From 69b67c8626bc79167793d68b256da03c9925cc41 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Thu, 10 Oct 2024 13:13:37 +0100 Subject: [PATCH 01/19] Split error.h into error_common.h and error.h This commit splits error.h into error_common.h containing error code definitions and error.h which contains functions to convert error codes to error messages. Signed-off-by: Harry Ramsey --- .../drivers/builtin/include/mbedtls/error.h | 135 +-------------- .../builtin/include/mbedtls/error_common.h | 159 ++++++++++++++++++ 2 files changed, 160 insertions(+), 134 deletions(-) create mode 100644 tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h index d101dee3a..8b7c19aa5 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h @@ -11,147 +11,14 @@ #define MBEDTLS_ERROR_H #include "mbedtls/build_info.h" +#include "mbedtls/error_common.h" #include -/** - * Error code layout. - * - * Currently we try to keep all error codes within the negative space of 16 - * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In - * addition we'd like to give two layers of information on the error if - * possible. - * - * For that purpose the error codes are segmented in the following manner: - * - * 16 bit error code bit-segmentation - * - * 1 bit - Unused (sign bit) - * 3 bits - High level module ID - * 5 bits - Module-dependent error code - * 7 bits - Low level module errors - * - * For historical reasons, low-level error codes are divided in even and odd, - * even codes were assigned first, and -1 is reserved for other errors. - * - * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) - * - * Module Nr Codes assigned - * ERROR 2 0x006E 0x0001 - * MPI 7 0x0002-0x0010 - * GCM 3 0x0012-0x0016 0x0013-0x0013 - * THREADING 3 0x001A-0x001E - * AES 5 0x0020-0x0022 0x0021-0x0025 - * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 - * BASE64 2 0x002A-0x002C - * OID 1 0x002E-0x002E 0x000B-0x000B - * DES 2 0x0032-0x0032 0x0033-0x0033 - * CTR_DBRG 4 0x0034-0x003A - * ENTROPY 3 0x003C-0x0040 0x003D-0x003F - * NET 13 0x0042-0x0052 0x0043-0x0049 - * ARIA 4 0x0058-0x005E - * ASN1 7 0x0060-0x006C - * CMAC 1 0x007A-0x007A - * PBKDF2 1 0x007C-0x007C - * HMAC_DRBG 4 0x0003-0x0009 - * CCM 3 0x000D-0x0011 - * MD5 1 0x002F-0x002F - * RIPEMD160 1 0x0031-0x0031 - * SHA1 1 0x0035-0x0035 0x0073-0x0073 - * SHA256 1 0x0037-0x0037 0x0074-0x0074 - * SHA512 1 0x0039-0x0039 0x0075-0x0075 - * SHA-3 1 0x0076-0x0076 - * CHACHA20 3 0x0051-0x0055 - * POLY1305 3 0x0057-0x005B - * CHACHAPOLY 2 0x0054-0x0056 - * PLATFORM 2 0x0070-0x0072 - * LMS 5 0x0011-0x0019 - * - * High-level module nr (3 bits - 0x0...-0x7...) - * Name ID Nr of Errors - * PEM 1 9 - * PKCS#12 1 4 (Started from top) - * X509 2 20 - * PKCS5 2 4 (Started from top) - * DHM 3 11 - * PK 3 15 (Started from top) - * RSA 4 11 - * ECP 4 10 (Started from top) - * MD 5 5 - * HKDF 5 1 (Started from top) - * PKCS7 5 12 (Started from 0x5300) - * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 8 (Started from 0x6080) - * SSL 6 22 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7000, gaps at - * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) - * - * Module dependent error code (5 bits 0x.00.-0x.F8.) - */ - #ifdef __cplusplus extern "C" { #endif -/** Generic error */ -#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 -/** This is a bug in the library */ -#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E - -/** Hardware accelerator failed */ -#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 -/** The requested feature is not supported by the platform */ -#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 - -/** - * \brief Combines a high-level and low-level error code together. - * - * Wrapper macro for mbedtls_error_add(). See that function for - * more details. - */ -#define MBEDTLS_ERROR_ADD(high, low) \ - mbedtls_error_add(high, low, __FILE__, __LINE__) - -#if defined(MBEDTLS_TEST_HOOKS) -/** - * \brief Testing hook called before adding/combining two error codes together. - * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. - */ -extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif - -/** - * \brief Combines a high-level and low-level error code together. - * - * This function can be called directly however it is usually - * called via the #MBEDTLS_ERROR_ADD macro. - * - * While a value of zero is not a negative error code, it is still an - * error code (that denotes success) and can be combined with both a - * negative error code or another value of zero. - * - * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to - * call \link mbedtls_test_hook_error_add \endlink. - * - * \param high high-level error code. See error.h for more details. - * \param low low-level error code. See error.h for more details. - * \param file file where this error code addition occurred. - * \param line line where this error code addition occurred. - */ -static inline int mbedtls_error_add(int high, int low, - const char *file, int line) -{ -#if defined(MBEDTLS_TEST_HOOKS) - if (*mbedtls_test_hook_error_add != NULL) { - (*mbedtls_test_hook_error_add)(high, low, file, line); - } -#endif - (void) file; - (void) line; - - return high + low; -} - /** * \brief Translate an Mbed TLS error code into a string representation. * The result is truncated if necessary and always includes a diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h new file mode 100644 index 000000000..58f1cde33 --- /dev/null +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -0,0 +1,159 @@ +/** + * \file error_common.h + * + * \brief Error codes + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_ERROR_COMMON_H +#define MBEDTLS_ERROR_COMMON_H + +#include "mbedtls/build_info.h" + +#include + +/** + * Error code layout. + * + * Currently we try to keep all error codes within the negative space of 16 + * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In + * addition we'd like to give two layers of information on the error if + * possible. + * + * For that purpose the error codes are segmented in the following manner: + * + * 16 bit error code bit-segmentation + * + * 1 bit - Unused (sign bit) + * 3 bits - High level module ID + * 5 bits - Module-dependent error code + * 7 bits - Low level module errors + * + * For historical reasons, low-level error codes are divided in even and odd, + * even codes were assigned first, and -1 is reserved for other errors. + * + * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) + * + * Module Nr Codes assigned + * ERROR 2 0x006E 0x0001 + * MPI 7 0x0002-0x0010 + * GCM 3 0x0012-0x0016 0x0013-0x0013 + * THREADING 3 0x001A-0x001E + * AES 5 0x0020-0x0022 0x0021-0x0025 + * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 + * BASE64 2 0x002A-0x002C + * OID 1 0x002E-0x002E 0x000B-0x000B + * DES 2 0x0032-0x0032 0x0033-0x0033 + * CTR_DBRG 4 0x0034-0x003A + * ENTROPY 3 0x003C-0x0040 0x003D-0x003F + * NET 13 0x0042-0x0052 0x0043-0x0049 + * ARIA 4 0x0058-0x005E + * ASN1 7 0x0060-0x006C + * CMAC 1 0x007A-0x007A + * PBKDF2 1 0x007C-0x007C + * HMAC_DRBG 4 0x0003-0x0009 + * CCM 3 0x000D-0x0011 + * MD5 1 0x002F-0x002F + * RIPEMD160 1 0x0031-0x0031 + * SHA1 1 0x0035-0x0035 0x0073-0x0073 + * SHA256 1 0x0037-0x0037 0x0074-0x0074 + * SHA512 1 0x0039-0x0039 0x0075-0x0075 + * SHA-3 1 0x0076-0x0076 + * CHACHA20 3 0x0051-0x0055 + * POLY1305 3 0x0057-0x005B + * CHACHAPOLY 2 0x0054-0x0056 + * PLATFORM 2 0x0070-0x0072 + * LMS 5 0x0011-0x0019 + * + * High-level module nr (3 bits - 0x0...-0x7...) + * Name ID Nr of Errors + * PEM 1 9 + * PKCS#12 1 4 (Started from top) + * X509 2 20 + * PKCS5 2 4 (Started from top) + * DHM 3 11 + * PK 3 15 (Started from top) + * RSA 4 11 + * ECP 4 10 (Started from top) + * MD 5 5 + * HKDF 5 1 (Started from top) + * PKCS7 5 12 (Started from 0x5300) + * SSL 5 2 (Started from 0x5F00) + * CIPHER 6 8 (Started from 0x6080) + * SSL 6 22 (Started from top, plus 0x6000) + * SSL 7 20 (Started from 0x7000, gaps at + * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) + * + * Module dependent error code (5 bits 0x.00.-0x.F8.) + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** Generic error */ +#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 +/** This is a bug in the library */ +#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E + +/** Hardware accelerator failed */ +#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 +/** The requested feature is not supported by the platform */ +#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 + +/** + * \brief Combines a high-level and low-level error code together. + * + * Wrapper macro for mbedtls_error_add(). See that function for + * more details. + */ +#define MBEDTLS_ERROR_ADD(high, low) \ + mbedtls_error_add(high, low, __FILE__, __LINE__) + +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Testing hook called before adding/combining two error codes together. + * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. + */ +extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + +/** + * \brief Combines a high-level and low-level error code together. + * + * This function can be called directly however it is usually + * called via the #MBEDTLS_ERROR_ADD macro. + * + * While a value of zero is not a negative error code, it is still an + * error code (that denotes success) and can be combined with both a + * negative error code or another value of zero. + * + * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to + * call \link mbedtls_test_hook_error_add \endlink. + * + * \param high high-level error code. See error.h for more details. + * \param low low-level error code. See error.h for more details. + * \param file file where this error code addition occurred. + * \param line line where this error code addition occurred. + */ +static inline int mbedtls_error_add(int high, int low, + const char *file, int line) +{ +#if defined(MBEDTLS_TEST_HOOKS) + if (*mbedtls_test_hook_error_add != NULL) { + (*mbedtls_test_hook_error_add)(high, low, file, line); + } +#endif + (void) file; + (void) line; + + return high + low; +} + +#ifdef __cplusplus +} +#endif + +#endif /* error_common.h */ From 90724f7f54a0e1d702f37911610a8a68a43f7f95 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 15:32:19 +0100 Subject: [PATCH 02/19] Move error.h from tf-psa-crypto to Mbed TLS This commit moves error.h from tf-psa-crypto to Mbed TLS for 4.0 release. Signed-off-by: Harry Ramsey --- .../drivers/builtin/include => include}/mbedtls/error.h | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {tf-psa-crypto/drivers/builtin/include => include}/mbedtls/error.h (100%) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h b/include/mbedtls/error.h similarity index 100% rename from tf-psa-crypto/drivers/builtin/include/mbedtls/error.h rename to include/mbedtls/error.h From d2bcdba9caaae34d88ac788d3448e788a9621e10 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 12:04:57 +0100 Subject: [PATCH 03/19] Update generate_errors.pl for error header split This commit updates generated_errors.pl to create the error.c file and correctly include the error_common.h header file, which contains error code definitions. Signed-off-by: Harry Ramsey --- scripts/generate_errors.pl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index df546d7d6..147ecdca7 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -24,7 +24,7 @@ if( @ARGV ) { $crypto_include_dir = 'tf-psa-crypto/drivers/builtin/include/mbedtls'; $tls_include_dir = 'include/mbedtls'; $data_dir = 'scripts/data_files'; - $error_file = 'tf-psa-crypto/drivers/builtin/src/error.c'; + $error_file = 'library/error.c'; unless( -d $crypto_include_dir && -d $tls_include_dir && -d $data_dir ) { chdir '..' or die; @@ -37,7 +37,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5 + ENTROPY ERROR_COMMON GCM HKDF HMAC_DRBG LMS MD5 NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 SHA3 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD @@ -121,6 +121,7 @@ foreach my $match (@matches) $module_name = "BIGNUM" if ($module_name eq "MPI"); $module_name = "CTR_DRBG" if ($module_name eq "CTR"); $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); + $module_name = "ERROR_COMMON" if ($module_name eq "ERROR"); my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); From 798d8b6533ae324eb2875db4594dc10d0752f478 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 17:09:18 +0100 Subject: [PATCH 04/19] Update build scripts for error.c generation This commit updates the build scripts for error.c generation to be generated in the Mbed TLS library directory. Signed-off-by: Harry Ramsey --- library/CMakeLists.txt | 22 +++++++++++++++ library/Makefile | 12 ++++----- tf-psa-crypto/drivers/builtin/CMakeLists.txt | 28 -------------------- 3 files changed, 28 insertions(+), 34 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 5cb5ec860..6af4f0f2f 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -6,6 +6,7 @@ if(NOT DEFINED MBEDTLS_DIR) endif() set(src_x509 + error.c pkcs7.c x509.c x509_create.c @@ -41,6 +42,26 @@ set(src_tls ) if(GEN_FILES) + find_package(Perl REQUIRED) + + file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/*.h) + file(GLOB tls_error_headers ${MBEDTLS_DIR}/include/mbedtls/*.h) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/error.c + COMMAND + ${PERL_EXECUTABLE} + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl + ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/include/mbedtls + ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files + ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c + DEPENDS + ${MBEDTLS_DIR}/scripts/generate_errors.pl + ${crypto_error_headers} + ${tls_error_headers} + ${MBEDTLS_DIR}/scripts/data_files/error.fmt + ) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/version_features.c @@ -69,6 +90,7 @@ if(GEN_FILES) ${tls_error_headers} ) else() + link_to_source(error.c) link_to_source(version_features.c) link_to_source(ssl_debug_helpers_generated.c) endif() diff --git a/library/Makefile b/library/Makefile index e9c908ee9..d69f9e059 100644 --- a/library/Makefile +++ b/library/Makefile @@ -6,7 +6,7 @@ TF_PSA_CRYPTO_CORE_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/core TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/drivers/builtin/src GENERATED_FILES := \ - $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c \ + error.c \ version_features.c \ ssl_debug_helpers_generated.c \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers.h \ @@ -148,7 +148,7 @@ OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \ - $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.o \ + error.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \ @@ -357,10 +357,10 @@ else gen_file_dep = | endif -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/generate_errors.pl -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/data_files/error.fmt -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: +error.c: $(gen_file_dep) ../scripts/generate_errors.pl +error.c: $(gen_file_dep) ../scripts/data_files/error.fmt +error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) +error.c: echo " Gen $@" $(PERL) ../scripts/generate_errors.pl diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index 5cbdbbcc8..9ec1a87b4 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -1,34 +1,6 @@ add_subdirectory(src) file(GLOB src_builtin RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} src/*.c) -if(NOT "src/error.c" IN_LIST "${src_builtin}") - list(APPEND src_builtin src/error.c) -endif() - -if(GEN_FILES) - find_package(Perl REQUIRED) - - file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/*.h) - file(GLOB tls_error_headers ${MBEDTLS_DIR}/include/mbedtls/*.h) - add_custom_command( - OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/src/error.c - COMMAND - ${PERL_EXECUTABLE} - ${MBEDTLS_DIR}/scripts/generate_errors.pl - ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls - ${MBEDTLS_DIR}/include/mbedtls - ${MBEDTLS_DIR}/scripts/data_files - ${CMAKE_CURRENT_BINARY_DIR}/src/error.c - DEPENDS - ${MBEDTLS_DIR}/scripts/generate_errors.pl - ${crypto_error_headers} - ${tls_error_headers} - ${MBEDTLS_DIR}/scripts/data_files/error.fmt - ) -else() - link_to_source(src/error.c) -endif() if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") From a05bfeed1e90a8dca3a3debd69ec1cef8ce5206e Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 14 Oct 2024 07:19:01 +0100 Subject: [PATCH 05/19] Refactor tf-psa-crypto to use error_common.h instead of error.h This commit refactors tf-psa-crypto to include error_common.h instead of error.h as these files have been split and the relevant error codes are now inside error_common.h. Signed-off-by: Harry Ramsey --- tf-psa-crypto/core/psa_crypto.c | 4 ++-- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- tf-psa-crypto/drivers/builtin/src/aes.c | 2 +- tf-psa-crypto/drivers/builtin/src/asn1parse.c | 2 +- tf-psa-crypto/drivers/builtin/src/asn1write.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_core.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_mod.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c | 2 +- tf-psa-crypto/drivers/builtin/src/ccm.c | 2 +- tf-psa-crypto/drivers/builtin/src/chacha20.c | 2 +- tf-psa-crypto/drivers/builtin/src/chachapoly.c | 2 +- tf-psa-crypto/drivers/builtin/src/cipher.c | 2 +- tf-psa-crypto/drivers/builtin/src/cipher_wrap.c | 2 +- tf-psa-crypto/drivers/builtin/src/cmac.c | 2 +- tf-psa-crypto/drivers/builtin/src/constant_time.c | 2 +- tf-psa-crypto/drivers/builtin/src/ctr_drbg.c | 2 +- tf-psa-crypto/drivers/builtin/src/des.c | 2 +- tf-psa-crypto/drivers/builtin/src/dhm.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecdh.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecdsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecjpake.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp_curves.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c | 2 +- tf-psa-crypto/drivers/builtin/src/entropy.c | 2 +- tf-psa-crypto/drivers/builtin/src/entropy_poll.c | 2 +- tf-psa-crypto/drivers/builtin/src/gcm.c | 2 +- tf-psa-crypto/drivers/builtin/src/hkdf.c | 2 +- tf-psa-crypto/drivers/builtin/src/hmac_drbg.c | 2 +- tf-psa-crypto/drivers/builtin/src/lmots.c | 2 +- tf-psa-crypto/drivers/builtin/src/lms.c | 2 +- tf-psa-crypto/drivers/builtin/src/md.c | 2 +- tf-psa-crypto/drivers/builtin/src/md5.c | 2 +- tf-psa-crypto/drivers/builtin/src/nist_kw.c | 2 +- tf-psa-crypto/drivers/builtin/src/oid.c | 2 +- tf-psa-crypto/drivers/builtin/src/pem.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk_ecc.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk_wrap.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkcs12.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkcs5.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkparse.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkwrite.c | 2 +- tf-psa-crypto/drivers/builtin/src/platform.c | 2 +- tf-psa-crypto/drivers/builtin/src/poly1305.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_util.c | 2 +- tf-psa-crypto/drivers/builtin/src/ripemd160.c | 2 +- tf-psa-crypto/drivers/builtin/src/rsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha1.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha256.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha3.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha512.c | 2 +- tf-psa-crypto/tests/suites/helpers.function | 4 ++-- tf-psa-crypto/tests/suites/main_test.function | 2 +- tf-psa-crypto/tests/suites/test_suite_error.function | 4 ++-- tf-psa-crypto/tests/suites/test_suite_pk.function | 2 +- 65 files changed, 69 insertions(+), 69 deletions(-) diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c index d1c93fd21..3d859f189 100644 --- a/tf-psa-crypto/core/psa_crypto.c +++ b/tf-psa-crypto/core/psa_crypto.c @@ -58,13 +58,13 @@ #include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/gcm.h" #include "mbedtls/md5.h" #include "mbedtls/pk.h" #include "pk_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" #include "mbedtls/sha1.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index 58f1cde33..4598a93f5 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERROR_COMMON_H -#define MBEDTLS_ERROR_COMMON_H +#ifndef MBEDTLS_ERRORCOMMON_COMMON_H +#define MBEDTLS_ERRORCOMMON_COMMON_H #include "mbedtls/build_info.h" diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index b9145eaff..c36845b92 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -20,7 +20,7 @@ #include "mbedtls/aes.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #if !((defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_AESCE_C)) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/asn1parse.c b/tf-psa-crypto/drivers/builtin/src/asn1parse.c index ecea90434..61288656b 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1parse.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1parse.c @@ -12,7 +12,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/asn1write.c b/tf-psa-crypto/drivers/builtin/src/asn1write.c index 6355fad3b..3e154f418 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1write.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1write.c @@ -11,7 +11,7 @@ defined(PSA_HAVE_ALG_SOME_ECDSA) #include "mbedtls/asn1write.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/bignum.c b/tf-psa-crypto/drivers/builtin/src/bignum.c index 424490951..36c18a47d 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum.c @@ -30,7 +30,7 @@ #include "bignum_internal.h" #include "bn_mul.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "constant_time_internal.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_core.c b/tf-psa-crypto/drivers/builtin/src/bignum_core.c index 60f48f92d..67d5025b8 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_core.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_core.c @@ -11,7 +11,7 @@ #include -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_mod.c b/tf-psa-crypto/drivers/builtin/src/bignum_mod.c index dfd332a70..0d5534f8f 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_mod.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_mod.c @@ -12,7 +12,7 @@ #include #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/bignum.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c b/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c index 5343bc650..5b889c87f 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c @@ -11,7 +11,7 @@ #include -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ccm.c b/tf-psa-crypto/drivers/builtin/src/ccm.c index 68af90337..0e6637fa6 100644 --- a/tf-psa-crypto/drivers/builtin/src/ccm.c +++ b/tf-psa-crypto/drivers/builtin/src/ccm.c @@ -20,7 +20,7 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) diff --git a/tf-psa-crypto/drivers/builtin/src/chacha20.c b/tf-psa-crypto/drivers/builtin/src/chacha20.c index 3501837d3..36a70b3b7 100644 --- a/tf-psa-crypto/drivers/builtin/src/chacha20.c +++ b/tf-psa-crypto/drivers/builtin/src/chacha20.c @@ -15,7 +15,7 @@ #include "mbedtls/chacha20.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/src/chachapoly.c b/tf-psa-crypto/drivers/builtin/src/chachapoly.c index 5bfee0982..3130ac1d7 100644 --- a/tf-psa-crypto/drivers/builtin/src/chachapoly.c +++ b/tf-psa-crypto/drivers/builtin/src/chachapoly.c @@ -12,7 +12,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/cipher.c b/tf-psa-crypto/drivers/builtin/src/cipher.c index 7f4c12149..15b97fa24 100644 --- a/tf-psa-crypto/drivers/builtin/src/cipher.c +++ b/tf-psa-crypto/drivers/builtin/src/cipher.c @@ -16,7 +16,7 @@ #include "mbedtls/cipher.h" #include "cipher_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c index d2fee22e2..9726b3162 100644 --- a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c +++ b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c @@ -14,7 +14,7 @@ #if defined(MBEDTLS_CIPHER_C) #include "cipher_wrap.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_CHACHAPOLY_C) #include "mbedtls/chachapoly.h" diff --git a/tf-psa-crypto/drivers/builtin/src/cmac.c b/tf-psa-crypto/drivers/builtin/src/cmac.c index 5e517c4b1..706602419 100644 --- a/tf-psa-crypto/drivers/builtin/src/cmac.c +++ b/tf-psa-crypto/drivers/builtin/src/cmac.c @@ -32,7 +32,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/constant_time.c b/tf-psa-crypto/drivers/builtin/src/constant_time.c index 95b81221f..e233b6206 100644 --- a/tf-psa-crypto/drivers/builtin/src/constant_time.c +++ b/tf-psa-crypto/drivers/builtin/src/constant_time.c @@ -16,7 +16,7 @@ #include "common.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c b/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c index b82044eb7..facfc2e11 100644 --- a/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c +++ b/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c @@ -17,7 +17,7 @@ #include "ctr.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index 4bb354af7..03d79ede3 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -16,7 +16,7 @@ #if defined(MBEDTLS_DES_C) #include "mbedtls/des.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/dhm.c b/tf-psa-crypto/drivers/builtin/src/dhm.c index 75af8b791..c7c3e0866 100644 --- a/tf-psa-crypto/drivers/builtin/src/dhm.c +++ b/tf-psa-crypto/drivers/builtin/src/dhm.c @@ -19,7 +19,7 @@ #include "mbedtls/dhm.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecdh.c b/tf-psa-crypto/drivers/builtin/src/ecdh.c index 28fe757ea..db77a3103 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdh.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdh.c @@ -18,7 +18,7 @@ #include "mbedtls/ecdh.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c index 57d52fee2..7971ef4ae 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c @@ -27,7 +27,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_ECP_RESTARTABLE) diff --git a/tf-psa-crypto/drivers/builtin/src/ecjpake.c b/tf-psa-crypto/drivers/builtin/src/ecjpake.c index ebdae9280..a0a386b8a 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecjpake.c +++ b/tf-psa-crypto/drivers/builtin/src/ecjpake.c @@ -16,7 +16,7 @@ #include "mbedtls/ecjpake.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecp.c b/tf-psa-crypto/drivers/builtin/src/ecp.c index 1e6b69b98..ef586284d 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp.c @@ -36,7 +36,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/threading.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "bn_mul.h" #include "ecp_invasive.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ecp_curves.c b/tf-psa-crypto/drivers/builtin/src/ecp_curves.c index 97636a729..99ced0dde 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp_curves.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp_curves.c @@ -13,7 +13,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "bn_mul.h" #include "bignum_core.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c b/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c index 169247f3b..6506a2276 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c @@ -14,7 +14,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/entropy.c b/tf-psa-crypto/drivers/builtin/src/entropy.c index 7dcf067a5..fd222c0d7 100644 --- a/tf-psa-crypto/drivers/builtin/src/entropy.c +++ b/tf-psa-crypto/drivers/builtin/src/entropy.c @@ -12,7 +12,7 @@ #include "mbedtls/entropy.h" #include "entropy_poll.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/entropy_poll.c b/tf-psa-crypto/drivers/builtin/src/entropy_poll.c index 611768cd8..bd2cf693e 100644 --- a/tf-psa-crypto/drivers/builtin/src/entropy_poll.c +++ b/tf-psa-crypto/drivers/builtin/src/entropy_poll.c @@ -20,7 +20,7 @@ #include "mbedtls/entropy.h" #include "entropy_poll.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" diff --git a/tf-psa-crypto/drivers/builtin/src/gcm.c b/tf-psa-crypto/drivers/builtin/src/gcm.c index dda1ff21f..84062662a 100644 --- a/tf-psa-crypto/drivers/builtin/src/gcm.c +++ b/tf-psa-crypto/drivers/builtin/src/gcm.c @@ -22,7 +22,7 @@ #include "mbedtls/gcm.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) diff --git a/tf-psa-crypto/drivers/builtin/src/hkdf.c b/tf-psa-crypto/drivers/builtin/src/hkdf.c index 631ac24e5..b2410208e 100644 --- a/tf-psa-crypto/drivers/builtin/src/hkdf.c +++ b/tf-psa-crypto/drivers/builtin/src/hkdf.c @@ -11,7 +11,7 @@ #include #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, diff --git a/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c b/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c index c29fad337..eba507953 100644 --- a/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c +++ b/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c @@ -17,7 +17,7 @@ #include "mbedtls/hmac_drbg.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/lmots.c b/tf-psa-crypto/drivers/builtin/src/lmots.c index c51cb41ec..23e235c5b 100644 --- a/tf-psa-crypto/drivers/builtin/src/lmots.c +++ b/tf-psa-crypto/drivers/builtin/src/lmots.c @@ -28,7 +28,7 @@ #include "mbedtls/lms.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "psa_util_internal.h" #include "psa/crypto.h" diff --git a/tf-psa-crypto/drivers/builtin/src/lms.c b/tf-psa-crypto/drivers/builtin/src/lms.c index 7f7bec068..d354046be 100644 --- a/tf-psa-crypto/drivers/builtin/src/lms.c +++ b/tf-psa-crypto/drivers/builtin/src/lms.c @@ -29,7 +29,7 @@ #include "psa/crypto.h" #include "psa_util_internal.h" #include "mbedtls/lms.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/md.c b/tf-psa-crypto/drivers/builtin/src/md.c index eee8aa37f..510052859 100644 --- a/tf-psa-crypto/drivers/builtin/src/md.c +++ b/tf-psa-crypto/drivers/builtin/src/md.c @@ -32,7 +32,7 @@ #include "mbedtls/md.h" #include "md_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" diff --git a/tf-psa-crypto/drivers/builtin/src/md5.c b/tf-psa-crypto/drivers/builtin/src/md5.c index fd9a8e960..5e5ee86c9 100644 --- a/tf-psa-crypto/drivers/builtin/src/md5.c +++ b/tf-psa-crypto/drivers/builtin/src/md5.c @@ -16,7 +16,7 @@ #include "mbedtls/md5.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/nist_kw.c b/tf-psa-crypto/drivers/builtin/src/nist_kw.c index a4b4be759..431a8efdb 100644 --- a/tf-psa-crypto/drivers/builtin/src/nist_kw.c +++ b/tf-psa-crypto/drivers/builtin/src/nist_kw.c @@ -21,7 +21,7 @@ #include "mbedtls/nist_kw.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/oid.c b/tf-psa-crypto/drivers/builtin/src/oid.c index ae30dfe64..ad3d8e03b 100644 --- a/tf-psa-crypto/drivers/builtin/src/oid.c +++ b/tf-psa-crypto/drivers/builtin/src/oid.c @@ -13,7 +13,7 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pk.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pem.c b/tf-psa-crypto/drivers/builtin/src/pem.c index 98f708f42..212889293 100644 --- a/tf-psa-crypto/drivers/builtin/src/pem.c +++ b/tf-psa-crypto/drivers/builtin/src/pem.c @@ -16,7 +16,7 @@ #include "mbedtls/md.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pk.c b/tf-psa-crypto/drivers/builtin/src/pk.c index 28b4e7a65..9632c76ff 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk.c +++ b/tf-psa-crypto/drivers/builtin/src/pk.c @@ -14,7 +14,7 @@ #include "pk_internal.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pk_ecc.c b/tf-psa-crypto/drivers/builtin/src/pk_ecc.c index 707988d2d..0c4ffbfb1 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk_ecc.c +++ b/tf-psa-crypto/drivers/builtin/src/pk_ecc.c @@ -8,7 +8,7 @@ #include "common.h" #include "mbedtls/pk.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ecp.h" #include "pk_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pk_wrap.c b/tf-psa-crypto/drivers/builtin/src/pk_wrap.c index 31ec2fdf3..9063555d6 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk_wrap.c +++ b/tf-psa-crypto/drivers/builtin/src/pk_wrap.c @@ -12,7 +12,7 @@ #if defined(MBEDTLS_PK_C) #include "pk_wrap.h" #include "pk_internal.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/psa_util.h" /* Even if RSA not activated, for the sake of RSA-alt */ diff --git a/tf-psa-crypto/drivers/builtin/src/pkcs12.c b/tf-psa-crypto/drivers/builtin/src/pkcs12.c index a3467b982..0c7856907 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkcs12.c +++ b/tf-psa-crypto/drivers/builtin/src/pkcs12.c @@ -21,7 +21,7 @@ #include "mbedtls/cipher.h" #endif /* MBEDTLS_CIPHER_C */ #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pkcs5.c b/tf-psa-crypto/drivers/builtin/src/pkcs5.c index c57f672f8..b43aaf7b7 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkcs5.c +++ b/tf-psa-crypto/drivers/builtin/src/pkcs5.c @@ -20,7 +20,7 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pkparse.c b/tf-psa-crypto/drivers/builtin/src/pkparse.c index 3419ad90c..006774ca2 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkparse.c +++ b/tf-psa-crypto/drivers/builtin/src/pkparse.c @@ -14,7 +14,7 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ecp.h" #include "pk_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pkwrite.c b/tf-psa-crypto/drivers/builtin/src/pkwrite.c index 0b5799584..ba073ad71 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkwrite.c +++ b/tf-psa-crypto/drivers/builtin/src/pkwrite.c @@ -13,7 +13,7 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "pk_internal.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/platform.c b/tf-psa-crypto/drivers/builtin/src/platform.c index 890c4cbab..c535e9e9d 100644 --- a/tf-psa-crypto/drivers/builtin/src/platform.c +++ b/tf-psa-crypto/drivers/builtin/src/platform.c @@ -11,7 +11,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" /* The compile time configuration of memory allocation via the macros * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime diff --git a/tf-psa-crypto/drivers/builtin/src/poly1305.c b/tf-psa-crypto/drivers/builtin/src/poly1305.c index 81a484691..6d898f7c8 100644 --- a/tf-psa-crypto/drivers/builtin/src/poly1305.c +++ b/tf-psa-crypto/drivers/builtin/src/poly1305.c @@ -12,7 +12,7 @@ #include "mbedtls/poly1305.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c index a201985b4..bcd7d9544 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c @@ -21,7 +21,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" #include "mbedtls/gcm.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" static psa_status_t psa_aead_setup( mbedtls_psa_aead_operation_t *operation, diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c index 3216c9489..2f635e81d 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c @@ -15,7 +15,7 @@ #include "psa_crypto_random_impl.h" #include "mbedtls/cipher.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c index 749e11be0..cc5b483ce 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c @@ -23,7 +23,7 @@ #include #include #include -#include +#include #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c index ae38f6d7c..1d7828e95 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c @@ -21,7 +21,7 @@ #include "psa_crypto_ffdh.h" #include "psa_crypto_random_impl.h" #include "mbedtls/platform.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c index eeb7666c1..0849c9f25 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c @@ -14,7 +14,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_hash.h" -#include +#include #include #if defined(MBEDTLS_PSA_BUILTIN_HASH) diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c index 8fe621811..9486b317f 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c @@ -16,7 +16,7 @@ #include "psa_crypto_mac.h" #include -#include +#include #include "mbedtls/constant_time.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c index 9ac2e8c48..2703e7d7d 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c @@ -19,7 +19,7 @@ #include "psa_util_internal.h" #include -#include +#include #include /* diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c index 5fe26ec87..9678a96f8 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c @@ -23,7 +23,7 @@ #include "mbedtls/platform.h" #include -#include +#include #include "rsa_internal.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_util.c b/tf-psa-crypto/drivers/builtin/src/psa_util.c index 36ad0ce59..55803ea5e 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_util.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_util.c @@ -9,7 +9,7 @@ #include "common.h" /* This is needed for MBEDTLS_ERR_XXX macros */ -#include +#include #if defined(MBEDTLS_ASN1_WRITE_C) #include diff --git a/tf-psa-crypto/drivers/builtin/src/ripemd160.c b/tf-psa-crypto/drivers/builtin/src/ripemd160.c index 0845fe821..b696c04b4 100644 --- a/tf-psa-crypto/drivers/builtin/src/ripemd160.c +++ b/tf-psa-crypto/drivers/builtin/src/ripemd160.c @@ -17,7 +17,7 @@ #include "mbedtls/ripemd160.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/rsa.c b/tf-psa-crypto/drivers/builtin/src/rsa.c index 33bb1d346..458ee26a3 100644 --- a/tf-psa-crypto/drivers/builtin/src/rsa.c +++ b/tf-psa-crypto/drivers/builtin/src/rsa.c @@ -35,7 +35,7 @@ #include "mbedtls/oid.h" #include "mbedtls/asn1write.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" #include "md_psa.h" diff --git a/tf-psa-crypto/drivers/builtin/src/sha1.c b/tf-psa-crypto/drivers/builtin/src/sha1.c index bd1b6301f..208bac44d 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha1.c +++ b/tf-psa-crypto/drivers/builtin/src/sha1.c @@ -16,7 +16,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 842b892cd..f2800e4db 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -54,7 +54,7 @@ #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha3.c b/tf-psa-crypto/drivers/builtin/src/sha3.c index 57385595f..dc7cac47f 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha3.c +++ b/tf-psa-crypto/drivers/builtin/src/sha3.c @@ -43,7 +43,7 @@ #include "mbedtls/sha3.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 9d8cffbc6..b915f99c1 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -32,7 +32,7 @@ #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 diff --git a/tf-psa-crypto/tests/suites/helpers.function b/tf-psa-crypto/tests/suites/helpers.function index b561f4766..f28da7053 100644 --- a/tf-psa-crypto/tests/suites/helpers.function +++ b/tf-psa-crypto/tests/suites/helpers.function @@ -16,8 +16,8 @@ #include #include -#if defined(MBEDTLS_ERROR_C) -#include "mbedtls/error.h" +#if defined(MBEDTLS_ERRORCOMMON_C) +#include "mbedtls/error_common.h" #endif #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/tests/suites/main_test.function b/tf-psa-crypto/tests/suites/main_test.function index c0cc2ac50..fd0656ba3 100644 --- a/tf-psa-crypto/tests/suites/main_test.function +++ b/tf-psa-crypto/tests/suites/main_test.function @@ -232,7 +232,7 @@ int main(int argc, const char *argv[]) #if defined(MBEDTLS_TEST_HOOKS) extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const char *file); mbedtls_test_hook_test_fail = &mbedtls_test_fail; -#if defined(MBEDTLS_ERROR_C) +#if defined(MBEDTLS_ERRORCOMMON_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; #endif #endif diff --git a/tf-psa-crypto/tests/suites/test_suite_error.function b/tf-psa-crypto/tests/suites/test_suite_error.function index 4c38ab05f..2c17463b3 100644 --- a/tf-psa-crypto/tests/suites/test_suite_error.function +++ b/tf-psa-crypto/tests/suites/test_suite_error.function @@ -1,9 +1,9 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ERROR_C + * depends_on:MBEDTLS_ERRORCOMMON_C * END_DEPENDENCIES */ diff --git a/tf-psa-crypto/tests/suites/test_suite_pk.function b/tf-psa-crypto/tests/suites/test_suite_pk.function index 55848abdf..bad09fac8 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pk.function +++ b/tf-psa-crypto/tests/suites/test_suite_pk.function @@ -7,7 +7,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/base64.h" #include "mbedtls/ecp.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/rsa.h" #include "rsa_internal.h" #include "pk_internal.h" From bd77a35b955accff48bee8cf32da088a50df46db Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 14 Oct 2024 11:56:40 +0100 Subject: [PATCH 06/19] Move tests for error.c from tf-psa-crypto to Mbed TLS This commit moves the test functions and test data from tf-psa-crypto to Mbed TLS. Signed-off-by: Harry Ramsey --- {tf-psa-crypto/tests => tests}/suites/test_suite_error.data | 0 {tf-psa-crypto/tests => tests}/suites/test_suite_error.function | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename {tf-psa-crypto/tests => tests}/suites/test_suite_error.data (100%) rename {tf-psa-crypto/tests => tests}/suites/test_suite_error.function (100%) diff --git a/tf-psa-crypto/tests/suites/test_suite_error.data b/tests/suites/test_suite_error.data similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_error.data rename to tests/suites/test_suite_error.data diff --git a/tf-psa-crypto/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_error.function rename to tests/suites/test_suite_error.function From 3901af52b8d3a0a4d134445c7421235a34b66b42 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 15 Oct 2024 12:03:11 +0100 Subject: [PATCH 07/19] Add x509 library to utility programs This commit adds Mbed TLS x509 as a library dependency for utility programs. This is necessary for strerror.c to work correctly. Signed-off-by: Harry Ramsey --- programs/util/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index 264d9416c..9ceb13f7c 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -1,5 +1,6 @@ set(libs ${mbedcrypto_target} + ${mbedx509_target} ) set(executables From 8b4b15269a60bec1c7fb1a5fb0497eec643b9ad2 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 15 Oct 2024 12:04:26 +0100 Subject: [PATCH 08/19] Fix test scripts for split error files This commit fixes failing tests to do with generated files and code styles. Signed-off-by: Harry Ramsey --- tests/scripts/check-generated-files.sh | 2 +- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 583c26e8d..a224e58ca 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -170,7 +170,7 @@ check scripts/generate_driver_wrappers.py ${crypto_core_dir}/psa_crypto_driver_w # Additional checks for Mbed TLS only if in_mbedtls_repo; then - check scripts/generate_errors.pl ${builtin_drivers_dir}/error.c + check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c check framework/scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index 4598a93f5..dc5e387cc 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERRORCOMMON_COMMON_H -#define MBEDTLS_ERRORCOMMON_COMMON_H +#ifndef MBEDTLS_ERRORCOMMON_H +#define MBEDTLS_ERRORCOMMON_H #include "mbedtls/build_info.h" From 9c664050980c1167df996759a34d8c5194d180db Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Wed, 16 Oct 2024 14:08:19 +0100 Subject: [PATCH 09/19] Disable strerror in test programs This commit disables printing strerror messages in test programs. This is due to moving the functions back to Mbed TLS and wanting to keep dependencies of programs small. The code has not been removed but simply commented out for when these functions are reimplemented. Signed-off-by: Harry Ramsey --- programs/pkey/gen_key.c | 5 +++-- programs/pkey/key_app.c | 5 +++-- programs/pkey/key_app_writer.c | 5 +++-- programs/pkey/pk_decrypt.c | 5 +++-- programs/pkey/pk_encrypt.c | 5 +++-- programs/pkey/pk_sign.c | 5 +++-- programs/pkey/pk_verify.c | 5 +++-- programs/test/benchmark.c | 5 +++-- 8 files changed, 24 insertions(+), 16 deletions(-) diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 83d7b7187..da7d262f2 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -453,8 +453,9 @@ exit: if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" - %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); */ #else mbedtls_printf("\n"); #endif diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index e3a696605..5ccb06327 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -347,8 +347,9 @@ cleanup: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 60f992e43..a460b18db 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -469,8 +469,9 @@ exit: if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" - %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); */ #else mbedtls_printf("\n"); #endif diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index b8f7943d6..025f69c06 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -142,8 +142,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index a916bc6e2..9ada67d5b 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -143,8 +143,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index d48911c88..b8f06c4fb 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -143,8 +143,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index b4e84c303..063abd755 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -117,8 +117,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 93c17291f..36ac02259 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -117,8 +117,9 @@ static unsigned long mbedtls_timing_hardclock(void); #if defined(MBEDTLS_ERROR_C) #define PRINT_ERROR \ - mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ - mbedtls_printf("FAILED: %s\n", tmp); + mbedtls_printf("Error code: %d", ret); +/* mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ + mbedtls_printf("FAILED: %s\n", tmp); */ #else #define PRINT_ERROR \ mbedtls_printf("FAILED: -0x%04x\n", (unsigned int) -ret); From c44f67b5811ca1360aba75da797d9a996155d6e3 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Wed, 16 Oct 2024 21:46:44 +0100 Subject: [PATCH 10/19] Fix error.c generation issue with headers This commit fixes include issues with error.c. Since error_common.h now defines error codes, this is a mandatory include. The macro MBEDTLS_ERROR_C guards functions for strerror which is now found in error.h. Signed-off-by: Harry Ramsey --- scripts/generate_errors.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 147ecdca7..c05184227 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -37,7 +37,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY ERROR_COMMON GCM HKDF HMAC_DRBG LMS MD5 + ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5 NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 SHA3 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD @@ -91,6 +91,7 @@ foreach my $file (@files) { if ($found) { my $include_name = $file; $include_name =~ s!.*/!!; + $include_name = "error.h" if ($include_name eq "error_common.h"); push @necessary_include_files, $include_name; } } @@ -121,7 +122,6 @@ foreach my $match (@matches) $module_name = "BIGNUM" if ($module_name eq "MPI"); $module_name = "CTR_DRBG" if ($module_name eq "CTR"); $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); - $module_name = "ERROR_COMMON" if ($module_name eq "ERROR"); my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); From 924dca9d392aacb8edb61d056de1f168003c0007 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 18 Oct 2024 12:25:20 +0100 Subject: [PATCH 11/19] Move mbedtls_test_hook_error_add from error.c to helpers.c This commit moves mbedtls_test_hook_error_add from error.c to helpers.c. Signed-off-by: Harry Ramsey --- scripts/data_files/error.fmt | 4 ---- tests/src/helpers.c | 5 +++++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 781e72a91..b75a9ab4e 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -152,8 +152,4 @@ void mbedtls_strerror(int ret, char *buf, size_t buflen) #endif /* MBEDTLS_ERROR_C */ -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif - #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index db50296e0..bf823fed3 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -717,4 +717,9 @@ void mbedtls_test_err_add_check(int high, int low, line, file); } } + +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + #endif /* MBEDTLS_TEST_HOOKS */ From bef54c5003a185d749b7b6dbdc728938aa3b0cb7 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:00:24 +0100 Subject: [PATCH 12/19] Remove unnecessary if defined This commit removes unnecessary if defined for multiple files as they are already guarded. Signed-off-by: Harry Ramsey --- tests/src/helpers.c | 2 -- tf-psa-crypto/tests/suites/helpers.function | 2 -- tf-psa-crypto/tests/suites/main_test.function | 2 -- 3 files changed, 6 deletions(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index bf823fed3..1a157331b 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -718,8 +718,6 @@ void mbedtls_test_err_add_check(int high, int low, } } -#if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif #endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tf-psa-crypto/tests/suites/helpers.function b/tf-psa-crypto/tests/suites/helpers.function index f28da7053..37ed61ac5 100644 --- a/tf-psa-crypto/tests/suites/helpers.function +++ b/tf-psa-crypto/tests/suites/helpers.function @@ -16,9 +16,7 @@ #include #include -#if defined(MBEDTLS_ERRORCOMMON_C) #include "mbedtls/error_common.h" -#endif #include "mbedtls/platform.h" #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) diff --git a/tf-psa-crypto/tests/suites/main_test.function b/tf-psa-crypto/tests/suites/main_test.function index fd0656ba3..aebae1c96 100644 --- a/tf-psa-crypto/tests/suites/main_test.function +++ b/tf-psa-crypto/tests/suites/main_test.function @@ -232,9 +232,7 @@ int main(int argc, const char *argv[]) #if defined(MBEDTLS_TEST_HOOKS) extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const char *file); mbedtls_test_hook_test_fail = &mbedtls_test_fail; -#if defined(MBEDTLS_ERRORCOMMON_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; -#endif #endif /* Try changing to the directory containing the executable, if From b791a88c33a66cb8a03d816cb59a1a9228a11e45 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:05:20 +0100 Subject: [PATCH 13/19] Fix test case dependency This commit fixes the error test suite to depend on MBEDTLS_ERROR_C rather than MBEDTLS_ERRORCOMMON_C. Signed-off-by: Harry Ramsey --- tests/suites/test_suite_error.