Rewrite error addition interface

The previous implementation of the error addition interface did not comply
with the invasive testing architecture guidelines. This commit fixes that
by:

- Renaming functions/macros/variables to follow the mbedtls_error_xxx or
  mbedtls_test_hook_xxx convention.

- Making mbedtls_test_hook_error_add a global variable that can be set
  by the testing code.

- Using a static inline function call, as opposed to macro, to keep
  discrepancies between debug and production version to a minimum.

Signed-off-by: Chris Jones <christopher.jones@arm.com>

include/mbedtls/error.h

@@ -114,25 +114,44 @@ extern "C" {
 #define MBEDTLS_ERR_ERROR_GENERIC_ERROR       -0x0001  /**< Generic error */
 #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E  /**< This is a bug in the library */
 
-
-#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C)
 /**
- * \brief Set a function pointer (hook) to allow for invasive testing of error
- *        code addition.
+ * \brief Combines a high-level and low-level error code together.
  *
- * This hook is used in the test infrastructure to report on errors when
- * combining two error codes of the same level.
- *
- * \param hook    hook to invasive testing function
+ *        Wrapper function for mbedtls_err_add_ext(). See that function for
+ *        more details.
  */
-void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) );
-int mbedtls_err_add( int high, int low, const char *file, int line );
-#define MBEDTLS_ERR_ADD( high, low )  \
-    ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) )
-#else
-#define MBEDTLS_ERR_ADD( high, low ) \
-    ( ( high ) + ( low ) )
-#endif /* MBEDTLS_TEST_HOOKS */
+#define mbedtls_error_add( high, low ) \
+        mbedtls_error_add_ext( high, low, __FILE__, __LINE__ )
+
+/**
+ * \brief Testing hook called before adding/combining two error codes together.
+ *        Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
+ */
+void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+
+/**
+ * \brief Combines a high-level and low-level error code together.
+ *
+ *        This function can be called directly however it is usually
+ *        called via the mbedtls_error_add macro.
+ *
+ * \note  When invasive testing is enabled via MBEDTLS_TEST_HOOKS also try to
+ *        call mbedtls_test_hook_error_add.
+ *
+ * \param high      high-level error code. See error.h for more details.
+ * \param low       low-level error code. See error.h for more details.
+ * \param file      file where this error code addition occured.
+ * \param line      line where this error code addition occured.
+ */
+static inline int mbedtls_error_add_ext( int high, int low,
+                                     const char *file, int line )
+{
+#if defined(MBEDTLS_TEST_HOOKS)
+    if( *mbedtls_test_hook_error_add != NULL )
+        ( *mbedtls_test_hook_error_add )( high, low, file, line );
+#endif
+    return( high + low );
+}
 
 /**
  * \brief Translate a mbed TLS error code into a string representation,

library/error.c

@@ -893,22 +893,6 @@ const char * mbedtls_low_level_strerr( int error_code )
     return( NULL );
 }
 
-#if defined(MBEDTLS_TEST_HOOKS)
-static void (*err_add_hook)( int, int, const char *, int );
-
-void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) )
-{
-    err_add_hook = hook;
-}
-
-int mbedtls_err_add( int high, int low, const char *file, int line )
-{
-    if( err_add_hook != NULL )
-        (*err_add_hook)( high, low, file, line );
-    return ( high + low );
-}
-#endif /* MBEDTLS_TEST_HOOKS */
-
 void mbedtls_strerror( int ret, char *buf, size_t buflen )
 {
     size_t len;

library/rsa.c

@@ -102,7 +102,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
         ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) ||
         ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) )
     {
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
     }
 
     if( N != NULL )
@@ -142,7 +142,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
 cleanup:
 
     if( ret != 0 )
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
 
     return( 0 );
 }
@@ -293,7 +293,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
         if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P,
                                          &ctx->Q ) ) != 0 )
         {
-            return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+            return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
         }
 
         ctx->len = mbedtls_mpi_size( &ctx->N );
@@ -308,7 +308,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
         ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D,
                                          &ctx->P, &ctx->Q );
         if( ret != 0 )
-            return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+            return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
 
     }
     else if( d_missing )
@@ -318,7 +318,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
                                                          &ctx->E,
                                                          &ctx->D ) ) != 0 )
         {
-            return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+            return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
         }
     }
 
@@ -333,7 +333,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
         ret = mbedtls_rsa_deduce_crt( &ctx->P,  &ctx->Q,  &ctx->D,
                                       &ctx->DP, &ctx->DQ, &ctx->QP );
         if( ret != 0 )
-            return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+            return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
     }
 #endif /* MBEDTLS_RSA_NO_CRT */
 
@@ -461,13 +461,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
         ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) ||
         ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) )
     {
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
     }
 #else
     if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
                                         DP, DQ, QP ) ) != 0 )
     {
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) );
     }
 #endif
 
@@ -635,8 +635,9 @@ cleanup:
     if( ret != 0 )
     {
         mbedtls_rsa_free( ctx );
+
         if( ( -ret & ~0x7f ) == 0 )
-            ret = MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret );
+            ret = mbedtls_error_add( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret );
         return( ret );
     }
 
@@ -769,7 +770,7 @@ cleanup:
     mbedtls_mpi_free( &T );
 
     if( ret != 0 )
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) );
 
     return( 0 );
 }
@@ -1085,7 +1086,7 @@ cleanup:
     mbedtls_mpi_free( &I );
 
     if( ret != 0 && ret >= -0x007f )
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) );
 
     return( ret );
 }
@@ -1198,7 +1199,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
 
     /* Generate a random octet string seed */
     if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
 
     p += hlen;
 
@@ -1287,7 +1288,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
 
             /* Check if RNG failed to generate data */
             if( rng_dl == 0 || ret != 0 )
-                return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
+                return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
 
             p++;
         }
@@ -1881,7 +1882,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
     /* Generate salt of length slen in place in the encoded message */
     salt = p;
     if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
-        return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
+        return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
 
     p += slen;
 

scripts/data_files/error.fmt

@@ -82,22 +82,6 @@ LOW_LEVEL_CODE_CHECKS
     return( NULL );
 }
 
-#if defined(MBEDTLS_TEST_HOOKS)
-static void (*err_add_hook)( int, int, const char *, int );
-
-void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) )
-{
-    err_add_hook = hook;
-}
-
-int mbedtls_err_add( int high, int low, const char *file, int line )
-{
-    if( err_add_hook != NULL )
-        (*err_add_hook)( high, low, file, line );
-    return ( high + low );
-}
-#endif /* MBEDTLS_TEST_HOOKS */
-
 void mbedtls_strerror( int ret, char *buf, size_t buflen )
 {
     size_t len;

tests/suites/main_test.function

@@ -284,7 +284,7 @@ $platform_code
 int main( int argc, const char *argv[] )
 {
 #if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C)
-    mbedtls_set_err_add_hook( &mbedtls_test_err_add_check );
+    mbedtls_test_hook_error_add = &mbedtls_test_err_add_check;
 #endif
 
     int ret = mbedtls_test_platform_setup();