Fix HMAC_DRBG and RIPEMD160 error codes

include/polarssl/error.h

@@ -41,15 +41,17 @@
  *
  * 16 bit error code bit-segmentation
  *
- * 1 bit  - Intentionally not used
+ * 1 bit  - Sign bit
  * 3 bits - High level module ID
  * 5 bits - Module-dependent error code
- * 6 bits - Low level module errors
+ * 7 bits - Low level module errors
- * 1 bit  - Intentionally not used
  *
- * Low-level module errors (0x007E-0x0002)
+ * For historical reasons, low-level error codes are divided in even and odd,
+ * and even codes were assigned first.
  *
- * Module   Nr  Codes assigned 
+ * Low-level module errors (0x0001-0x00FF)
+ *
+ * Module   Nr  Codes assigned
  * MPI       7  0x0002-0x0010
  * GCM       2  0x0012-0x0014
  * BLOWFISH  2  0x0016-0x0018
@@ -61,7 +63,7 @@
  * OID       1  0x002E-0x002E
  * PADLOCK   1  0x0030-0x0030
  * DES       1  0x0032-0x0032
- * CTR_DBRG  3  0x0034-0x003A
+ * CTR_DBRG  4  0x0034-0x003A
  * ENTROPY   3  0x003C-0x0040
  * NET      11  0x0042-0x0056
  * ASN1      7  0x0060-0x006C
@@ -72,6 +74,8 @@
  * SHA256    1  0x0078-0x0078
  * SHA512    1  0x007A-0x007A
  * PBKDF2    1  0x007C-0x007C
+ * RIPEMD160 1  0x007E-0x007E
+ * HMAC_DRBG 4  0x0001-0x0007
  *
  * High-level module nr (3 bits - 0x1...-0x8...)
  * Name      ID  Nr of Errors
@@ -88,7 +92,7 @@
  * SSL       6   8 (Started from top)
  * SSL       7   31
  *
- * Module dependent error code (5 bits 0x.08.-0x.F8.)
+ * Module dependent error code (5 bits 0x.00.-0x.F8.)
  */
 
 #ifdef __cplusplus

include/polarssl/hmac_drbg.h

@@ -32,10 +32,10 @@
 /*
  * ! Same values as ctr_drbg.h !
  */
-#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED        -0x0034  /**< The entropy source failed. */
+#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED        -0x0001  /**< The entropy source failed. */
-#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG              -0x0036  /**< Too many random requested in single call. */
+#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG              -0x0003  /**< Too many random requested in single call. */
-#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG                -0x0038  /**< Input too large (Entropy + additional). */
+#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG                -0x0005  /**< Input too large (Entropy + additional). */
-#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR                -0x003A  /**< Read/write error in file. */
+#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR                -0x0007  /**< Read/write error in file. */
 
 #if !defined(POLARSSL_CONFIG_OPTIONS)
 #define POLARSSL_HMAC_DRBG_RESEED_INTERVAL   10000   /**< Interval before reseed is performed by default */

include/polarssl/ripemd160.h

@@ -38,7 +38,7 @@ typedef UINT32 uint32_t;
 #include <inttypes.h>
 #endif
 
-#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR              -0x0074  /**< Read/write error in file. */
+#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR              -0x007E  /**< Read/write error in file. */
 
 #if !defined(POLARSSL_RIPEMD160_ALT)
 // Regular implementation

library/error.c

@@ -77,6 +77,10 @@
 #include "polarssl/gcm.h"
 #endif
 
+#if defined(POLARSSL_HMAC_DRBG_C)
+#include "polarssl/hmac_drbg.h"
+#endif
+
 #if defined(POLARSSL_MD_C)
 #include "polarssl/md.h"
 #endif
@@ -125,6 +129,10 @@
 #include "polarssl/pkcs5.h"
 #endif
 
+#if defined(POLARSSL_RIPEMD160_C)
+#include "polarssl/ripemd160.h"
+#endif
+
 #if defined(POLARSSL_RSA_C)
 #include "polarssl/rsa.h"
 #endif
@@ -589,6 +597,17 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
         snprintf( buf, buflen, "GCM - Bad input parameters to function" );
 #endif /* POLARSSL_GCM_C */
 
+#if defined(POLARSSL_HMAC_DRBG_C)
+    if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) )
+        snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
+    if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG) )
+        snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" );
+    if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG) )
+        snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" );
+    if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR) )
+        snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" );
+#endif /* POLARSSL_HMAC_DRBG_C */
+
 #if defined(POLARSSL_MD2_C)
     if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) )
         snprintf( buf, buflen, "MD2 - Read/write error in file" );
@@ -644,6 +663,11 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
         snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" );
 #endif /* POLARSSL_PBKDF2_C */
 
+#if defined(POLARSSL_RIPEMD160_C)
+    if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) )
+        snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" );
+#endif /* POLARSSL_RIPEMD160_C */
+
 #if defined(POLARSSL_SHA1_C)
     if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) )
         snprintf( buf, buflen, "SHA1 - Read/write error in file" );

scripts/generate_errors.pl

@@ -11,8 +11,8 @@ my $error_format_file = $data_dir.'/error.fmt';
 my @low_level_modules = ( "AES", "ASN1", "BLOWFISH", "CAMELLIA", "BIGNUM",
                           "BASE64", "XTEA", "PBKDF2", "OID",
                           "PADLOCK", "DES", "NET", "CTR_DRBG", "ENTROPY",
-                          "MD2", "MD4", "MD5", "SHA1", "SHA256", "SHA512",
+                          "HMAC_DRBG", "MD2", "MD4", "MD5", "RIPEMD160",
-                          "GCM", "THREADING" );
+                          "SHA1", "SHA256", "SHA512", "GCM", "THREADING" );
 my @high_level_modules = ( "PEM", "X509", "DHM", "RSA", "ECP", "MD", "CIPHER", "SSL",
                            "PK", "PKCS12", "PKCS5" );
 
@@ -48,6 +48,7 @@ while (my $line = <GREP>)
     # Fix faulty ones
     $module_name = "BIGNUM" if ($module_name eq "MPI");
     $module_name = "CTR_DRBG" if ($module_name eq "CTR");
+    $module_name = "HMAC_DRBG" if ($module_name eq "HMAC");
 
     my $define_name = $module_name;
     $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509");