SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398
							/*
 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */

#pragma once

#include <stdbool.h>
#include <stdio.h>
#include <string.h>

#include "api/s2n.h"
#include "utils/s2n_ensure.h"

/*
 * To easily retrieve error types, we split error values into two parts.
 * The upper 6 bits describe the error type and the lower bits describe the value within the category.
 * [ Error Type Bits(31-26) ][ Value Bits(25-0) ]
 */
#define S2N_ERR_NUM_VALUE_BITS 26

/* Start value for each error type. */
#define S2N_ERR_T_OK_START       (S2N_ERR_T_OK << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_IO_START       (S2N_ERR_T_IO << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_CLOSED_START   (S2N_ERR_T_CLOSED << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_BLOCKED_START  (S2N_ERR_T_BLOCKED << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_ALERT_START    (S2N_ERR_T_ALERT << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_PROTO_START    (S2N_ERR_T_PROTO << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_INTERNAL_START (S2N_ERR_T_INTERNAL << S2N_ERR_NUM_VALUE_BITS)
#define S2N_ERR_T_USAGE_START    (S2N_ERR_T_USAGE << S2N_ERR_NUM_VALUE_BITS)

/* Order of values in this enum is important. New error values should be placed at the end of their respective category.
 * For example, a new TLS protocol related error belongs in the S2N_ERR_T_PROTO category. It should be placed
 * immediately before S2N_ERR_T_INTERNAL_START(the first value of he next category).
 */
typedef enum {
    /* S2N_ERR_T_OK */
    S2N_ERR_OK = S2N_ERR_T_OK_START,
    S2N_ERR_T_OK_END,

    /* S2N_ERR_T_IO */
    S2N_ERR_IO = S2N_ERR_T_IO_START,
    S2N_ERR_T_IO_END,

    /* S2N_ERR_T_CLOSED */
    S2N_ERR_CLOSED = S2N_ERR_T_CLOSED_START,
    S2N_ERR_T_CLOSED_END,

    /* S2N_ERR_T_BLOCKED */
    S2N_ERR_IO_BLOCKED = S2N_ERR_T_BLOCKED_START,
    S2N_ERR_ASYNC_BLOCKED,
    S2N_ERR_EARLY_DATA_BLOCKED,
    S2N_ERR_APP_DATA_BLOCKED,
    S2N_ERR_T_BLOCKED_END,

    /* S2N_ERR_T_ALERT */
    S2N_ERR_ALERT = S2N_ERR_T_ALERT_START,
    S2N_ERR_T_ALERT_END,

    /* S2N_ERR_T_PROTO */
    S2N_ERR_ENCRYPT = S2N_ERR_T_PROTO_START,
    S2N_ERR_DECRYPT,
    S2N_ERR_BAD_MESSAGE,
    S2N_ERR_KEY_INIT,
    S2N_ERR_KEY_DESTROY,
    S2N_ERR_DH_SERIALIZING,
    S2N_ERR_DH_SHARED_SECRET,
    S2N_ERR_DH_WRITING_PUBLIC_KEY,
    S2N_ERR_DH_FAILED_SIGNING,
    S2N_ERR_DH_COPYING_PARAMETERS,
    S2N_ERR_DH_GENERATING_PARAMETERS,
    S2N_ERR_CIPHER_NOT_SUPPORTED,
    S2N_ERR_NO_APPLICATION_PROTOCOL,
    S2N_ERR_FALLBACK_DETECTED,
    S2N_ERR_HASH_DIGEST_FAILED,
    S2N_ERR_HASH_INIT_FAILED,
    S2N_ERR_HASH_UPDATE_FAILED,
    S2N_ERR_HASH_COPY_FAILED,
    S2N_ERR_HASH_WIPE_FAILED,
    S2N_ERR_HASH_NOT_READY,
    S2N_ERR_ALLOW_MD5_FOR_FIPS_FAILED,
    S2N_ERR_DECODE_CERTIFICATE,
    S2N_ERR_DECODE_PRIVATE_KEY,
    S2N_ERR_INVALID_HELLO_RETRY,
    S2N_ERR_INVALID_SIGNATURE_ALGORITHM,
    S2N_ERR_INVALID_SIGNATURE_SCHEME,
    S2N_ERR_CBC_VERIFY,
    S2N_ERR_DH_COPYING_PUBLIC_KEY,
    S2N_ERR_SIGN,
    S2N_ERR_VERIFY_SIGNATURE,
    S2N_ERR_ECDHE_GEN_KEY,
    S2N_ERR_ECDHE_SHARED_SECRET,
    S2N_ERR_ECDHE_UNSUPPORTED_CURVE,
    S2N_ERR_ECDSA_UNSUPPORTED_CURVE,
    S2N_ERR_ECDHE_SERIALIZING,
    S2N_ERR_KEM_UNSUPPORTED_PARAMS,
    S2N_ERR_SHUTDOWN_RECORD_TYPE,
    S2N_ERR_SHUTDOWN_CLOSED,
    S2N_ERR_NON_EMPTY_RENEGOTIATION_INFO,
    S2N_ERR_RECORD_LIMIT,
    S2N_ERR_CERT_UNTRUSTED,
    S2N_ERR_CERT_REVOKED,
    S2N_ERR_CERT_NOT_YET_VALID,
    S2N_ERR_CERT_EXPIRED,
    S2N_ERR_CERT_TYPE_UNSUPPORTED,
    S2N_ERR_CERT_INVALID,
    S2N_ERR_CERT_MAX_CHAIN_DEPTH_EXCEEDED,
    S2N_ERR_CERT_REJECTED,
    S2N_ERR_CRL_LOOKUP_FAILED,
    S2N_ERR_CRL_SIGNATURE,
    S2N_ERR_CRL_ISSUER,
    S2N_ERR_CRL_UNHANDLED_CRITICAL_EXTENSION,
    S2N_ERR_CRL_INVALID_THIS_UPDATE,
    S2N_ERR_CRL_INVALID_NEXT_UPDATE,
    S2N_ERR_CRL_NOT_YET_VALID,
    S2N_ERR_CRL_EXPIRED,
    S2N_ERR_INVALID_MAX_FRAG_LEN,
    S2N_ERR_MAX_FRAG_LEN_MISMATCH,
    S2N_ERR_PROTOCOL_VERSION_UNSUPPORTED,
    S2N_ERR_BAD_KEY_SHARE,
    S2N_ERR_CANCELLED,
    S2N_ERR_PROTOCOL_DOWNGRADE_DETECTED,
    S2N_ERR_MAX_INNER_PLAINTEXT_SIZE,
    S2N_ERR_RECORD_STUFFER_SIZE,
    S2N_ERR_FRAGMENT_LENGTH_TOO_LARGE,
    S2N_ERR_FRAGMENT_LENGTH_TOO_SMALL,
    S2N_ERR_RECORD_STUFFER_NEEDS_DRAINING,
    S2N_ERR_MISSING_EXTENSION,
    S2N_ERR_UNSUPPORTED_EXTENSION,
    S2N_ERR_DUPLICATE_EXTENSION,
    S2N_ERR_MAX_EARLY_DATA_SIZE,
    S2N_ERR_EARLY_DATA_TRIAL_DECRYPT,
    S2N_ERR_NO_RENEGOTIATION,
    S2N_ERR_T_PROTO_END,

    /* S2N_ERR_T_INTERNAL */
    S2N_ERR_MADVISE = S2N_ERR_T_INTERNAL_START,
    S2N_ERR_ALLOC,
    S2N_ERR_MLOCK,
    S2N_ERR_MUNLOCK,
    S2N_ERR_FSTAT,
    S2N_ERR_OPEN,
    S2N_ERR_MMAP,
    S2N_ERR_ATEXIT,
    S2N_ERR_NOMEM,
    S2N_ERR_NULL,
    S2N_ERR_SAFETY,
    S2N_ERR_INITIALIZED,
    S2N_ERR_NOT_INITIALIZED,
    S2N_ERR_RANDOM_UNINITIALIZED,
    S2N_ERR_OPEN_RANDOM,
    S2N_ERR_RESIZE_STATIC_STUFFER,
    S2N_ERR_RESIZE_TAINTED_STUFFER,
    S2N_ERR_STUFFER_OUT_OF_DATA,
    S2N_ERR_STUFFER_IS_FULL,
    S2N_ERR_STUFFER_NOT_FOUND,
    S2N_ERR_STUFFER_HAS_UNPROCESSED_DATA,
    S2N_ERR_HASH_INVALID_ALGORITHM,
    S2N_ERR_PRF_INVALID_ALGORITHM,
    S2N_ERR_PRF_INVALID_SEED,
    S2N_ERR_PRF_DERIVE,
    S2N_ERR_P_HASH_INVALID_ALGORITHM,
    S2N_ERR_P_HASH_INIT_FAILED,
    S2N_ERR_P_HASH_UPDATE_FAILED,
    S2N_ERR_P_HASH_FINAL_FAILED,
    S2N_ERR_P_HASH_WIPE_FAILED,
    S2N_ERR_HMAC_INVALID_ALGORITHM,
    S2N_ERR_HKDF_OUTPUT_SIZE,
    S2N_ERR_HKDF,
    S2N_ERR_ALERT_PRESENT,
    S2N_ERR_HANDSHAKE_STATE,
    S2N_ERR_SHUTDOWN_PAUSED,
    S2N_ERR_SIZE_MISMATCH,
    S2N_ERR_DRBG,
    S2N_ERR_DRBG_REQUEST_SIZE,
    S2N_ERR_KEY_CHECK,
    S2N_ERR_CIPHER_TYPE,
    S2N_ERR_MAP_DUPLICATE,
    S2N_ERR_MAP_IMMUTABLE,
    S2N_ERR_MAP_MUTABLE,
    S2N_ERR_MAP_INVALID_MAP_SIZE,
    S2N_ERR_INITIAL_HMAC,
    S2N_ERR_INVALID_NONCE_TYPE,
    S2N_ERR_UNIMPLEMENTED,
    S2N_ERR_HANDSHAKE_UNREACHABLE,
    S2N_ERR_READ,
    S2N_ERR_WRITE,
    S2N_ERR_BAD_FD,
    S2N_ERR_RDRAND_FAILED,
    S2N_ERR_FAILED_CACHE_RETRIEVAL,
    S2N_ERR_X509_TRUST_STORE,
    S2N_ERR_UNKNOWN_PROTOCOL_VERSION,
    S2N_ERR_NULL_CN_NAME,
    S2N_ERR_NULL_SANS,
    S2N_ERR_CLIENT_HELLO_VERSION,
    S2N_ERR_CLIENT_PROTOCOL_VERSION,
    S2N_ERR_SERVER_PROTOCOL_VERSION,
    S2N_ERR_ACTUAL_PROTOCOL_VERSION,
    S2N_ERR_POLLING_FROM_SOCKET,
    S2N_ERR_RECV_STUFFER_FROM_CONN,
    S2N_ERR_SEND_STUFFER_TO_CONN,
    S2N_ERR_PRECONDITION_VIOLATION,
    S2N_ERR_POSTCONDITION_VIOLATION,
    S2N_ERR_INTEGER_OVERFLOW,
    S2N_ERR_ARRAY_INDEX_OOB,
    S2N_ERR_FREE_STATIC_BLOB,
    S2N_ERR_RESIZE_STATIC_BLOB,
    S2N_ERR_NO_SUPPORTED_LIBCRYPTO_API,
    S2N_ERR_RECORD_LENGTH_TOO_LARGE,
    S2N_ERR_SET_DUPLICATE_VALUE,
    S2N_ERR_INVALID_PARSED_EXTENSIONS,
    S2N_ERR_ASYNC_CALLBACK_FAILED,
    S2N_ERR_ASYNC_MORE_THAN_ONE,
    S2N_ERR_PQ_CRYPTO,
    S2N_ERR_PQ_DISABLED,
    S2N_ERR_INVALID_CERT_STATE,
    S2N_ERR_INVALID_EARLY_DATA_STATE,
    S2N_ERR_PKEY_CTX_INIT,
    S2N_ERR_FORK_DETECTION_INIT,
    S2N_ERR_RETRIEVE_FORK_GENERATION_NUMBER,
    S2N_ERR_LIBCRYPTO_VERSION_NUMBER_MISMATCH,
    S2N_ERR_LIBCRYPTO_VERSION_NAME_MISMATCH,
    S2N_ERR_OSSL_PROVIDER,
    S2N_ERR_TEST_ASSERTION,
    S2N_ERR_T_INTERNAL_END,

