| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 1 | /** |
| 2 | * \file psa_util_internal.h |
| 3 | * |
| 4 | * \brief Internal utility functions for use of PSA Crypto. |
| 5 | */ |
| 6 | /* |
| 7 | * Copyright The Mbed TLS Contributors |
| Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 8 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 9 | */ |
| 10 | |
| 11 | #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H |
| 12 | #define MBEDTLS_PSA_UTIL_INTERNAL_H |
| 13 | |
| 14 | /* Include the public header so that users only need one include. */ |
| 15 | #include "mbedtls/psa_util.h" |
| 16 | |
| Manuel Pégourié-Gonnard | abfe640 | 2023-06-20 09:59:13 +0200 | [diff] [blame] | 17 | #include "psa/crypto.h" |
| 18 | |
| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 19 | #if defined(MBEDTLS_PSA_CRYPTO_C) |
| 20 | |
| Manuel Pégourié-Gonnard | a5a8f29 | 2023-06-07 13:25:51 +0200 | [diff] [blame] | 21 | /************************************************************************* |
| 22 | * FFDH |
| 23 | ************************************************************************/ |
| 24 | |
| 25 | #define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ |
| 26 | PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) |
| 27 | |
| 28 | /************************************************************************* |
| 29 | * ECC |
| 30 | ************************************************************************/ |
| 31 | |
| 32 | #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ |
| 33 | PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) |
| 34 | |
| 35 | #define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ |
| 36 | PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) |
| 37 | |
| Manuel Pégourié-Gonnard | b7e8939 | 2023-06-08 10:06:10 +0200 | [diff] [blame] | 38 | /************************************************************************* |
| 39 | * Error translation |
| 40 | ************************************************************************/ |
| 41 | |
| 42 | typedef struct { |
| 43 | /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ |
| 44 | int16_t psa_status; |
| 45 | /* Error codes used by Mbed TLS are in one of the ranges |
| 46 | * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level |
| 47 | * code optionally added), fitting in 16 bits. */ |
| 48 | int16_t mbedtls_error; |
| 49 | } mbedtls_error_pair_t; |
| 50 | |
| 51 | #if defined(MBEDTLS_MD_LIGHT) |
| 52 | extern const mbedtls_error_pair_t psa_to_md_errors[4]; |
| 53 | #endif |
| 54 | |
| Valerio Setti | 8ceaa75 | 2023-12-12 11:20:18 +0100 | [diff] [blame^] | 55 | #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) |
| 56 | extern const mbedtls_error_pair_t psa_to_cipher_errors[4]; |
| 57 | #endif |
| 58 | |
| Manuel Pégourié-Gonnard | b7e8939 | 2023-06-08 10:06:10 +0200 | [diff] [blame] | 59 | #if defined(MBEDTLS_LMS_C) |
| 60 | extern const mbedtls_error_pair_t psa_to_lms_errors[3]; |
| 61 | #endif |
| 62 | |
| 63 | #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 64 | extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; |
| 65 | #endif |
| 66 | |
| 67 | #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ |
| Valerio Setti | 7e6aaa1 | 2023-07-11 16:59:21 +0200 | [diff] [blame] | 68 | defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) |
| Manuel Pégourié-Gonnard | b7e8939 | 2023-06-08 10:06:10 +0200 | [diff] [blame] | 69 | extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; |
| 70 | #endif |
| 71 | |
| 72 | #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ |
| 73 | defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) |
| 74 | extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; |
| 75 | #endif |
| 76 | |
| 77 | /* Generic fallback function for error translation, |
| 78 | * when the received state was not module-specific. */ |
| 79 | int psa_generic_status_to_mbedtls(psa_status_t status); |
| 80 | |
| 81 | /* This function iterates over provided local error translations, |
| 82 | * and if no match was found - calls the fallback error translation function. */ |
| 83 | int psa_status_to_mbedtls(psa_status_t status, |
| 84 | const mbedtls_error_pair_t *local_translations, |
| 85 | size_t local_errors_num, |
| 86 | int (*fallback_f)(psa_status_t)); |
| 87 | |
| 88 | /* The second out of three-stage error handling functions of the pk module, |
| 89 | * acts as a fallback after RSA / ECDSA error translation, and if no match |
| 90 | * is found, it itself calls psa_generic_status_to_mbedtls. */ |
| 91 | int psa_pk_status_to_mbedtls(psa_status_t status); |
| 92 | |
| 93 | /* Utility macro to shorten the defines of error translator in modules. */ |
| 94 | #define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ |
| 95 | psa_status_to_mbedtls(status, error_list, \ |
| 96 | sizeof(error_list)/sizeof(error_list[0]), \ |
| 97 | fallback_f) |
| 98 | |
| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 99 | #endif /* MBEDTLS_PSA_CRYPTO_C */ |
| 100 | #endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */ |