1*62c56f98SSadaf Ebrahimi /** 2*62c56f98SSadaf Ebrahimi * \file psa_util_internal.h 3*62c56f98SSadaf Ebrahimi * 4*62c56f98SSadaf Ebrahimi * \brief Internal utility functions for use of PSA Crypto. 5*62c56f98SSadaf Ebrahimi */ 6*62c56f98SSadaf Ebrahimi /* 7*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors 8*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 9*62c56f98SSadaf Ebrahimi */ 10*62c56f98SSadaf Ebrahimi 11*62c56f98SSadaf Ebrahimi #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H 12*62c56f98SSadaf Ebrahimi #define MBEDTLS_PSA_UTIL_INTERNAL_H 13*62c56f98SSadaf Ebrahimi 14*62c56f98SSadaf Ebrahimi /* Include the public header so that users only need one include. */ 15*62c56f98SSadaf Ebrahimi #include "mbedtls/psa_util.h" 16*62c56f98SSadaf Ebrahimi 17*62c56f98SSadaf Ebrahimi #include "psa/crypto.h" 18*62c56f98SSadaf Ebrahimi 19*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_CRYPTO_C) 20*62c56f98SSadaf Ebrahimi 21*62c56f98SSadaf Ebrahimi /************************************************************************* 22*62c56f98SSadaf Ebrahimi * FFDH 23*62c56f98SSadaf Ebrahimi ************************************************************************/ 24*62c56f98SSadaf Ebrahimi 25*62c56f98SSadaf Ebrahimi #define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ 26*62c56f98SSadaf Ebrahimi PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) 27*62c56f98SSadaf Ebrahimi 28*62c56f98SSadaf Ebrahimi /************************************************************************* 29*62c56f98SSadaf Ebrahimi * ECC 30*62c56f98SSadaf Ebrahimi ************************************************************************/ 31*62c56f98SSadaf Ebrahimi 32*62c56f98SSadaf Ebrahimi #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ 33*62c56f98SSadaf Ebrahimi PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 34*62c56f98SSadaf Ebrahimi 35*62c56f98SSadaf Ebrahimi #define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ 36*62c56f98SSadaf Ebrahimi PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) 37*62c56f98SSadaf Ebrahimi 38*62c56f98SSadaf Ebrahimi /************************************************************************* 39*62c56f98SSadaf Ebrahimi * Error translation 40*62c56f98SSadaf Ebrahimi ************************************************************************/ 41*62c56f98SSadaf Ebrahimi 42*62c56f98SSadaf Ebrahimi typedef struct { 43*62c56f98SSadaf Ebrahimi /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ 44*62c56f98SSadaf Ebrahimi int16_t psa_status; 45*62c56f98SSadaf Ebrahimi /* Error codes used by Mbed TLS are in one of the ranges 46*62c56f98SSadaf Ebrahimi * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level 47*62c56f98SSadaf Ebrahimi * code optionally added), fitting in 16 bits. */ 48*62c56f98SSadaf Ebrahimi int16_t mbedtls_error; 49*62c56f98SSadaf Ebrahimi } mbedtls_error_pair_t; 50*62c56f98SSadaf Ebrahimi 51*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_LIGHT) 52*62c56f98SSadaf Ebrahimi extern const mbedtls_error_pair_t psa_to_md_errors[4]; 53*62c56f98SSadaf Ebrahimi #endif 54*62c56f98SSadaf Ebrahimi 55*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_LMS_C) 56*62c56f98SSadaf Ebrahimi extern const mbedtls_error_pair_t psa_to_lms_errors[3]; 57*62c56f98SSadaf Ebrahimi #endif 58*62c56f98SSadaf Ebrahimi 59*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) 60*62c56f98SSadaf Ebrahimi extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; 61*62c56f98SSadaf Ebrahimi #endif 62*62c56f98SSadaf Ebrahimi 63*62c56f98SSadaf Ebrahimi #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ 64*62c56f98SSadaf Ebrahimi defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) 65*62c56f98SSadaf Ebrahimi extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; 66*62c56f98SSadaf Ebrahimi #endif 67*62c56f98SSadaf Ebrahimi 68*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ 69*62c56f98SSadaf Ebrahimi defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 70*62c56f98SSadaf Ebrahimi extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; 71*62c56f98SSadaf Ebrahimi #endif 72*62c56f98SSadaf Ebrahimi 73*62c56f98SSadaf Ebrahimi /* Generic fallback function for error translation, 74*62c56f98SSadaf Ebrahimi * when the received state was not module-specific. */ 75*62c56f98SSadaf Ebrahimi int psa_generic_status_to_mbedtls(psa_status_t status); 76*62c56f98SSadaf Ebrahimi 77*62c56f98SSadaf Ebrahimi /* This function iterates over provided local error translations, 78*62c56f98SSadaf Ebrahimi * and if no match was found - calls the fallback error translation function. */ 79*62c56f98SSadaf Ebrahimi int psa_status_to_mbedtls(psa_status_t status, 80*62c56f98SSadaf Ebrahimi const mbedtls_error_pair_t *local_translations, 81*62c56f98SSadaf Ebrahimi size_t local_errors_num, 82*62c56f98SSadaf Ebrahimi int (*fallback_f)(psa_status_t)); 83*62c56f98SSadaf Ebrahimi 84*62c56f98SSadaf Ebrahimi /* The second out of three-stage error handling functions of the pk module, 85*62c56f98SSadaf Ebrahimi * acts as a fallback after RSA / ECDSA error translation, and if no match 86*62c56f98SSadaf Ebrahimi * is found, it itself calls psa_generic_status_to_mbedtls. */ 87*62c56f98SSadaf Ebrahimi int psa_pk_status_to_mbedtls(psa_status_t status); 88*62c56f98SSadaf Ebrahimi 89*62c56f98SSadaf Ebrahimi /* Utility macro to shorten the defines of error translator in modules. */ 90*62c56f98SSadaf Ebrahimi #define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ 91*62c56f98SSadaf Ebrahimi psa_status_to_mbedtls(status, error_list, \ 92*62c56f98SSadaf Ebrahimi sizeof(error_list)/sizeof(error_list[0]), \ 93*62c56f98SSadaf Ebrahimi fallback_f) 94*62c56f98SSadaf Ebrahimi 95*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PSA_CRYPTO_C */ 96*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */ 97