    /* S2N_ERR_T_USAGE */
    S2N_ERR_NO_ALERT = S2N_ERR_T_USAGE_START,
    S2N_ERR_SERVER_MODE,
    S2N_ERR_CLIENT_MODE,
    S2N_ERR_CLIENT_MODE_DISABLED,
    S2N_ERR_TOO_MANY_CERTIFICATES,
    S2N_ERR_TOO_MANY_SIGNATURE_SCHEMES,
    S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_FIPS_MODE,
    S2N_ERR_INVALID_BASE64,
    S2N_ERR_INVALID_HEX,
    S2N_ERR_INVALID_PEM,
    S2N_ERR_DH_PARAMS_CREATE,
    S2N_ERR_DH_TOO_SMALL,
    S2N_ERR_DH_PARAMETER_CHECK,
    S2N_ERR_INVALID_PKCS3,
    S2N_ERR_NO_CERTIFICATE_IN_PEM,
    S2N_ERR_SERVER_NAME_TOO_LONG,
    S2N_ERR_NUM_DEFAULT_CERTIFICATES,
    S2N_ERR_MULTIPLE_DEFAULT_CERTIFICATES_PER_AUTH_TYPE,
    S2N_ERR_INVALID_CIPHER_PREFERENCES,
    S2N_ERR_INVALID_APPLICATION_PROTOCOL,
    S2N_ERR_KEY_MISMATCH,
    S2N_ERR_SEND_SIZE,
    S2N_ERR_CORK_SET_ON_UNMANAGED,
    S2N_ERR_UNRECOGNIZED_EXTENSION,
    S2N_ERR_EXTENSION_NOT_RECEIVED,
    S2N_ERR_INVALID_SCT_LIST,
    S2N_ERR_INVALID_OCSP_RESPONSE,
    S2N_ERR_UPDATING_EXTENSION,
    S2N_ERR_INVALID_SERIALIZED_SESSION_STATE,
    S2N_ERR_SERIALIZED_SESSION_STATE_TOO_LONG,
    S2N_ERR_SESSION_ID_TOO_LONG,
    S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_SESSION_RESUMPTION_MODE,
    S2N_ERR_INVALID_TICKET_KEY_LENGTH,
    S2N_ERR_INVALID_TICKET_KEY_NAME_OR_NAME_LENGTH,
    S2N_ERR_TICKET_KEY_NOT_UNIQUE,
    S2N_ERR_TICKET_KEY_LIMIT,
    S2N_ERR_NO_TICKET_ENCRYPT_DECRYPT_KEY,
    S2N_ERR_ENCRYPT_DECRYPT_KEY_SELECTION_FAILED,
    S2N_ERR_KEY_USED_IN_SESSION_TICKET_NOT_FOUND,
    S2N_ERR_SENDING_NST,
    S2N_ERR_INVALID_DYNAMIC_THRESHOLD,
    S2N_ERR_INVALID_ARGUMENT,
    S2N_ERR_NOT_IN_UNIT_TEST,
    S2N_ERR_NOT_IN_TEST,
    S2N_ERR_UNSUPPORTED_CPU,
    S2N_ERR_SESSION_ID_TOO_SHORT,
    S2N_ERR_CONNECTION_CACHING_DISALLOWED,
    S2N_ERR_SESSION_TICKET_NOT_SUPPORTED,
    S2N_ERR_OCSP_NOT_SUPPORTED,
    S2N_ERR_INVALID_SIGNATURE_ALGORITHMS_PREFERENCES,
    S2N_ERR_RSA_PSS_NOT_SUPPORTED,
    S2N_ERR_INVALID_ECC_PREFERENCES,
    S2N_ERR_INVALID_SECURITY_POLICY,
    S2N_ERR_INVALID_KEM_PREFERENCES,
    S2N_ERR_ASYNC_ALREADY_PERFORMED,
    S2N_ERR_ASYNC_NOT_PERFORMED,
    S2N_ERR_ASYNC_WRONG_CONNECTION,
    S2N_ERR_ASYNC_ALREADY_APPLIED,
    S2N_ERR_UNSUPPORTED_WITH_QUIC,
    S2N_ERR_DUPLICATE_PSK_IDENTITIES,
    S2N_ERR_OFFERED_PSKS_TOO_LONG,
    S2N_ERR_INVALID_SESSION_TICKET,
    S2N_ERR_REENTRANCY,
    S2N_ERR_INVALID_STATE,
    S2N_ERR_EARLY_DATA_NOT_ALLOWED,
    S2N_ERR_NO_CERT_FOUND,
    S2N_ERR_CERT_NOT_VALIDATED,
    S2N_ERR_NO_PRIVATE_KEY,
    S2N_ERR_PSK_MODE,
    S2N_ERR_X509_EXTENSION_VALUE_NOT_FOUND,
    S2N_ERR_INVALID_X509_EXTENSION_TYPE,
    S2N_ERR_INSUFFICIENT_MEM_SIZE,
    S2N_ERR_KEYING_MATERIAL_EXPIRED,
    S2N_ERR_SECRET_SCHEDULE_STATE,
    S2N_ERR_CERT_OWNERSHIP,
    S2N_ERR_INTERNAL_LIBCRYPTO_ERROR,
    S2N_ERR_HANDSHAKE_NOT_COMPLETE,
    S2N_ERR_KTLS_MANAGED_IO,
    S2N_ERR_KTLS_UNSUPPORTED_PLATFORM,
    S2N_ERR_KTLS_UNSUPPORTED_CONN,
    S2N_ERR_KTLS_ENABLE,
    S2N_ERR_KTLS_BAD_CMSG,
    S2N_ERR_KTLS_RENEG,
    S2N_ERR_ATOMIC,
    S2N_ERR_T_USAGE_END,
} s2n_error;

#define S2N_DEBUG_STR_LEN 128

struct s2n_debug_info {
    const char *debug_str;
    const char *source;
};

extern __thread struct s2n_debug_info _s2n_debug_info;

#define TO_STRING(s)   #s
#define STRING_(s)     TO_STRING(s)
#define STRING__LINE__ STRING_(__LINE__)

/* gets the basename of a file path */
/* _S2N_EXTRACT_BASENAME("Error encountered in /path/to/my/file.c") -> "file.c" */
#if !(defined(CBMC) || defined(__TIMING_CONTRACTS__))
    #define _S2N_RSPLIT(subject, c)     (strrchr((subject), c) ? strrchr((subject), c) + 1 : (subject))
    #define _S2N_EXTRACT_BASENAME(path) _S2N_RSPLIT((path) + strlen(_S2N_DEBUG_LINE_PREFIX), '/')
#else
    #define _S2N_EXTRACT_BASENAME(path) path
#endif

#define _S2N_DEBUG_LINE_PREFIX "Error encountered in "
#define _S2N_DEBUG_LINE        _S2N_DEBUG_LINE_PREFIX __FILE__ ":" STRING__LINE__

#define _S2N_ERROR(x)                                                              \
    do {                                                                           \
        _s2n_debug_info.debug_str = _S2N_DEBUG_LINE;                               \
        _s2n_debug_info.source = _S2N_EXTRACT_BASENAME(_s2n_debug_info.debug_str); \
        s2n_errno = (x);                                                           \
        s2n_calculate_stacktrace();                                                \
    } while (0)
#define S2N_ERROR_PRESERVE_ERRNO() \
    do {                           \
        return -1;                 \
    } while (0)
#define S2N_ERROR_IS_BLOCKING(x) (s2n_error_get_type(x) == S2N_ERR_T_BLOCKED)

/* DEPRECATED: use POSIX_BAIL instead */
#define S2N_ERROR(x)     \
    do {                 \
        _S2N_ERROR((x)); \
        return -1;       \
    } while (0)

/* DEPRECATED: use PTR_BAIL instead */
#define S2N_ERROR_PTR(x) \
    do {                 \
        _S2N_ERROR((x)); \
        return NULL;     \
    } while (0)

/* DEPRECATED: use POSIX_ENSURE instead */
#define S2N_ERROR_IF(cond, x) \
    do {                      \
        if (cond) {           \
            S2N_ERROR(x);     \
        }                     \
    } while (0)

/** Calculate and print stacktraces */
struct s2n_stacktrace {
    char **trace;
    int trace_size;
};

bool s2n_stack_traces_enabled();
int s2n_stack_traces_enabled_set(bool newval);

int s2n_calculate_stacktrace(void);
int s2n_print_stacktrace(FILE *fptr);
int s2n_free_stacktrace(void);
int s2n_get_stacktrace(struct s2n_stacktrace *trace);
void s2n_debug_info_reset(void);