psa_util_internal.h (3631B)
1 /** 2 * \file psa_util_internal.h 3 * 4 * \brief Internal utility functions for use of PSA Crypto. 5 */ 6 /* 7 * Copyright The Mbed TLS Contributors 8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 9 */ 10 11 #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H 12 #define MBEDTLS_PSA_UTIL_INTERNAL_H 13 14 /* Include the public header so that users only need one include. */ 15 #include "mbedtls/psa_util.h" 16 17 #include "psa/crypto.h" 18 19 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) 20 21 /************************************************************************* 22 * FFDH 23 ************************************************************************/ 24 25 #define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ 26 PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) 27 28 /************************************************************************* 29 * ECC 30 ************************************************************************/ 31 32 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ 33 PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 34 35 #define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ 36 PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 37 38 /************************************************************************* 39 * Error translation 40 ************************************************************************/ 41 42 typedef struct { 43 /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ 44 int16_t psa_status; 45 /* Error codes used by Mbed TLS are in one of the ranges 46 * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level 47 * code optionally added), fitting in 16 bits. */ 48 int16_t mbedtls_error; 49 } mbedtls_error_pair_t; 50 51 #if defined(MBEDTLS_MD_LIGHT) 52 extern const mbedtls_error_pair_t psa_to_md_errors[4]; 53 #endif 54 55 #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) 56 extern const mbedtls_error_pair_t psa_to_cipher_errors[4]; 57 #endif 58 59 #if defined(MBEDTLS_LMS_C) 60 extern const mbedtls_error_pair_t psa_to_lms_errors[3]; 61 #endif 62 63 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) 64 extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; 65 #endif 66 67 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ 68 defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) 69 extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; 70 #endif 71 72 #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ 73 defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 74 extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; 75 #endif 76 77 /* Generic fallback function for error translation, 78 * when the received state was not module-specific. */ 79 int psa_generic_status_to_mbedtls(psa_status_t status); 80 81 /* This function iterates over provided local error translations, 82 * and if no match was found - calls the fallback error translation function. */ 83 int psa_status_to_mbedtls(psa_status_t status, 84 const mbedtls_error_pair_t *local_translations, 85 size_t local_errors_num, 86 int (*fallback_f)(psa_status_t)); 87 88 /* The second out of three-stage error handling functions of the pk module, 89 * acts as a fallback after RSA / ECDSA error translation, and if no match 90 * is found, it itself calls psa_generic_status_to_mbedtls. */ 91 int psa_pk_status_to_mbedtls(psa_status_t status); 92 93 /* Utility macro to shorten the defines of error translator in modules. */ 94 #define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ 95 psa_status_to_mbedtls(status, error_list, \ 96 sizeof(error_list)/sizeof(error_list[0]), \ 97 fallback_f) 98 99 #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ 100 #endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */