lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Unify PSA to Mbed TLS error translation

Browse Source 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek
2022-12-23 11:00:06 -05:00
parent 05b80a4eee
commit 8a045ce5e6
29 changed files with 459 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
library/ssl_cookie.c
View File

@ -37,6 +37,12 @@
#include <string.h>
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_ssl_errors, \
psa_generic_status_to_mbedtls)
#endif
/*
* If DTLS is in use, then at least one of SHA-256 or SHA-384 is
* available. Try SHA-256 first as 384 wastes resources
@ -126,7 +132,7 @@ int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
if ((status = psa_generate_key(&attributes,
&ctx->psa_hmac_key)) != PSA_SUCCESS) {
return psa_ssl_status_to_mbedtls(status);
return PSA_TO_MBEDTLS_ERR(status);
}
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -215,26 +221,26 @@ int mbedtls_ssl_cookie_write(void *p_ctx,
status = psa_mac_sign_setup(&operation, ctx->psa_hmac_key,
ctx->psa_hmac_alg);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_update(&operation, *p - 4, 4);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_update(&operation, cli_id, cli_id_len);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_sign_finish(&operation, *p, COOKIE_MD_OUTLEN,
&sign_mac_length);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
@ -263,7 +269,7 @@ int mbedtls_ssl_cookie_write(void *p_ctx,
exit:
status = psa_mac_abort(&operation);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return ret;
@ -299,27 +305,27 @@ int mbedtls_ssl_cookie_check(void *p_ctx,
status = psa_mac_verify_setup(&operation, ctx->psa_hmac_key,
ctx->psa_hmac_alg);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_update(&operation, cookie, 4);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_update(&operation, cli_id,
cli_id_len);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
status = psa_mac_verify_finish(&operation, cookie + 4,
COOKIE_HMAC_LEN);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
goto exit;
}
@ -374,7 +380,7 @@ exit:
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_abort(&operation);
if (status != PSA_SUCCESS) {
ret = psa_ssl_status_to_mbedtls(status);
ret = PSA_TO_MBEDTLS_ERR(status);
}
#else
mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac));