einfo_error ( EINFO_ENOTSUP_SIGNEDDATA ) +#define EINFO_ENOTSUP_SIGNEDDATA \ + __einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Not a digital signature" ) +#define ENOTSUP_DIGEST \ + __einfo_error ( EINFO_ENOTSUP_DIGEST ) +#define EINFO_ENOTSUP_DIGEST \ + __einfo_uniqify ( EINFO_ENOTSUP, 0x02, "Unsupported digest algorithm" ) +#define ENOTSUP_PUBKEY \ + __einfo_error ( EINFO_ENOTSUP_PUBKEY ) +#define EINFO_ENOTSUP_PUBKEY \ + __einfo_uniqify ( EINFO_ENOTSUP, 0x03, \ + "Unsupported public-key algorithm" ) /** "pkcs7-signedData" object identifier */ static uint8_t oid_signeddata[] = { ASN1_OID_SIGNEDDATA }; @@ -79,7 +100,7 @@ static int cms_parse_content_type ( struct cms_signature *sig, if ( asn1_compare ( &cursor, &oid_signeddata_cursor ) != 0 ) { DBGC ( sig, "CMS %p does not contain signedData:\n", sig ); DBGC_HDA ( sig, 0, raw->data, raw->len ); - return -ENOTSUP; + return -ENOTSUP_SIGNEDDATA; } DBGC ( sig, "CMS %p contains signedData\n", sig ); @@ -149,14 +170,14 @@ static int cms_parse_digest_algorithm ( struct cms_signature *sig, DBGC ( sig, "CMS %p/%p could not identify digest algorithm:\n", sig, info ); DBGC_HDA ( sig, 0, raw->data, raw->len ); - return -ENOTSUP; + return -ENOTSUP_DIGEST; } /* Check algorithm is a digest algorithm */ if ( ! algorithm->digest ) { DBGC ( sig, "CMS %p/%p algorithm %s is not a digest " "algorithm\n", sig, info, algorithm->name ); - return -EINVAL; + return -EINVAL_DIGEST; } /* Record digest algorithm */ @@ -186,14 +207,14 @@ static int cms_parse_signature_algorithm ( struct cms_signature *sig, DBGC ( sig, "CMS %p/%p could not identify public-key " "algorithm:\n", sig, info ); DBGC_HDA ( sig, 0, raw->data, raw->len ); - return -ENOTSUP; + return -ENOTSUP_PUBKEY; } /* Check algorithm is a signature algorithm */ if ( ! algorithm->pubkey ) { DBGC ( sig, "CMS %p/%p algorithm %s is not a public-key " "algorithm\n", sig, info, algorithm->name ); - return -EINVAL; + return -EINVAL_PUBKEY; } /* Record signature algorithm */ |