Skip to content

wolfSSL Error Handling and Reporting

Functions

Name
int wolfSSL_Debugging_ON(void )
If logging has been enabled at build time this function turns on logging at runtime. To enable logging at build time use –enable-debug or define DEBUG_WOLFSSL.
void wolfSSL_Debugging_OFF(void )
This function turns off runtime logging messages. If they’re already off, no action is taken.
int wolfSSL_get_error(WOLFSSL * ssl, int ret)
This function returns a unique error code describing why the previous API function call (wolfSSL_connect, wolfSSL_accept, wolfSSL_read, wolfSSL_write, etc.) resulted in an error return code (SSL_FAILURE). The return value of the previous function is passed to wolfSSL_get_error through ret. After wolfSSL_get_error is called and returns the unique error code, wolfSSL_ERR_error_string() may be called to get a human_readable error string. See wolfSSL_ERR_error_string() for more information.
void wolfSSL_load_error_strings(void )
This function is for OpenSSL compatibility (SSL_load_error_string) only and takes no action.
char * wolfSSL_ERR_error_string(unsigned long errNumber, char * data)
This function converts an error code returned by wolfSSL_get_error() into a more human_readable error string. errNumber is the error code returned by wolfSSL_get_error() and data is the storage buffer which the error string will be placed in. The maximum length of data is 80 characters by default, as defined by MAX_ERROR_SZ is wolfssl/wolfcrypt/error.h.
void wolfSSL_ERR_error_string_n(unsigned long e, char * buf, unsigned long sz)
This function is a version of wolfSSL_ERR_error_string() where len specifies the maximum number of characters that may be written to buf. Like wolfSSL_ERR_error_string(), this function converts an error code returned from wolfSSL_get_error() into a more human-readable error string. The human-readable string is placed in buf.
void wolfSSL_ERR_print_errors_fp(XFILE fp, int err)
This function converts an error code returned by wolfSSL_get_error() into a more human_readable error string and prints that string to the output file _ fp. err is the error code returned by wolfSSL_get_error() and fp is the file which the error string will be placed in.
void wolfSSL_ERR_print_errors_cb(int()(const char str, size_t len, void *u) cb, void * u)
This function uses the provided callback to handle error reporting. The callback function is executed for each error line. The string, length, and userdata are passed into the callback parameters.
int wolfSSL_want_read(WOLFSSL * )
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_READ in return. If the underlying error state is SSL_ERROR_WANT_READ, this function will return 1, otherwise, 0.
int wolfSSL_want_write(WOLFSSL * )
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_WRITE in return. If the underlying error state is SSL_ERROR_WANT_WRITE, this function will return 1, otherwise, 0.
unsigned long wolfSSL_ERR_peek_last_error(void )
This function returns the absolute value of the last error from WOLFSSL_ERROR encountered.

Functions Documentation

function wolfSSL_Debugging_ON

int wolfSSL_Debugging_ON(
    void 
)

If logging has been enabled at build time this function turns on logging at runtime. To enable logging at build time use –enable-debug or define DEBUG_WOLFSSL.

Parameters:

  • none No parameters.

See:

Return:

  • 0 upon success.
  • NOT_COMPILED_IN is the error that will be returned if logging isn’t enabled for this build.

Example

wolfSSL_Debugging_ON();

function wolfSSL_Debugging_OFF

void wolfSSL_Debugging_OFF(
    void 
)

This function turns off runtime logging messages. If they’re already off, no action is taken.

Parameters:

  • none No parameters.

See:

Return: none No returns.

Example

wolfSSL_Debugging_OFF();

function wolfSSL_get_error

int wolfSSL_get_error(
    WOLFSSL * ssl,
    int ret
)

This function returns a unique error code describing why the previous API function call (wolfSSL_connect, wolfSSL_accept, wolfSSL_read, wolfSSL_write, etc.) resulted in an error return code (SSL_FAILURE). The return value of the previous function is passed to wolfSSL_get_error through ret. After wolfSSL_get_error is called and returns the unique error code, wolfSSL_ERR_error_string() may be called to get a human-readable error string. See wolfSSL_ERR_error_string() for more information.

Parameters:

  • ssl pointer to the SSL object, created with wolfSSL_new().
  • ret return value of the previous function that resulted in an error return code.

See:

Return:

  • On successful completion, this function will return the unique error code describing why the previous API function failed.
  • SSL_ERROR_NONE will be returned if ret > 0. For ret <= 0, there are some cases when this value can also be returned when a previous API appeared to return an error code but no error actually occurred. An example is calling wolfSSL_read() with a zero sz parameter. A 0 return from wolfSSL_read() usually indicates an error but in this case no error occurred. If wolfSSL_get_error() is called afterwards, SSL_ERROR_NONE will be returned.

Example

int err = 0;
WOLFSSL* ssl;
char buffer[80];
...
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, buffer);
printf(“err = %d, %s\n”, err, buffer);

function wolfSSL_load_error_strings

void wolfSSL_load_error_strings(
    void 
)

This function is for OpenSSL compatibility (SSL_load_error_string) only and takes no action.

Parameters:

  • none No parameters.

See:

Return: none No returns.

Example

wolfSSL_load_error_strings();

function wolfSSL_ERR_error_string

char * wolfSSL_ERR_error_string(
    unsigned long errNumber,
    char * data
)

This function converts an error code returned by wolfSSL_get_error() into a more human_readable error string. errNumber is the error code returned by wolfSSL_get_error() and data is the storage buffer which the error string will be placed in. The maximum length of data is 80 characters by default, as defined by MAX_ERROR_SZ is wolfssl/wolfcrypt/error.h.

Parameters:

  • errNumber error code returned by wolfSSL_get_error().
  • data output buffer containing human-readable error string matching errNumber.

See:

Return:

  • success On successful completion, this function returns the same string as is returned in data.
  • failure Upon failure, this function returns a string with the appropriate failure reason, msg.

Example

int err = 0;
WOLFSSL* ssl;
char buffer[80];
...
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, buffer);
printf(“err = %d, %s\n”, err, buffer);

function wolfSSL_ERR_error_string_n

void wolfSSL_ERR_error_string_n(
    unsigned long e,
    char * buf,
    unsigned long sz
)

This function is a version of wolfSSL_ERR_error_string() where len specifies the maximum number of characters that may be written to buf. Like wolfSSL_ERR_error_string(), this function converts an error code returned from wolfSSL_get_error() into a more human-readable error string. The human-readable string is placed in buf.

Parameters:

  • e error code returned by wolfSSL_get_error().
  • buff output buffer containing human-readable error string matching e.
  • len maximum length in characters which may be written to buf.

See:

Return: none No returns.

Example

int err = 0;
WOLFSSL* ssl;
char buffer[80];
...
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string_n(err, buffer, 80);
printf(“err = %d, %s\n”, err, buffer);

function wolfSSL_ERR_print_errors_fp

void wolfSSL_ERR_print_errors_fp(
    XFILE fp,
    int err
)

This function converts an error code returned by wolfSSL_get_error() into a more human_readable error string and prints that string to the output file _ fp. err is the error code returned by wolfSSL_get_error() and fp is the file which the error string will be placed in.

Parameters:

  • fp output file for human-readable error string to be written to.
  • err error code returned by wolfSSL_get_error().

See:

Return: none No returns.

Example

int err = 0;
WOLFSSL* ssl;
FILE* fp = ...
...
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_print_errors_fp(fp, err);

function wolfSSL_ERR_print_errors_cb

void wolfSSL_ERR_print_errors_cb(
    int(*)(const char *str, size_t len, void *u) cb,
    void * u
)

This function uses the provided callback to handle error reporting. The callback function is executed for each error line. The string, length, and userdata are passed into the callback parameters.

Parameters:

  • cb the callback function.
  • u userdata to pass into the callback function.

See:

Return: none No returns.

Example

int error_cb(const char *str, size_t len, void *u)
{ fprintf((FILE*)u, "%-*.*s\n", (int)len, (int)len, str); return 0; }
...
FILE* fp = ...
wolfSSL_ERR_print_errors_cb(error_cb, fp);

function wolfSSL_want_read

int wolfSSL_want_read(
    WOLFSSL * 
)

This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_READ in return. If the underlying error state is SSL_ERROR_WANT_READ, this function will return 1, otherwise, 0.

Parameters:

See:

Return:

  • 1 wolfSSL_get_error() would return SSL_ERROR_WANT_READ, the underlying I/O has data available for reading.
  • 0 There is no SSL_ERROR_WANT_READ error state.

Example

int ret;
WOLFSSL* ssl = 0;
...

ret = wolfSSL_want_read(ssl);
if (ret == 1) {
    // underlying I/O has data available for reading (SSL_ERROR_WANT_READ)
}

function wolfSSL_want_write

int wolfSSL_want_write(
    WOLFSSL * 
)

This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_WRITE in return. If the underlying error state is SSL_ERROR_WANT_WRITE, this function will return 1, otherwise, 0.

Parameters:

See:

Return:

  • 1 wolfSSL_get_error() would return SSL_ERROR_WANT_WRITE, the underlying I/O needs data to be written in order for progress to be made in the underlying SSL connection.
  • 0 There is no SSL_ERROR_WANT_WRITE error state.

Example

int ret;
WOLFSSL* ssl = 0;
...
ret = wolfSSL_want_write(ssl);
if (ret == 1) {
    // underlying I/O needs data to be written (SSL_ERROR_WANT_WRITE)
}

function wolfSSL_ERR_peek_last_error

unsigned long wolfSSL_ERR_peek_last_error(
    void 
)

This function returns the absolute value of the last error from WOLFSSL_ERROR encountered.

Parameters:

  • none No parameters.

See: wolfSSL_ERR_print_errors_fp

Return: error Returns absolute value of last error.

Example

unsigned long err;
...
err = wolfSSL_ERR_peek_last_error();
// inspect err value

Updated on 2024-03-19 at 01:20:40 +0000