From 19915c2c001bb254c8a2ac7af97c78e585f15009 Mon Sep 17 00:00:00 2001
From: Neil Armstrong <narmstrong@baylibre.com>
Date: Tue, 1 Mar 2022 15:21:02 +0100
Subject: [PATCH] Rename error translation functions and move them to
 library/pk_wrap.*

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
---
 include/mbedtls/pk.h | 12 ------
 library/ecdsa.c      | 26 -------------
 library/pk.c         | 38 +------------------
 library/pk_wrap.c    | 87 ++++++++++++++++++++++++++++++++++++++++++--
 library/pk_wrap.h    | 12 ++++++
 library/rsa.c        | 27 --------------
 6 files changed, 98 insertions(+), 104 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 189df8536e..9ad7a1df6d 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -84,18 +84,6 @@
 extern "C" {
 #endif
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_pk_psa_err_translate( psa_status_t status );
-
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-int mbedtls_pk_ecp_psa_err_translate( psa_status_t status );
-#endif
-
-#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
-int mbedtls_pk_rsa_psa_err_translate( psa_status_t status );
-#endif
-#endif
-
 /**
  * \brief          Public key types
  */
diff --git a/library/ecdsa.c b/library/ecdsa.c
index a112ada5cb..0b612ce8af 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -47,38 +47,12 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/pk.h"
-#endif
-
 /* Parameter validation macros based on platform_util.h */
 #define ECDSA_VALIDATE_RET( cond )    \
     MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
 #define ECDSA_VALIDATE( cond )        \
     MBEDTLS_INTERNAL_VALIDATE( cond )
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_pk_ecp_psa_err_translate( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_ERROR_NOT_PERMITTED:
-        case PSA_ERROR_INVALID_ARGUMENT:
-            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-        case PSA_ERROR_INVALID_HANDLE:
-            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-        case PSA_ERROR_BUFFER_TOO_SMALL:
-            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-        case PSA_ERROR_INSUFFICIENT_ENTROPY:
-            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
-        case PSA_ERROR_INVALID_SIGNATURE:
-            return( MBEDTLS_ERR_ECP_VERIFY_FAILED );
-        default:
-            return( mbedtls_pk_psa_err_translate( status ) );
-    }
-}
-#endif
-
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 
 /*
diff --git a/library/pk.c b/library/pk.c
index e9eff0a5a9..79eccaada7 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -147,40 +147,6 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
 }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_pk_psa_err_translate( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_SUCCESS:
-            return( 0 );
-        case PSA_ERROR_INVALID_HANDLE:
-            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-        case PSA_ERROR_NOT_PERMITTED:
-            return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
-        case PSA_ERROR_BUFFER_TOO_SMALL:
-            return( MBEDTLS_ERR_PK_BUFFER_TOO_SMALL );
-        case PSA_ERROR_NOT_SUPPORTED:
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-        case PSA_ERROR_INVALID_ARGUMENT:
-            return( MBEDTLS_ERR_PK_INVALID_ALG );
-        case PSA_ERROR_INSUFFICIENT_MEMORY:
-            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-        case PSA_ERROR_BAD_STATE:
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        case PSA_ERROR_COMMUNICATION_FAILURE:
-        case PSA_ERROR_HARDWARE_FAILURE:
-            return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
-        case PSA_ERROR_DATA_CORRUPT:
-        case PSA_ERROR_DATA_INVALID:
-        case PSA_ERROR_STORAGE_FAILURE:
-            return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
-        case PSA_ERROR_CORRUPTION_DETECTED:
-            return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED );
-        default:
-            return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
-    }
-}
-
 /*
  * Initialise a PSA-wrapping context
  */
@@ -440,7 +406,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
         if( status != PSA_SUCCESS )
         {
             psa_destroy_key( key_id );
-            return( mbedtls_pk_psa_err_translate( status ) );
+            return( mbedtls_pk_error_from_psa( status ) );
         }
 
         /* This function requires returning MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
@@ -460,7 +426,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
         if( status == PSA_SUCCESS )
             status = destruction_status;
 
-        return( mbedtls_pk_rsa_psa_err_translate( status ) );
+        return( mbedtls_pk_error_from_psa_rsa( status ) );
     }
     else
 #endif
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 9e14fbca6c..b7dc7bfae2 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -61,6 +61,87 @@
 #include <limits.h>
 #include <stdint.h>
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_pk_error_from_psa( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_SUCCESS:
+            return( 0 );
+        case PSA_ERROR_INVALID_HANDLE:
+            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+        case PSA_ERROR_NOT_PERMITTED:
+            return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
+        case PSA_ERROR_BUFFER_TOO_SMALL:
+            return( MBEDTLS_ERR_PK_BUFFER_TOO_SMALL );
+        case PSA_ERROR_NOT_SUPPORTED:
+            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INVALID_ARGUMENT:
+            return( MBEDTLS_ERR_PK_INVALID_ALG );
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+        case PSA_ERROR_BAD_STATE:
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+            return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
+        case PSA_ERROR_DATA_CORRUPT:
+        case PSA_ERROR_DATA_INVALID:
+        case PSA_ERROR_STORAGE_FAILURE:
+            return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
+        case PSA_ERROR_CORRUPTION_DETECTED:
+            return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED );
+        default:
+            return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
+    }
+}
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+int mbedtls_pk_error_from_psa_ecdca( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_ERROR_NOT_PERMITTED:
+        case PSA_ERROR_INVALID_ARGUMENT:
+            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+        case PSA_ERROR_INVALID_HANDLE:
+            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_BUFFER_TOO_SMALL:
+            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        case PSA_ERROR_INVALID_SIGNATURE:
+            return( MBEDTLS_ERR_ECP_VERIFY_FAILED );
+        default:
+            return( mbedtls_pk_error_from_psa( status ) );
+    }
+}
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
+int mbedtls_pk_error_from_psa_rsa( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_ERROR_NOT_PERMITTED:
+        case PSA_ERROR_INVALID_ARGUMENT:
+        case PSA_ERROR_INVALID_HANDLE:
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+        case PSA_ERROR_BUFFER_TOO_SMALL:
+            return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return( MBEDTLS_ERR_RSA_RNG_FAILED );
+        case PSA_ERROR_INVALID_SIGNATURE:
+            return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
+        case PSA_ERROR_INVALID_PADDING:
+            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+        default:
+            return( mbedtls_pk_error_from_psa( status ) );
+    }
+}
+#endif
+#endif
+
 #if defined(MBEDTLS_RSA_C)
 static int rsa_can_do( mbedtls_pk_type_t type )
 {
@@ -596,7 +677,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg,
                              &key_id );
     if( status != PSA_SUCCESS )
     {
-        ret = mbedtls_pk_psa_err_translate( status );
+        ret = mbedtls_pk_error_from_psa( status );
         goto cleanup;
     }
 
@@ -620,7 +701,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg,
                               buf, 2 * signature_part_size );
     if( status != PSA_SUCCESS )
     {
-         ret = mbedtls_pk_ecp_psa_err_translate( status );
+         ret = mbedtls_pk_error_from_psa_ecdca( status );
          goto cleanup;
     }
 
@@ -1045,7 +1126,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
     status = psa_sign_hash( *key, alg, hash, hash_len,
                             sig, sig_size, sig_len );
     if( status != PSA_SUCCESS )
-        return( mbedtls_pk_ecp_psa_err_translate( status ) );
+        return( mbedtls_pk_error_from_psa_ecdca( status ) );
 
     /* transcode it to ASN.1 sequence */
     return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) );
diff --git a/library/pk_wrap.h b/library/pk_wrap.h
index 6f5addf75b..ca0d8d837e 100644
--- a/library/pk_wrap.h
+++ b/library/pk_wrap.h
@@ -135,4 +135,16 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
 extern const mbedtls_pk_info_t mbedtls_pk_opaque_info;
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_pk_error_from_psa( psa_status_t status );
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+int mbedtls_pk_error_from_psa_ecdca( psa_status_t status );
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
+int mbedtls_pk_error_from_psa_rsa( psa_status_t status );
+#endif
+#endif
+
 #endif /* MBEDTLS_PK_WRAP_H */
diff --git a/library/rsa.c b/library/rsa.c
index ef262d9dd5..36f487f3a7 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -66,33 +66,6 @@
 #define mbedtls_free   free
 #endif
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/pk.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_pk_rsa_psa_err_translate( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_ERROR_NOT_PERMITTED:
-        case PSA_ERROR_INVALID_ARGUMENT:
-        case PSA_ERROR_INVALID_HANDLE:
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-        case PSA_ERROR_BUFFER_TOO_SMALL:
-            return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
-        case PSA_ERROR_INSUFFICIENT_ENTROPY:
-            return( MBEDTLS_ERR_RSA_RNG_FAILED );
-        case PSA_ERROR_INVALID_SIGNATURE:
-            return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
-        case PSA_ERROR_INVALID_PADDING:
-            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-        default:
-            return( mbedtls_pk_psa_err_translate( status ) );
-    }
-}
-#endif
-
 #if !defined(MBEDTLS_RSA_ALT)
 
 /* Parameter validation macros */