1*b0563631STom Van Eyck /** 2*b0563631STom Van Eyck * \file psa_util_internal.h 3*b0563631STom Van Eyck * 4*b0563631STom Van Eyck * \brief Internal utility functions for use of PSA Crypto. 5*b0563631STom Van Eyck */ 6*b0563631STom Van Eyck /* 7*b0563631STom Van Eyck * Copyright The Mbed TLS Contributors 8*b0563631STom Van Eyck * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 9*b0563631STom Van Eyck */ 10*b0563631STom Van Eyck 11*b0563631STom Van Eyck #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H 12*b0563631STom Van Eyck #define MBEDTLS_PSA_UTIL_INTERNAL_H 13*b0563631STom Van Eyck 14*b0563631STom Van Eyck /* Include the public header so that users only need one include. */ 15*b0563631STom Van Eyck #include "mbedtls/psa_util.h" 16*b0563631STom Van Eyck 17*b0563631STom Van Eyck #include "psa/crypto.h" 18*b0563631STom Van Eyck 19*b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) 20*b0563631STom Van Eyck 21*b0563631STom Van Eyck /************************************************************************* 22*b0563631STom Van Eyck * FFDH 23*b0563631STom Van Eyck ************************************************************************/ 24*b0563631STom Van Eyck 25*b0563631STom Van Eyck #define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ 26*b0563631STom Van Eyck PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) 27*b0563631STom Van Eyck 28*b0563631STom Van Eyck /************************************************************************* 29*b0563631STom Van Eyck * ECC 30*b0563631STom Van Eyck ************************************************************************/ 31*b0563631STom Van Eyck 32*b0563631STom Van Eyck #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ 33*b0563631STom Van Eyck PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 34*b0563631STom Van Eyck 35*b0563631STom Van Eyck #define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ 36*b0563631STom Van Eyck PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 37*b0563631STom Van Eyck 38*b0563631STom Van Eyck /************************************************************************* 39*b0563631STom Van Eyck * Error translation 40*b0563631STom Van Eyck ************************************************************************/ 41*b0563631STom Van Eyck 42*b0563631STom Van Eyck typedef struct { 43*b0563631STom Van Eyck /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ 44*b0563631STom Van Eyck int16_t psa_status; 45*b0563631STom Van Eyck /* Error codes used by Mbed TLS are in one of the ranges 46*b0563631STom Van Eyck * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level 47*b0563631STom Van Eyck * code optionally added), fitting in 16 bits. */ 48*b0563631STom Van Eyck int16_t mbedtls_error; 49*b0563631STom Van Eyck } mbedtls_error_pair_t; 50*b0563631STom Van Eyck 51*b0563631STom Van Eyck #if defined(MBEDTLS_MD_LIGHT) 52*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_md_errors[4]; 53*b0563631STom Van Eyck #endif 54*b0563631STom Van Eyck 55*b0563631STom Van Eyck #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) 56*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_cipher_errors[4]; 57*b0563631STom Van Eyck #endif 58*b0563631STom Van Eyck 59*b0563631STom Van Eyck #if defined(MBEDTLS_LMS_C) 60*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_lms_errors[3]; 61*b0563631STom Van Eyck #endif 62*b0563631STom Van Eyck 63*b0563631STom Van Eyck #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) 64*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; 65*b0563631STom Van Eyck #endif 66*b0563631STom Van Eyck 67*b0563631STom Van Eyck #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ 68*b0563631STom Van Eyck defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) 69*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; 70*b0563631STom Van Eyck #endif 71*b0563631STom Van Eyck 72*b0563631STom Van Eyck #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ 73*b0563631STom Van Eyck defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 74*b0563631STom Van Eyck extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; 75*b0563631STom Van Eyck #endif 76*b0563631STom Van Eyck 77*b0563631STom Van Eyck /* Generic fallback function for error translation, 78*b0563631STom Van Eyck * when the received state was not module-specific. */ 79*b0563631STom Van Eyck int psa_generic_status_to_mbedtls(psa_status_t status); 80*b0563631STom Van Eyck 81*b0563631STom Van Eyck /* This function iterates over provided local error translations, 82*b0563631STom Van Eyck * and if no match was found - calls the fallback error translation function. */ 83*b0563631STom Van Eyck int psa_status_to_mbedtls(psa_status_t status, 84*b0563631STom Van Eyck const mbedtls_error_pair_t *local_translations, 85*b0563631STom Van Eyck size_t local_errors_num, 86*b0563631STom Van Eyck int (*fallback_f)(psa_status_t)); 87*b0563631STom Van Eyck 88*b0563631STom Van Eyck /* The second out of three-stage error handling functions of the pk module, 89*b0563631STom Van Eyck * acts as a fallback after RSA / ECDSA error translation, and if no match 90*b0563631STom Van Eyck * is found, it itself calls psa_generic_status_to_mbedtls. */ 91*b0563631STom Van Eyck int psa_pk_status_to_mbedtls(psa_status_t status); 92*b0563631STom Van Eyck 93*b0563631STom Van Eyck /* Utility macro to shorten the defines of error translator in modules. */ 94*b0563631STom Van Eyck #define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ 95*b0563631STom Van Eyck psa_status_to_mbedtls(status, error_list, \ 96*b0563631STom Van Eyck sizeof(error_list)/sizeof(error_list[0]), \ 97*b0563631STom Van Eyck fallback_f) 98*b0563631STom Van Eyck 99*b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ 100*b0563631STom Van Eyck #endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */ 101