lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Unify PSA to Mbed TLS error translation

Browse Source 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek
2022-12-23 11:00:06 -05:00
parent 05b80a4eee
commit 8a045ce5e6
29 changed files with 459 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
library/pk_wrap.c
View File

@@ -40,9 +40,19 @@
#include "pkwrite.h"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "mbedtls/psa_util.h"
#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status)
#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_rsa_errors, \
psa_pk_status_to_mbedtls)
#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_ecdsa_errors, \
psa_pk_status_to_mbedtls)
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
@@ -57,6 +67,7 @@
#include <stdint.h>
#include <string.h>
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_PSA_CRYPTO_C)
int mbedtls_pk_error_from_psa(psa_status_t status)
{
@@ -113,11 +124,9 @@ int mbedtls_pk_error_from_psa_rsa(psa_status_t status)
}
}
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
#endif /* MBEDTLS_PSA_CRYPTO_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status)
{
@@ -138,8 +147,8 @@ int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status)
}
}
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_RSA_C)
static int rsa_can_do(mbedtls_pk_type_t type)
@@ -196,14 +205,14 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
buf + sizeof(buf) - key_len, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
status = psa_verify_hash(key_id, psa_alg_md, hash, hash_len,
sig, sig_len);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_rsa(status);
ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
ret = 0;
@@ -211,7 +220,7 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
cleanup:
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
@@ -289,13 +298,13 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg,
buf + sizeof(buf) - key_len, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
status = psa_sign_hash(key_id, alg, hash, hash_len,
sig, sig_size, sig_len);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_rsa(status);
ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -304,7 +313,7 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg,
cleanup:
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
}
@@ -398,7 +407,7 @@ static int rsa_decrypt_wrap(void *ctx,
buf + sizeof(buf) - key_len, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -407,7 +416,7 @@ static int rsa_decrypt_wrap(void *ctx,
NULL, 0,
output, osize, olen);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_rsa(status);
ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -417,7 +426,7 @@ cleanup:
mbedtls_platform_zeroize(buf, sizeof(buf));
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
@@ -484,7 +493,7 @@ static int rsa_encrypt_wrap(void *ctx,
buf + sizeof(buf) - key_len, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -493,7 +502,7 @@ static int rsa_encrypt_wrap(void *ctx,
NULL, 0,
output, osize, olen);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_rsa(status);
ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -502,7 +511,7 @@ static int rsa_encrypt_wrap(void *ctx,
cleanup:
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
@@ -716,7 +725,7 @@ static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg,
buf, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -737,7 +746,7 @@ static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg,
hash, hash_len,
buf, 2 * signature_part_size);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_ecdsa(status);
ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -750,7 +759,7 @@ static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg,
cleanup:
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
@@ -908,14 +917,14 @@ static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg,
buf, key_len,
&key_id);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
goto cleanup;
}
status = psa_sign_hash(key_id, psa_sig_md, hash, hash_len,
sig, sig_size, sig_len);
if (status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa_ecdsa(status);
ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
@@ -925,7 +934,7 @@ cleanup:
mbedtls_platform_zeroize(buf, sizeof(buf));
status = psa_destroy_key(key_id);
if (ret == 0 && status != PSA_SUCCESS) {
ret = mbedtls_pk_error_from_psa(status);
ret = PSA_PK_TO_MBEDTLS_ERR(status);
}
return ret;
@@ -1448,7 +1457,7 @@ static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
status = psa_get_key_attributes(*key, &attributes);
if (status != PSA_SUCCESS) {
return mbedtls_pk_error_from_psa(status);
return PSA_PK_TO_MBEDTLS_ERR(status);
}
type = psa_get_key_type(&attributes);
@@ -1472,15 +1481,15 @@ static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
if (status != PSA_SUCCESS) {
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
return mbedtls_pk_error_from_psa_ecdsa(status);
return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
} else
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
#if defined(MBEDTLS_RSA_C)
if (PSA_KEY_TYPE_IS_RSA(type)) {
return mbedtls_pk_error_from_psa_rsa(status);
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
} else
#endif /* MBEDTLS_RSA_C */
return mbedtls_pk_error_from_psa(status);
return PSA_PK_TO_MBEDTLS_ERR(status);
}
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
@@ -1535,7 +1544,7 @@ static int pk_opaque_rsa_decrypt(void *ctx,
NULL, 0,
output, osize, olen);
if (status != PSA_SUCCESS) {
return mbedtls_pk_error_from_psa_rsa(status);
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
}
return 0;