From fbf62978dcd4d42facffdcf99831e82a1979cdc3 Mon Sep 17 00:00:00 2001
From: Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>
Date: Fri, 13 Nov 2009 00:27:04 +0100
Subject: [PATCH] Improved error handling

---
 include/grub/crypto.h | 26 +++++++++++++------------
 lib/crypto.c          | 44 +++++++++++++++++++++++++++----------------
 2 files changed, 42 insertions(+), 28 deletions(-)

diff --git a/include/grub/crypto.h b/include/grub/crypto.h
index 5cd7f02b4..7a3461e3b 100644
--- a/include/grub/crypto.h
+++ b/include/grub/crypto.h
@@ -20,13 +20,14 @@
 /* Contains elements based on gcrypt-module.h and gcrypt.h.in.
    If it's changed please update this file.  */
 
-#ifndef GRUB_CIPHER_HEADER
-#define GRUB_CIPHER_HEADER 1
+#ifndef GRUB_CRYPTO_HEADER
+#define GRUB_CRYPTO_HEADER 1
 
 #include <grub/symbol.h>
 #include <grub/types.h>
-#include <grub/misc.h>
-#include <grub/mm.h>
+#include <grub/err.h>
+/* For GRUB_ACCESS_DENIED.  */
+#include <grub/auth.h>
 
 typedef enum 
   {
@@ -64,6 +65,7 @@ typedef enum
     GPG_ERR_WEAK_KEY,
     GPG_ERR_WRONG_KEY_USAGE,
     GPG_ERR_WRONG_PUBKEY_ALGO,
+    GPG_ERR_OUT_OF_MEMORY
   } gcry_err_code_t;
 #define gpg_err_code_t gcry_err_code_t
 #define gpg_error_t gcry_err_code_t
@@ -186,26 +188,23 @@ grub_crypto_cipher_close (grub_crypto_cipher_handle_t cipher);
 
 void
 grub_crypto_xor (void *out, const void *in1, const void *in2, grub_size_t size);
-grub_err_t
+
+gcry_err_code_t
 grub_crypto_ecb_decrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size);
 
-grub_err_t
+gcry_err_code_t
 grub_crypto_ecb_encrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size);
-grub_err_t
+gcry_err_code_t
 grub_crypto_cbc_encrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size,
 			 void *iv_in);
-grub_err_t
+gcry_err_code_t
 grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size,
 			 void *iv);
 void 
-grub_cipher_register (gcry_cipher_spec_t *cipher);
-void
-grub_cipher_unregister (gcry_cipher_spec_t *cipher);
-void 
 grub_md_register (gcry_md_spec_t *digest);
 void 
 grub_md_unregister (gcry_md_spec_t *cipher);
@@ -215,6 +214,9 @@ grub_crypto_hash (const gcry_md_spec_t *hash, void *out, void *in,
 const gcry_md_spec_t *
 grub_crypto_lookup_md_by_name (const char *name);
 
+grub_err_t
+grub_crypto_gcry_error (gcry_err_code_t in);
+
 void grub_burn_stack (grub_size_t size);
 
 extern gcry_md_spec_t _gcry_digest_spec_md5;
diff --git a/lib/crypto.c b/lib/crypto.c
index 64c386dae..718d6e278 100644
--- a/lib/crypto.c
+++ b/lib/crypto.c
@@ -149,46 +149,49 @@ grub_crypto_xor (void *out, const void *in1, const void *in2, grub_size_t size)
     }
 }
 
-grub_err_t
+gcry_err_code_t
 grub_crypto_ecb_decrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size)
 {
   grub_uint8_t *inptr, *outptr, *end;
+  if (!cipher->cipher->decrypt)
+    return GPG_ERR_NOT_SUPPORTED;
   if (size % cipher->cipher->blocksize != 0)
-    return grub_error (GRUB_ERR_BAD_ARGUMENT, 
-		       "This encryption can't decrypt partial blocks");
+    return GPG_ERR_INV_ARG;
   end = (grub_uint8_t *) in + size;
   for (inptr = in, outptr = out; inptr < end;
        inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
     cipher->cipher->decrypt (cipher->ctx, outptr, inptr);
-  return GRUB_ERR_NONE;
+  return GPG_ERR_NO_ERROR;
 }
 
-grub_err_t
+gcry_err_code_t
 grub_crypto_ecb_encrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size)
 {
   grub_uint8_t *inptr, *outptr, *end;
+  if (!cipher->cipher->encrypt)
+    return GPG_ERR_NOT_SUPPORTED;
   if (size % cipher->cipher->blocksize != 0)
-    return grub_error (GRUB_ERR_BAD_ARGUMENT, 
-		       "This encryption can't decrypt partial blocks");
+    return GPG_ERR_INV_ARG;
   end = (grub_uint8_t *) in + size;
   for (inptr = in, outptr = out; inptr < end;
        inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
     cipher->cipher->encrypt (cipher->ctx, outptr, inptr);
-  return GRUB_ERR_NONE;
+  return GPG_ERR_NO_ERROR;
 }
 
-grub_err_t
+gcry_err_code_t
 grub_crypto_cbc_encrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size,
 			 void *iv_in)
 {
   grub_uint8_t *inptr, *outptr, *end;
   void *iv;
+  if (!cipher->cipher->decrypt)
+    return GPG_ERR_NOT_SUPPORTED;
   if (size % cipher->cipher->blocksize != 0)
-    return grub_error (GRUB_ERR_BAD_ARGUMENT, 
-		       "This encryption can't decrypt partial blocks");
+    return GPG_ERR_INV_ARG;
   end = (grub_uint8_t *) in + size;
   iv = iv_in;
   for (inptr = in, outptr = out; inptr < end;
@@ -199,19 +202,20 @@ grub_crypto_cbc_encrypt (grub_crypto_cipher_handle_t cipher,
       iv = outptr;
     }
   grub_memcpy (iv_in, iv, cipher->cipher->blocksize);
-  return GRUB_ERR_NONE;
+  return GPG_ERR_NO_ERROR;
 }
 
-grub_err_t
+gcry_err_code_t
 grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size,
 			 void *iv)
 {
   grub_uint8_t *inptr, *outptr, *end;
   grub_uint8_t ivt[cipher->cipher->blocksize];
+  if (!cipher->cipher->decrypt)
+    return GPG_ERR_NOT_SUPPORTED;
   if (size % cipher->cipher->blocksize != 0)
-    return grub_error (GRUB_ERR_BAD_ARGUMENT, 
-		       "This encryption can't decrypt partial blocks");
+    return GPG_ERR_INV_ARG;
   end = (grub_uint8_t *) in + size;
   for (inptr = in, outptr = out; inptr < end;
        inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
@@ -221,5 +225,13 @@ grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
       grub_crypto_xor (outptr, outptr, iv, cipher->cipher->blocksize);
       grub_memcpy (iv, ivt, cipher->cipher->blocksize);
     }
-  return GRUB_ERR_NONE;
+  return GPG_ERR_NO_ERROR;
+}
+
+grub_err_t
+grub_crypto_gcry_error (gcry_err_code_t in)
+{
+  if (in == GPG_ERR_NO_ERROR)
+    return GRUB_ERR_NONE;
+  return GRUB_ACCESS_DENIED;
 }