From: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Date: Thu, 18 Aug 2016 09:16:02 +0000 (+0200)
Subject: Handle RSA padding errors
X-Git-Tag: accepted/tizen/common/20160901.143419~13
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=21379829e551a05db75f42a8daecf80279c9f73b;p=platform%2Fcore%2Fsecurity%2Fyaca.git

Handle RSA padding errors

Change-Id: Ie722ad2ba6c70b4a3ed799ffc8057e0610abc1d4
---

diff --git a/src/debug.c b/src/debug.c
index 0dbed34..33779b8 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -124,6 +124,7 @@ int error_handle(const char *file, int line, const char *function)
 	/* known errors */
 	switch (err) {
 	case ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS):
+	case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_DATA_GREATER_THAN_MOD_LEN):
 	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED):
 	case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE):
 	case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA):
@@ -163,6 +164,30 @@ int error_handle(const char *file, int line, const char *function)
 		break;
 	}
 
+	/* known rsa padding errors */
+	if (ret == YACA_ERROR_NONE && ERR_GET_LIB(err) == ERR_LIB_RSA) {
+		switch (ERR_GET_FUNC(err)) {
+		case RSA_F_RSA_PADDING_CHECK_NONE:
+		case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP:
+		case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1:
+		case RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1:
+		case RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2:
+		case RSA_F_RSA_PADDING_CHECK_SSLV23:
+		case RSA_F_RSA_PADDING_CHECK_X931:
+		case RSA_F_RSA_PADDING_ADD_NONE:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_OAEP:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_PSS:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1:
+		case RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2:
+		case RSA_F_RSA_PADDING_ADD_SSLV23:
+		case RSA_F_RSA_PADDING_ADD_X931:
+			ret = YACA_ERROR_INVALID_PARAMETER;
+			break;
+		}
+	}
+
 	/* fatal errors */
 	int reason = ERR_GET_REASON(err);
 	if (ret == YACA_ERROR_NONE && reason <= GENERIC_REASON_MAX && ERR_FATAL_ERROR(err) > 0) {
diff --git a/src/rsa.c b/src/rsa.c
index 534ffe9..8d07f11 100644
--- a/src/rsa.c
+++ b/src/rsa.c
@@ -100,8 +100,7 @@ static int encrypt_decrypt(yaca_padding_e padding,
 	         lpadding);
 
 	if (ret < 0) {
-		ret = YACA_ERROR_INTERNAL;
-		ERROR_DUMP(ret);
+		ret = ERROR_HANDLE();
 		goto exit;
 	}