| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 1 | /** |
| 2 | * \file psa_util_internal.h |
| 3 | * |
| 4 | * \brief Internal utility functions for use of PSA Crypto. |
| 5 | */ |
| 6 | /* |
| 7 | * Copyright The Mbed TLS Contributors |
| 8 | * SPDX-License-Identifier: Apache-2.0 |
| 9 | * |
| 10 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 11 | * not use this file except in compliance with the License. |
| 12 | * You may obtain a copy of the License at |
| 13 | * |
| 14 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 15 | * |
| 16 | * Unless required by applicable law or agreed to in writing, software |
| 17 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 18 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 19 | * See the License for the specific language governing permissions and |
| 20 | * limitations under the License. |
| 21 | */ |
| 22 | |
| 23 | #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H |
| 24 | #define MBEDTLS_PSA_UTIL_INTERNAL_H |
| 25 | |
| 26 | /* Include the public header so that users only need one include. */ |
| 27 | #include "mbedtls/psa_util.h" |
| 28 | |
| Manuel Pégourié-Gonnard | abfe640 | 2023-06-20 09:59:13 +0200 | [diff] [blame] | 29 | #include "psa/crypto.h" |
| 30 | |
| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 31 | #if defined(MBEDTLS_PSA_CRYPTO_C) |
| 32 | |
| Manuel Pégourié-Gonnard | a5a8f29 | 2023-06-07 13:25:51 +0200 | [diff] [blame] | 33 | /************************************************************************* |
| 34 | * FFDH |
| 35 | ************************************************************************/ |
| 36 | |
| 37 | #define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ |
| 38 | PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) |
| 39 | |
| 40 | /************************************************************************* |
| 41 | * ECC |
| 42 | ************************************************************************/ |
| 43 | |
| 44 | #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ |
| 45 | PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) |
| 46 | |
| 47 | #define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ |
| 48 | PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) |
| 49 | |
| Manuel Pégourié-Gonnard | b7e8939 | 2023-06-08 10:06:10 +0200 | [diff] [blame] | 50 | /************************************************************************* |
| 51 | * Error translation |
| 52 | ************************************************************************/ |
| 53 | |
| 54 | typedef struct { |
| 55 | /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ |
| 56 | int16_t psa_status; |
| 57 | /* Error codes used by Mbed TLS are in one of the ranges |
| 58 | * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level |
| 59 | * code optionally added), fitting in 16 bits. */ |
| 60 | int16_t mbedtls_error; |
| 61 | } mbedtls_error_pair_t; |
| 62 | |
| 63 | #if defined(MBEDTLS_MD_LIGHT) |
| 64 | extern const mbedtls_error_pair_t psa_to_md_errors[4]; |
| 65 | #endif |
| 66 | |
| 67 | #if defined(MBEDTLS_LMS_C) |
| 68 | extern const mbedtls_error_pair_t psa_to_lms_errors[3]; |
| 69 | #endif |
| 70 | |
| 71 | #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 72 | extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; |
| 73 | #endif |
| 74 | |
| 75 | #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ |
| Valerio Setti | 7e6aaa1 | 2023-07-11 16:59:21 +0200 | [diff] [blame] | 76 | defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) |
| Manuel Pégourié-Gonnard | b7e8939 | 2023-06-08 10:06:10 +0200 | [diff] [blame] | 77 | extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; |
| 78 | #endif |
| 79 | |
| 80 | #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ |
| 81 | defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) |
| 82 | extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; |
| 83 | #endif |
| 84 | |
| 85 | /* Generic fallback function for error translation, |
| 86 | * when the received state was not module-specific. */ |
| 87 | int psa_generic_status_to_mbedtls(psa_status_t status); |
| 88 | |
| 89 | /* This function iterates over provided local error translations, |
| 90 | * and if no match was found - calls the fallback error translation function. */ |
| 91 | int psa_status_to_mbedtls(psa_status_t status, |
| 92 | const mbedtls_error_pair_t *local_translations, |
| 93 | size_t local_errors_num, |
| 94 | int (*fallback_f)(psa_status_t)); |
| 95 | |
| 96 | /* The second out of three-stage error handling functions of the pk module, |
| 97 | * acts as a fallback after RSA / ECDSA error translation, and if no match |
| 98 | * is found, it itself calls psa_generic_status_to_mbedtls. */ |
| 99 | int psa_pk_status_to_mbedtls(psa_status_t status); |
| 100 | |
| 101 | /* Utility macro to shorten the defines of error translator in modules. */ |
| 102 | #define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ |
| 103 | psa_status_to_mbedtls(status, error_list, \ |
| 104 | sizeof(error_list)/sizeof(error_list[0]), \ |
| 105 | fallback_f) |
| 106 | |
| Manuel Pégourié-Gonnard | 2be8c63 | 2023-06-07 13:07:21 +0200 | [diff] [blame] | 107 | #endif /* MBEDTLS_PSA_CRYPTO_C */ |
| 108 | #endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */ |