Who's got some brilliant ideas about these (see the #error lines added in
the diff below)? Because I can't think of a /really/ clean way of doing
these. :-S
Personally, I'ld push an error with additional context (OpenSSL supports
that sort of thing already, thanks to err/* ==
ERR_put_error()+ERR_set_error_data()+ERR_add_error_data() )
The drawback of that is that these are rather 'warnings' or maybe even
'informationals' (in the sense of the VMS/Windows error code class)
depending on your world view, so that would be adding error data to an S_OK
'error' code or tolerating non-error error codes (= info/warn codes of a
kind) in the ERR stack. Of course, we've 'fatal' and regular errors in there
already, so marking particular errors as 'warning' or 'informational' isn't
all that much trouble; it's just that I don't think the original designers
wanted it that way.
The alternative would be passing along an extra BIO* arg to the relevant
functions so this info can be 'printed' to a location as the caller prefers.
All this to ensure OpenSSL library is:
1- not dependent on the existence of stderr/stdout on your system (outside
UNIX several platforms don't have 'em)
2a- not dependent on a /working/ stderr/stdout on your system (depending on
where you're at in your UNIX box, they go straight to /dev/null or worse,
some local admin console. (The magic word of today is... 'deamon'. And I
don't mean lame binaries run by inetd -- you may flame me to your hearts
content off list, thank you ;-) )
2b- spitting /all/ relevant error info to a place where you want it to end
up (GUI-based tools like those BIOs OpenSSL has on offer as you can get hold
of everything I/O-y including error reporting to your own dialogs and such,
thanks to ERR_print_errors() and friends plus a custom BIO. Unfortunately,
these printf() outputs will disappear in the void when running in a GUI
based app, unless you perform some specific additional magic.
3- only depending on the barest/minimal set of RTL/libc/system calls outside
network=socket I/O, enabling 'deep embedding' with ease, i.e. using OpenSSL
on embedded systems that don't ~ /.+nix.*/
--- h:\prj\1original\openssl\openssl\crypto\engine\eng_cryptodev.c
2010-05-14 15:18:13.000000000 +-0200
+++ h:\prj\3actual\openssl\crypto\engine\eng_cryptodev.c 2010-05-26
17:32:46.000000000 +-0200
@@ -1016,17 +1016,19 @@
if (bn2crparam(m, &kop.crk_param[2]))
goto err;
kop.crk_iparams = 3;
if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+#error make these printf's BIO_printf()'s or something; push error on stack
maybe?
printf("OCF asym process failed, Running in software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+#error make these printf's BIO_printf()'s or something; push error on stack
maybe?
printf("OCF hardware operation cancelled. Running in Software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
}
/* else cryptodev operation worked ok ==> ret = 1*/
err:
@@ -1071,17 +1073,19 @@
if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
goto err;
kop.crk_iparams = 6;
if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+#error make these printf's BIO_printf()'s or something; push error on stack
maybe?
printf("OCF asym process failed, running in Software\n");
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+#error make these printf's BIO_printf()'s or something; push error on stack
maybe?
printf("OCF hardware operation cancelled. Running in Software\n");
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
}
/* else cryptodev operation worked ok ==> ret = 1*/
err:
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: [email protected]
mobile: +31-6-11 120 978
--------------------------------------------------