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function index 2c17463b3..4c38ab05f 100644 --- a/tests/suites/test_suite_error.function +++ b/tests/suites/test_suite_error.function @@ -1,9 +1,9 @@ /* BEGIN_HEADER */ -#include "mbedtls/error_common.h" +#include "mbedtls/error.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ERRORCOMMON_C + * depends_on:MBEDTLS_ERROR_C * END_DEPENDENCIES */ From 8b3f513c0ae6436587f2cc053a2bdab7bdd29ac4 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:26:59 +0100 Subject: [PATCH 14/19] Fix linking error for mbedtls_test_hook_error_add This commit fixes a linking error with psa_sim_crypto_server.c where mbedtls_test_hook_error_add was undefined. Signed-off-by: Harry Ramsey --- tests/psa-client-server/psasim/src/psa_sim_crypto_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c index b2ed070c8..2daacd849 100644 --- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c +++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c @@ -21,6 +21,10 @@ #error "Error: MBEDTLS_PSA_CRYPTO_C must be enabled on server build" #endif +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + // Returns 1 for success, 0 for failure int psa_crypto_init_wrapper( uint8_t *in_params, size_t in_params_len, From c0240b314f45c392f8f0d2de972815613ce76699 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 18:38:15 +0100 Subject: [PATCH 15/19] Fix formatting issue This commit fixes a formatting issue where whitespace was added at the end of lines. Signed-off-by: Harry Ramsey --- tests/psa-client-server/psasim/src/psa_sim_crypto_server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c index 2daacd849..a88fc51cc 100644 --- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c +++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c @@ -21,8 +21,8 @@ #error "Error: MBEDTLS_PSA_CRYPTO_C must be enabled on server build" #endif -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif // Returns 1 for success, 0 for failure From 331f08430c28444475a0e82b8ae9fceb361b1c55 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:27:08 +0100 Subject: [PATCH 16/19] Move error.o to OBJS_X509 This commit moves error.o to a build object for OBJS_X509. Signed-off-by: Harry Ramsey --- library/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/Makefile b/library/Makefile index d69f9e059..53c860007 100644 --- a/library/Makefile +++ b/library/Makefile @@ -148,7 +148,6 @@ OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \ - error.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \ @@ -206,6 +205,7 @@ OBJS_X509= \ x509write_crt.o \ x509write_csr.o \ pkcs7.o \ + error.o \ # This line is intentionally left blank OBJS_TLS= \ From fa3663d63364cd6bdcedb19a0a1b2455adc1a0f7 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:33:36 +0100 Subject: [PATCH 17/19] Fix include for tf-psa-crypto tests This commit replaces #includes "error.h" with #include "error_common.h" since error.h no longer exists in tf-psa-crypto. Signed-off-by: Harry Ramsey --- tf-psa-crypto/tests/suites/test_suite_dhm.function | 2 +- tf-psa-crypto/tests/suites/test_suite_pkcs5.function | 2 +- tf-psa-crypto/tests/suites/test_suite_pkparse.function | 2 +- .../tests/suites/test_suite_psa_crypto_se_driver_hal.function | 2 +- tf-psa-crypto/tests/suites/test_suite_rsa.function | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_dhm.function b/tf-psa-crypto/tests/suites/test_suite_dhm.function index 6c6f15bbf..d040c81bc 100644 --- a/tf-psa-crypto/tests/suites/test_suite_dhm.function +++ b/tf-psa-crypto/tests/suites/test_suite_dhm.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/dhm.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" static int check_get_value(const mbedtls_dhm_context *ctx, mbedtls_dhm_parameter param, diff --git a/tf-psa-crypto/tests/suites/test_suite_pkcs5.function b/tf-psa-crypto/tests/suites/test_suite_pkcs5.function index f6be14208..56582d4b4 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pkcs5.function +++ b/tf-psa-crypto/tests/suites/test_suite_pkcs5.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pkcs5.h" #include "mbedtls/cipher.h" /* END_HEADER */ diff --git a/tf-psa-crypto/tests/suites/test_suite_pkparse.function b/tf-psa-crypto/tests/suites/test_suite_pkparse.function index 1cd6e2bb9..15c6de039 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pkparse.function +++ b/tf-psa-crypto/tests/suites/test_suite_pkparse.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pk.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 66d2a4eb9..400d89dc0 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -9,7 +9,7 @@ #if defined(MBEDTLS_PSA_ITS_FILE_C) #include "psa_crypto_its.h" #else /* Native ITS implementation */ -#include "psa/error.h" +#include "psa/error_common.h" #include "psa/internal_trusted_storage.h" #endif diff --git a/tf-psa-crypto/tests/suites/test_suite_rsa.function b/tf-psa-crypto/tests/suites/test_suite_rsa.function index b84848b91..0d086a4e7 100644 --- a/tf-psa-crypto/tests/suites/test_suite_rsa.function +++ b/tf-psa-crypto/tests/suites/test_suite_rsa.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/rsa.h" #include "bignum_core.h" #include "rsa_alt_helpers.h" From ddc59dca21ab6ba7b7352fcc50ec9876d3f2a92a Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:36:21 +0100 Subject: [PATCH 18/19] Refactor error_common ifdef header This commit refactors MBEDTLS_ERRORCOMMON_H to MBEDTLS_ERROR_COMMON_H. Signed-off-by: Harry Ramsey --- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index dc5e387cc..58f1cde33 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERRORCOMMON_H -#define MBEDTLS_ERRORCOMMON_H +#ifndef MBEDTLS_ERROR_COMMON_H +#define MBEDTLS_ERROR_COMMON_H #include "mbedtls/build_info.h" From 08007ed23db3f78c96ab5169e393f43c0d920571 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 14:18:17 +0100 Subject: [PATCH 19/19] Update guards for crypto only builds This commit updates the guards for crypto only builds to prevent error.c being built. Signed-off-by: Harry Ramsey --- scripts/config.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index beeb5e27e..0641a23cb 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -218,6 +218,8 @@ def include_in_crypto(name): 'MBEDTLS_DEBUG_C', # part of libmbedtls 'MBEDTLS_NET_C', # part of libmbedtls 'MBEDTLS_PKCS7_C', # part of libmbedx509 + 'MBEDTLS_ERROR_C', # part of libmbedx509 + 'MBEDTLS_ERROR_STRERROR_DUMMY', # part of libmbedx509 ]: return False if name in EXCLUDE_FROM_CRYPTO: