From b567f8326d2baffb10872799cfe7db1faf5797e9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 2 May 2023 21:38:11 +0200
Subject: [PATCH] Halve size of mbedtls_error_pair_t

All PSA crypto error codes fit comfortably in 16 bits and we have no plans
to ever change this. So use 16 bits to store them, which reduces
mbedtls_error_pair_t from 8 bytes to 4 bytes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/mbedtls/psa_util.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index b750716a9..32d20b5e5 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -345,7 +345,11 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
 
 typedef struct {
-    psa_status_t psa_status;
+    /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */
+    int16_t psa_status;
+    /* Error codes used by Mbed TLS are in one of the ranges
+     * -127..-1 (low-level) or (-128) * (128..511) (high-level),
+     * fitting in 16 bits. */
     int16_t mbedtls_error;
 } mbedtls_error_pair_t;