diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 7f0885794..96b478b7f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -111,7 +111,6 @@ void mbedtls_psa_crypto_free( void ); * \retval #PSA_ERROR_INVALID_ARGUMENT * \p seed_size is out of range. * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval `PSA_ITS_ERROR_XXX` * There was a failure reading or writing from storage. * \retval #PSA_ERROR_NOT_PERMITTED * The library has already been initialized. It is no longer diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd9f38774..1efb3e87f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4391,45 +4391,11 @@ psa_status_t psa_generate_random( uint8_t *output, #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) -/* Support function for error conversion between psa_its error codes to psa crypto */ -static psa_status_t its_to_psa_error( psa_its_status_t ret ) -{ - switch( ret ) - { - case PSA_ITS_SUCCESS: - return( PSA_SUCCESS ); - - case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_DOES_NOT_EXIST ); - - case PSA_ITS_ERROR_STORAGE_FAILURE: - return( PSA_ERROR_STORAGE_FAILURE ); - - case PSA_ITS_ERROR_INSUFFICIENT_SPACE: - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - - case PSA_ITS_ERROR_OFFSET_INVALID: - case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_INVALID_ARGUMENTS: - return( PSA_ERROR_INVALID_ARGUMENT ); - - case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); - - case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_ALREADY_EXISTS ); - - default: - return( PSA_ERROR_GENERIC_ERROR ); - } -} - psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, size_t seed_size ) { psa_status_t status; - psa_its_status_t its_status; - struct psa_its_info_t p_info; + struct psa_storage_info_t p_info; if( global_data.initialized ) return( PSA_ERROR_NOT_PERMITTED ); @@ -4438,15 +4404,13 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); - status = its_to_psa_error( its_status ); + status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); - if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */ + if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ { - its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); - status = its_to_psa_error( its_status ); + status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); } - else if( PSA_ITS_SUCCESS == its_status ) + else if( PSA_SUCCESS == status ) { /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index f97a5d7de..bb0d0cdf1 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -36,39 +36,7 @@ #include "mbedtls/platform.h" #endif -static psa_status_t its_to_psa_error( psa_its_status_t ret ) -{ - switch( ret ) - { - case PSA_ITS_SUCCESS: - return( PSA_SUCCESS ); - - case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_DOES_NOT_EXIST ); - - case PSA_ITS_ERROR_STORAGE_FAILURE: - return( PSA_ERROR_STORAGE_FAILURE ); - - case PSA_ITS_ERROR_INSUFFICIENT_SPACE: - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - - case PSA_ITS_ERROR_OFFSET_INVALID: - case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_INVALID_ARGUMENTS: - return( PSA_ERROR_INVALID_ARGUMENT ); - - case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); - - case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_ALREADY_EXISTS ); - - default: - return( PSA_ERROR_UNKNOWN_ERROR ); - } -} - -static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) { return( key ); } @@ -76,31 +44,28 @@ static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); - if( status != PSA_SUCCESS ) + status = psa_its_get_info( data_identifier, &data_identifier_info ); + if( status != PSA_SUCCESS ) return( status ); - ret = psa_its_get( data_identifier, 0, data_size, data ); - status = its_to_psa_error( ret ); + status = psa_its_get( data_identifier, 0, data_size, data ); return( status ); } int psa_is_key_present_in_storage( const psa_key_id_t key ) { - psa_its_status_t ret; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret == PSA_ERROR_DOES_NOT_EXIST ) return( 0 ); return( 1 ); } @@ -109,23 +74,20 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, size_t data_length ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; if( psa_is_key_present_in_storage( key ) == 1 ) return( PSA_ERROR_ALREADY_EXISTS ); - ret = psa_its_set( data_identifier, data_length, data, 0 ); - status = its_to_psa_error( ret ); + status = psa_its_set( data_identifier, data_length, data, 0 ); if( status != PSA_SUCCESS ) { return( PSA_ERROR_STORAGE_FAILURE ); } - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); + status = psa_its_get_info( data_identifier, &data_identifier_info ); if( status != PSA_SUCCESS ) { goto exit; @@ -145,19 +107,19 @@ exit: psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { - psa_its_status_t ret; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret == PSA_ERROR_DOES_NOT_EXIST ) return( PSA_SUCCESS ); - if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS ) + if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) return( PSA_ERROR_STORAGE_FAILURE ); ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret != PSA_ERROR_DOES_NOT_EXIST ) return( PSA_ERROR_STORAGE_FAILURE ); return( PSA_SUCCESS ); @@ -166,13 +128,11 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, size_t *data_length ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); + status = psa_its_get_info( data_identifier, &data_identifier_info ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 727db43e5..a14657e9f 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -22,7 +22,6 @@ void validate_entropy_seed_injection( int seed_length_a, int seed_length_b, int expected_status_b ) { - psa_its_status_t its_status; psa_status_t status; uint8_t output[32] = { 0 }; uint8_t zeros[32] = { 0 }; @@ -43,9 +42,9 @@ void validate_entropy_seed_injection( int seed_length_a, { seed[i] = i; } - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || - ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_ASSERT( ( status == PSA_SUCCESS ) || + ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); TEST_EQUAL( status, expected_status_a ); status = mbedtls_psa_inject_entropy( seed, seed_length_b ); @@ -64,7 +63,6 @@ exit: /* BEGIN_CASE */ void run_entropy_inject_with_crypto_init( ) { - psa_its_status_t its_status; psa_status_t status; int i; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; @@ -73,13 +71,13 @@ void run_entropy_inject_with_crypto_init( ) { seed[i] = i; } - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || - ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_ASSERT( ( status == PSA_SUCCESS ) || + ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); PSA_ASSERT( status ); - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_EQUAL( its_status, PSA_ITS_SUCCESS ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_EQUAL( status, PSA_SUCCESS ); status = psa_crypto_init( ); TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );