From 69b67c8626bc79167793d68b256da03c9925cc41 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Thu, 10 Oct 2024 13:13:37 +0100 Subject: [PATCH 01/19] Split error.h into error_common.h and error.h This commit splits error.h into error_common.h containing error code definitions and error.h which contains functions to convert error codes to error messages. Signed-off-by: Harry Ramsey --- .../drivers/builtin/include/mbedtls/error.h | 135 +-------------- .../builtin/include/mbedtls/error_common.h | 159 ++++++++++++++++++ 2 files changed, 160 insertions(+), 134 deletions(-) create mode 100644 tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h index d101dee3ae..8b7c19aa5f 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h @@ -11,147 +11,14 @@ #define MBEDTLS_ERROR_H #include "mbedtls/build_info.h" +#include "mbedtls/error_common.h" #include -/** - * Error code layout. - * - * Currently we try to keep all error codes within the negative space of 16 - * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In - * addition we'd like to give two layers of information on the error if - * possible. - * - * For that purpose the error codes are segmented in the following manner: - * - * 16 bit error code bit-segmentation - * - * 1 bit - Unused (sign bit) - * 3 bits - High level module ID - * 5 bits - Module-dependent error code - * 7 bits - Low level module errors - * - * For historical reasons, low-level error codes are divided in even and odd, - * even codes were assigned first, and -1 is reserved for other errors. - * - * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) - * - * Module Nr Codes assigned - * ERROR 2 0x006E 0x0001 - * MPI 7 0x0002-0x0010 - * GCM 3 0x0012-0x0016 0x0013-0x0013 - * THREADING 3 0x001A-0x001E - * AES 5 0x0020-0x0022 0x0021-0x0025 - * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 - * BASE64 2 0x002A-0x002C - * OID 1 0x002E-0x002E 0x000B-0x000B - * DES 2 0x0032-0x0032 0x0033-0x0033 - * CTR_DBRG 4 0x0034-0x003A - * ENTROPY 3 0x003C-0x0040 0x003D-0x003F - * NET 13 0x0042-0x0052 0x0043-0x0049 - * ARIA 4 0x0058-0x005E - * ASN1 7 0x0060-0x006C - * CMAC 1 0x007A-0x007A - * PBKDF2 1 0x007C-0x007C - * HMAC_DRBG 4 0x0003-0x0009 - * CCM 3 0x000D-0x0011 - * MD5 1 0x002F-0x002F - * RIPEMD160 1 0x0031-0x0031 - * SHA1 1 0x0035-0x0035 0x0073-0x0073 - * SHA256 1 0x0037-0x0037 0x0074-0x0074 - * SHA512 1 0x0039-0x0039 0x0075-0x0075 - * SHA-3 1 0x0076-0x0076 - * CHACHA20 3 0x0051-0x0055 - * POLY1305 3 0x0057-0x005B - * CHACHAPOLY 2 0x0054-0x0056 - * PLATFORM 2 0x0070-0x0072 - * LMS 5 0x0011-0x0019 - * - * High-level module nr (3 bits - 0x0...-0x7...) - * Name ID Nr of Errors - * PEM 1 9 - * PKCS#12 1 4 (Started from top) - * X509 2 20 - * PKCS5 2 4 (Started from top) - * DHM 3 11 - * PK 3 15 (Started from top) - * RSA 4 11 - * ECP 4 10 (Started from top) - * MD 5 5 - * HKDF 5 1 (Started from top) - * PKCS7 5 12 (Started from 0x5300) - * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 8 (Started from 0x6080) - * SSL 6 22 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7000, gaps at - * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) - * - * Module dependent error code (5 bits 0x.00.-0x.F8.) - */ - #ifdef __cplusplus extern "C" { #endif -/** Generic error */ -#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 -/** This is a bug in the library */ -#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E - -/** Hardware accelerator failed */ -#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 -/** The requested feature is not supported by the platform */ -#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 - -/** - * \brief Combines a high-level and low-level error code together. - * - * Wrapper macro for mbedtls_error_add(). See that function for - * more details. - */ -#define MBEDTLS_ERROR_ADD(high, low) \ - mbedtls_error_add(high, low, __FILE__, __LINE__) - -#if defined(MBEDTLS_TEST_HOOKS) -/** - * \brief Testing hook called before adding/combining two error codes together. - * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. - */ -extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif - -/** - * \brief Combines a high-level and low-level error code together. - * - * This function can be called directly however it is usually - * called via the #MBEDTLS_ERROR_ADD macro. - * - * While a value of zero is not a negative error code, it is still an - * error code (that denotes success) and can be combined with both a - * negative error code or another value of zero. - * - * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to - * call \link mbedtls_test_hook_error_add \endlink. - * - * \param high high-level error code. See error.h for more details. - * \param low low-level error code. See error.h for more details. - * \param file file where this error code addition occurred. - * \param line line where this error code addition occurred. - */ -static inline int mbedtls_error_add(int high, int low, - const char *file, int line) -{ -#if defined(MBEDTLS_TEST_HOOKS) - if (*mbedtls_test_hook_error_add != NULL) { - (*mbedtls_test_hook_error_add)(high, low, file, line); - } -#endif - (void) file; - (void) line; - - return high + low; -} - /** * \brief Translate an Mbed TLS error code into a string representation. * The result is truncated if necessary and always includes a diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h new file mode 100644 index 0000000000..58f1cde331 --- /dev/null +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -0,0 +1,159 @@ +/** + * \file error_common.h + * + * \brief Error codes + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_ERROR_COMMON_H +#define MBEDTLS_ERROR_COMMON_H + +#include "mbedtls/build_info.h" + +#include + +/** + * Error code layout. + * + * Currently we try to keep all error codes within the negative space of 16 + * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In + * addition we'd like to give two layers of information on the error if + * possible. + * + * For that purpose the error codes are segmented in the following manner: + * + * 16 bit error code bit-segmentation + * + * 1 bit - Unused (sign bit) + * 3 bits - High level module ID + * 5 bits - Module-dependent error code + * 7 bits - Low level module errors + * + * For historical reasons, low-level error codes are divided in even and odd, + * even codes were assigned first, and -1 is reserved for other errors. + * + * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) + * + * Module Nr Codes assigned + * ERROR 2 0x006E 0x0001 + * MPI 7 0x0002-0x0010 + * GCM 3 0x0012-0x0016 0x0013-0x0013 + * THREADING 3 0x001A-0x001E + * AES 5 0x0020-0x0022 0x0021-0x0025 + * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 + * BASE64 2 0x002A-0x002C + * OID 1 0x002E-0x002E 0x000B-0x000B + * DES 2 0x0032-0x0032 0x0033-0x0033 + * CTR_DBRG 4 0x0034-0x003A + * ENTROPY 3 0x003C-0x0040 0x003D-0x003F + * NET 13 0x0042-0x0052 0x0043-0x0049 + * ARIA 4 0x0058-0x005E + * ASN1 7 0x0060-0x006C + * CMAC 1 0x007A-0x007A + * PBKDF2 1 0x007C-0x007C + * HMAC_DRBG 4 0x0003-0x0009 + * CCM 3 0x000D-0x0011 + * MD5 1 0x002F-0x002F + * RIPEMD160 1 0x0031-0x0031 + * SHA1 1 0x0035-0x0035 0x0073-0x0073 + * SHA256 1 0x0037-0x0037 0x0074-0x0074 + * SHA512 1 0x0039-0x0039 0x0075-0x0075 + * SHA-3 1 0x0076-0x0076 + * CHACHA20 3 0x0051-0x0055 + * POLY1305 3 0x0057-0x005B + * CHACHAPOLY 2 0x0054-0x0056 + * PLATFORM 2 0x0070-0x0072 + * LMS 5 0x0011-0x0019 + * + * High-level module nr (3 bits - 0x0...-0x7...) + * Name ID Nr of Errors + * PEM 1 9 + * PKCS#12 1 4 (Started from top) + * X509 2 20 + * PKCS5 2 4 (Started from top) + * DHM 3 11 + * PK 3 15 (Started from top) + * RSA 4 11 + * ECP 4 10 (Started from top) + * MD 5 5 + * HKDF 5 1 (Started from top) + * PKCS7 5 12 (Started from 0x5300) + * SSL 5 2 (Started from 0x5F00) + * CIPHER 6 8 (Started from 0x6080) + * SSL 6 22 (Started from top, plus 0x6000) + * SSL 7 20 (Started from 0x7000, gaps at + * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) + * + * Module dependent error code (5 bits 0x.00.-0x.F8.) + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** Generic error */ +#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 +/** This is a bug in the library */ +#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E + +/** Hardware accelerator failed */ +#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 +/** The requested feature is not supported by the platform */ +#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 + +/** + * \brief Combines a high-level and low-level error code together. + * + * Wrapper macro for mbedtls_error_add(). See that function for + * more details. + */ +#define MBEDTLS_ERROR_ADD(high, low) \ + mbedtls_error_add(high, low, __FILE__, __LINE__) + +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Testing hook called before adding/combining two error codes together. + * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. + */ +extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + +/** + * \brief Combines a high-level and low-level error code together. + * + * This function can be called directly however it is usually + * called via the #MBEDTLS_ERROR_ADD macro. + * + * While a value of zero is not a negative error code, it is still an + * error code (that denotes success) and can be combined with both a + * negative error code or another value of zero. + * + * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to + * call \link mbedtls_test_hook_error_add \endlink. + * + * \param high high-level error code. See error.h for more details. + * \param low low-level error code. See error.h for more details. + * \param file file where this error code addition occurred. + * \param line line where this error code addition occurred. + */ +static inline int mbedtls_error_add(int high, int low, + const char *file, int line) +{ +#if defined(MBEDTLS_TEST_HOOKS) + if (*mbedtls_test_hook_error_add != NULL) { + (*mbedtls_test_hook_error_add)(high, low, file, line); + } +#endif + (void) file; + (void) line; + + return high + low; +} + +#ifdef __cplusplus +} +#endif + +#endif /* error_common.h */ From 90724f7f54a0e1d702f37911610a8a68a43f7f95 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 15:32:19 +0100 Subject: [PATCH 02/19] Move error.h from tf-psa-crypto to Mbed TLS This commit moves error.h from tf-psa-crypto to Mbed TLS for 4.0 release. Signed-off-by: Harry Ramsey --- .../drivers/builtin/include => include}/mbedtls/error.h | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {tf-psa-crypto/drivers/builtin/include => include}/mbedtls/error.h (100%) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error.h b/include/mbedtls/error.h similarity index 100% rename from tf-psa-crypto/drivers/builtin/include/mbedtls/error.h rename to include/mbedtls/error.h From d2bcdba9caaae34d88ac788d3448e788a9621e10 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 12:04:57 +0100 Subject: [PATCH 03/19] Update generate_errors.pl for error header split This commit updates generated_errors.pl to create the error.c file and correctly include the error_common.h header file, which contains error code definitions. Signed-off-by: Harry Ramsey --- scripts/generate_errors.pl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index df546d7d6e..147ecdca76 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -24,7 +24,7 @@ if( @ARGV ) { $crypto_include_dir = 'tf-psa-crypto/drivers/builtin/include/mbedtls'; $tls_include_dir = 'include/mbedtls'; $data_dir = 'scripts/data_files'; - $error_file = 'tf-psa-crypto/drivers/builtin/src/error.c'; + $error_file = 'library/error.c'; unless( -d $crypto_include_dir && -d $tls_include_dir && -d $data_dir ) { chdir '..' or die; @@ -37,7 +37,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5 + ENTROPY ERROR_COMMON GCM HKDF HMAC_DRBG LMS MD5 NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 SHA3 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD @@ -121,6 +121,7 @@ foreach my $match (@matches) $module_name = "BIGNUM" if ($module_name eq "MPI"); $module_name = "CTR_DRBG" if ($module_name eq "CTR"); $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); + $module_name = "ERROR_COMMON" if ($module_name eq "ERROR"); my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); From 798d8b6533ae324eb2875db4594dc10d0752f478 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 11 Oct 2024 17:09:18 +0100 Subject: [PATCH 04/19] Update build scripts for error.c generation This commit updates the build scripts for error.c generation to be generated in the Mbed TLS library directory. Signed-off-by: Harry Ramsey --- library/CMakeLists.txt | 22 +++++++++++++++ library/Makefile | 12 ++++----- tf-psa-crypto/drivers/builtin/CMakeLists.txt | 28 -------------------- 3 files changed, 28 insertions(+), 34 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 5cb5ec860f..6af4f0f2fc 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -6,6 +6,7 @@ if(NOT DEFINED MBEDTLS_DIR) endif() set(src_x509 + error.c pkcs7.c x509.c x509_create.c @@ -41,6 +42,26 @@ set(src_tls ) if(GEN_FILES) + find_package(Perl REQUIRED) + + file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/*.h) + file(GLOB tls_error_headers ${MBEDTLS_DIR}/include/mbedtls/*.h) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/error.c + COMMAND + ${PERL_EXECUTABLE} + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl + ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/include/mbedtls + ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files + ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c + DEPENDS + ${MBEDTLS_DIR}/scripts/generate_errors.pl + ${crypto_error_headers} + ${tls_error_headers} + ${MBEDTLS_DIR}/scripts/data_files/error.fmt + ) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/version_features.c @@ -69,6 +90,7 @@ if(GEN_FILES) ${tls_error_headers} ) else() + link_to_source(error.c) link_to_source(version_features.c) link_to_source(ssl_debug_helpers_generated.c) endif() diff --git a/library/Makefile b/library/Makefile index e9c908ee9c..d69f9e0592 100644 --- a/library/Makefile +++ b/library/Makefile @@ -6,7 +6,7 @@ TF_PSA_CRYPTO_CORE_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/core TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/drivers/builtin/src GENERATED_FILES := \ - $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c \ + error.c \ version_features.c \ ssl_debug_helpers_generated.c \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers.h \ @@ -148,7 +148,7 @@ OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \ - $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.o \ + error.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \ @@ -357,10 +357,10 @@ else gen_file_dep = | endif -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/generate_errors.pl -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/data_files/error.fmt -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) -$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: +error.c: $(gen_file_dep) ../scripts/generate_errors.pl +error.c: $(gen_file_dep) ../scripts/data_files/error.fmt +error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) +error.c: echo " Gen $@" $(PERL) ../scripts/generate_errors.pl diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index 5cbdbbcc87..9ec1a87b42 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -1,34 +1,6 @@ add_subdirectory(src) file(GLOB src_builtin RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} src/*.c) -if(NOT "src/error.c" IN_LIST "${src_builtin}") - list(APPEND src_builtin src/error.c) -endif() - -if(GEN_FILES) - find_package(Perl REQUIRED) - - file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/*.h) - file(GLOB tls_error_headers ${MBEDTLS_DIR}/include/mbedtls/*.h) - add_custom_command( - OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/src/error.c - COMMAND - ${PERL_EXECUTABLE} - ${MBEDTLS_DIR}/scripts/generate_errors.pl - ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls - ${MBEDTLS_DIR}/include/mbedtls - ${MBEDTLS_DIR}/scripts/data_files - ${CMAKE_CURRENT_BINARY_DIR}/src/error.c - DEPENDS - ${MBEDTLS_DIR}/scripts/generate_errors.pl - ${crypto_error_headers} - ${tls_error_headers} - ${MBEDTLS_DIR}/scripts/data_files/error.fmt - ) -else() - link_to_source(src/error.c) -endif() if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") From a05bfeed1e90a8dca3a3debd69ec1cef8ce5206e Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 14 Oct 2024 07:19:01 +0100 Subject: [PATCH 05/19] Refactor tf-psa-crypto to use error_common.h instead of error.h This commit refactors tf-psa-crypto to include error_common.h instead of error.h as these files have been split and the relevant error codes are now inside error_common.h. Signed-off-by: Harry Ramsey --- tf-psa-crypto/core/psa_crypto.c | 4 ++-- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- tf-psa-crypto/drivers/builtin/src/aes.c | 2 +- tf-psa-crypto/drivers/builtin/src/asn1parse.c | 2 +- tf-psa-crypto/drivers/builtin/src/asn1write.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_core.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_mod.c | 2 +- tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c | 2 +- tf-psa-crypto/drivers/builtin/src/ccm.c | 2 +- tf-psa-crypto/drivers/builtin/src/chacha20.c | 2 +- tf-psa-crypto/drivers/builtin/src/chachapoly.c | 2 +- tf-psa-crypto/drivers/builtin/src/cipher.c | 2 +- tf-psa-crypto/drivers/builtin/src/cipher_wrap.c | 2 +- tf-psa-crypto/drivers/builtin/src/cmac.c | 2 +- tf-psa-crypto/drivers/builtin/src/constant_time.c | 2 +- tf-psa-crypto/drivers/builtin/src/ctr_drbg.c | 2 +- tf-psa-crypto/drivers/builtin/src/des.c | 2 +- tf-psa-crypto/drivers/builtin/src/dhm.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecdh.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecdsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecjpake.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp_curves.c | 2 +- tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c | 2 +- tf-psa-crypto/drivers/builtin/src/entropy.c | 2 +- tf-psa-crypto/drivers/builtin/src/entropy_poll.c | 2 +- tf-psa-crypto/drivers/builtin/src/gcm.c | 2 +- tf-psa-crypto/drivers/builtin/src/hkdf.c | 2 +- tf-psa-crypto/drivers/builtin/src/hmac_drbg.c | 2 +- tf-psa-crypto/drivers/builtin/src/lmots.c | 2 +- tf-psa-crypto/drivers/builtin/src/lms.c | 2 +- tf-psa-crypto/drivers/builtin/src/md.c | 2 +- tf-psa-crypto/drivers/builtin/src/md5.c | 2 +- tf-psa-crypto/drivers/builtin/src/nist_kw.c | 2 +- tf-psa-crypto/drivers/builtin/src/oid.c | 2 +- tf-psa-crypto/drivers/builtin/src/pem.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk_ecc.c | 2 +- tf-psa-crypto/drivers/builtin/src/pk_wrap.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkcs12.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkcs5.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkparse.c | 2 +- tf-psa-crypto/drivers/builtin/src/pkwrite.c | 2 +- tf-psa-crypto/drivers/builtin/src/platform.c | 2 +- tf-psa-crypto/drivers/builtin/src/poly1305.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/psa_util.c | 2 +- tf-psa-crypto/drivers/builtin/src/ripemd160.c | 2 +- tf-psa-crypto/drivers/builtin/src/rsa.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha1.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha256.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha3.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha512.c | 2 +- tf-psa-crypto/tests/suites/helpers.function | 4 ++-- tf-psa-crypto/tests/suites/main_test.function | 2 +- tf-psa-crypto/tests/suites/test_suite_error.function | 4 ++-- tf-psa-crypto/tests/suites/test_suite_pk.function | 2 +- 65 files changed, 69 insertions(+), 69 deletions(-) diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c index d1c93fd215..3d859f189d 100644 --- a/tf-psa-crypto/core/psa_crypto.c +++ b/tf-psa-crypto/core/psa_crypto.c @@ -58,13 +58,13 @@ #include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/gcm.h" #include "mbedtls/md5.h" #include "mbedtls/pk.h" #include "pk_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" #include "mbedtls/sha1.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index 58f1cde331..4598a93f5a 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERROR_COMMON_H -#define MBEDTLS_ERROR_COMMON_H +#ifndef MBEDTLS_ERRORCOMMON_COMMON_H +#define MBEDTLS_ERRORCOMMON_COMMON_H #include "mbedtls/build_info.h" diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index b9145eaff3..c36845b924 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -20,7 +20,7 @@ #include "mbedtls/aes.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #if !((defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_AESCE_C)) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/asn1parse.c b/tf-psa-crypto/drivers/builtin/src/asn1parse.c index ecea90434b..61288656ba 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1parse.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1parse.c @@ -12,7 +12,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/asn1write.c b/tf-psa-crypto/drivers/builtin/src/asn1write.c index 6355fad3b6..3e154f4184 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1write.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1write.c @@ -11,7 +11,7 @@ defined(PSA_HAVE_ALG_SOME_ECDSA) #include "mbedtls/asn1write.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/bignum.c b/tf-psa-crypto/drivers/builtin/src/bignum.c index 424490951d..36c18a47dc 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum.c @@ -30,7 +30,7 @@ #include "bignum_internal.h" #include "bn_mul.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "constant_time_internal.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_core.c b/tf-psa-crypto/drivers/builtin/src/bignum_core.c index 60f48f92de..67d5025b82 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_core.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_core.c @@ -11,7 +11,7 @@ #include -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_mod.c b/tf-psa-crypto/drivers/builtin/src/bignum_mod.c index dfd332a703..0d5534f8f4 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_mod.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_mod.c @@ -12,7 +12,7 @@ #include #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/bignum.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c b/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c index 5343bc650d..5b889c87f1 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_mod_raw.c @@ -11,7 +11,7 @@ #include -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ccm.c b/tf-psa-crypto/drivers/builtin/src/ccm.c index 68af90337b..0e6637fa6d 100644 --- a/tf-psa-crypto/drivers/builtin/src/ccm.c +++ b/tf-psa-crypto/drivers/builtin/src/ccm.c @@ -20,7 +20,7 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) diff --git a/tf-psa-crypto/drivers/builtin/src/chacha20.c b/tf-psa-crypto/drivers/builtin/src/chacha20.c index 3501837d3a..36a70b3b73 100644 --- a/tf-psa-crypto/drivers/builtin/src/chacha20.c +++ b/tf-psa-crypto/drivers/builtin/src/chacha20.c @@ -15,7 +15,7 @@ #include "mbedtls/chacha20.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/src/chachapoly.c b/tf-psa-crypto/drivers/builtin/src/chachapoly.c index 5bfee0982b..3130ac1d70 100644 --- a/tf-psa-crypto/drivers/builtin/src/chachapoly.c +++ b/tf-psa-crypto/drivers/builtin/src/chachapoly.c @@ -12,7 +12,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/cipher.c b/tf-psa-crypto/drivers/builtin/src/cipher.c index 7f4c121492..15b97fa248 100644 --- a/tf-psa-crypto/drivers/builtin/src/cipher.c +++ b/tf-psa-crypto/drivers/builtin/src/cipher.c @@ -16,7 +16,7 @@ #include "mbedtls/cipher.h" #include "cipher_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c index d2fee22e2b..9726b3162b 100644 --- a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c +++ b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.c @@ -14,7 +14,7 @@ #if defined(MBEDTLS_CIPHER_C) #include "cipher_wrap.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_CHACHAPOLY_C) #include "mbedtls/chachapoly.h" diff --git a/tf-psa-crypto/drivers/builtin/src/cmac.c b/tf-psa-crypto/drivers/builtin/src/cmac.c index 5e517c4b1b..706602419a 100644 --- a/tf-psa-crypto/drivers/builtin/src/cmac.c +++ b/tf-psa-crypto/drivers/builtin/src/cmac.c @@ -32,7 +32,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/constant_time.c b/tf-psa-crypto/drivers/builtin/src/constant_time.c index 95b81221f4..e233b6206f 100644 --- a/tf-psa-crypto/drivers/builtin/src/constant_time.c +++ b/tf-psa-crypto/drivers/builtin/src/constant_time.c @@ -16,7 +16,7 @@ #include "common.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c b/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c index b82044eb7d..facfc2e115 100644 --- a/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c +++ b/tf-psa-crypto/drivers/builtin/src/ctr_drbg.c @@ -17,7 +17,7 @@ #include "ctr.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index 4bb354af77..03d79ede38 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -16,7 +16,7 @@ #if defined(MBEDTLS_DES_C) #include "mbedtls/des.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/dhm.c b/tf-psa-crypto/drivers/builtin/src/dhm.c index 75af8b7910..c7c3e08669 100644 --- a/tf-psa-crypto/drivers/builtin/src/dhm.c +++ b/tf-psa-crypto/drivers/builtin/src/dhm.c @@ -19,7 +19,7 @@ #include "mbedtls/dhm.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecdh.c b/tf-psa-crypto/drivers/builtin/src/ecdh.c index 28fe757eab..db77a31038 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdh.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdh.c @@ -18,7 +18,7 @@ #include "mbedtls/ecdh.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c index 57d52fee2d..7971ef4ae2 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c @@ -27,7 +27,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_ECP_RESTARTABLE) diff --git a/tf-psa-crypto/drivers/builtin/src/ecjpake.c b/tf-psa-crypto/drivers/builtin/src/ecjpake.c index ebdae9280e..a0a386b8a6 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecjpake.c +++ b/tf-psa-crypto/drivers/builtin/src/ecjpake.c @@ -16,7 +16,7 @@ #include "mbedtls/ecjpake.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/ecp.c b/tf-psa-crypto/drivers/builtin/src/ecp.c index 1e6b69b982..ef586284d5 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp.c @@ -36,7 +36,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/threading.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "bn_mul.h" #include "ecp_invasive.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ecp_curves.c b/tf-psa-crypto/drivers/builtin/src/ecp_curves.c index 97636a7298..99ced0dde3 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp_curves.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp_curves.c @@ -13,7 +13,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "bn_mul.h" #include "bignum_core.h" diff --git a/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c b/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c index 169247f3bf..6506a22767 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c +++ b/tf-psa-crypto/drivers/builtin/src/ecp_curves_new.c @@ -14,7 +14,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/entropy.c b/tf-psa-crypto/drivers/builtin/src/entropy.c index 7dcf067a52..fd222c0d74 100644 --- a/tf-psa-crypto/drivers/builtin/src/entropy.c +++ b/tf-psa-crypto/drivers/builtin/src/entropy.c @@ -12,7 +12,7 @@ #include "mbedtls/entropy.h" #include "entropy_poll.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/entropy_poll.c b/tf-psa-crypto/drivers/builtin/src/entropy_poll.c index 611768cd85..bd2cf693e6 100644 --- a/tf-psa-crypto/drivers/builtin/src/entropy_poll.c +++ b/tf-psa-crypto/drivers/builtin/src/entropy_poll.c @@ -20,7 +20,7 @@ #include "mbedtls/entropy.h" #include "entropy_poll.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" diff --git a/tf-psa-crypto/drivers/builtin/src/gcm.c b/tf-psa-crypto/drivers/builtin/src/gcm.c index dda1ff21f5..84062662a0 100644 --- a/tf-psa-crypto/drivers/builtin/src/gcm.c +++ b/tf-psa-crypto/drivers/builtin/src/gcm.c @@ -22,7 +22,7 @@ #include "mbedtls/gcm.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) diff --git a/tf-psa-crypto/drivers/builtin/src/hkdf.c b/tf-psa-crypto/drivers/builtin/src/hkdf.c index 631ac24e53..b2410208ec 100644 --- a/tf-psa-crypto/drivers/builtin/src/hkdf.c +++ b/tf-psa-crypto/drivers/builtin/src/hkdf.c @@ -11,7 +11,7 @@ #include #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, diff --git a/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c b/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c index c29fad337f..eba5079531 100644 --- a/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c +++ b/tf-psa-crypto/drivers/builtin/src/hmac_drbg.c @@ -17,7 +17,7 @@ #include "mbedtls/hmac_drbg.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/lmots.c b/tf-psa-crypto/drivers/builtin/src/lmots.c index c51cb41ece..23e235c5b5 100644 --- a/tf-psa-crypto/drivers/builtin/src/lmots.c +++ b/tf-psa-crypto/drivers/builtin/src/lmots.c @@ -28,7 +28,7 @@ #include "mbedtls/lms.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "psa_util_internal.h" #include "psa/crypto.h" diff --git a/tf-psa-crypto/drivers/builtin/src/lms.c b/tf-psa-crypto/drivers/builtin/src/lms.c index 7f7bec068b..d354046bed 100644 --- a/tf-psa-crypto/drivers/builtin/src/lms.c +++ b/tf-psa-crypto/drivers/builtin/src/lms.c @@ -29,7 +29,7 @@ #include "psa/crypto.h" #include "psa_util_internal.h" #include "mbedtls/lms.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/drivers/builtin/src/md.c b/tf-psa-crypto/drivers/builtin/src/md.c index eee8aa37f5..5100528592 100644 --- a/tf-psa-crypto/drivers/builtin/src/md.c +++ b/tf-psa-crypto/drivers/builtin/src/md.c @@ -32,7 +32,7 @@ #include "mbedtls/md.h" #include "md_wrap.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" diff --git a/tf-psa-crypto/drivers/builtin/src/md5.c b/tf-psa-crypto/drivers/builtin/src/md5.c index fd9a8e960b..5e5ee86c94 100644 --- a/tf-psa-crypto/drivers/builtin/src/md5.c +++ b/tf-psa-crypto/drivers/builtin/src/md5.c @@ -16,7 +16,7 @@ #include "mbedtls/md5.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/nist_kw.c b/tf-psa-crypto/drivers/builtin/src/nist_kw.c index a4b4be759d..431a8efdb9 100644 --- a/tf-psa-crypto/drivers/builtin/src/nist_kw.c +++ b/tf-psa-crypto/drivers/builtin/src/nist_kw.c @@ -21,7 +21,7 @@ #include "mbedtls/nist_kw.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/constant_time.h" #include "constant_time_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/oid.c b/tf-psa-crypto/drivers/builtin/src/oid.c index ae30dfe64d..ad3d8e03bc 100644 --- a/tf-psa-crypto/drivers/builtin/src/oid.c +++ b/tf-psa-crypto/drivers/builtin/src/oid.c @@ -13,7 +13,7 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pk.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pem.c b/tf-psa-crypto/drivers/builtin/src/pem.c index 98f708f42e..212889293f 100644 --- a/tf-psa-crypto/drivers/builtin/src/pem.c +++ b/tf-psa-crypto/drivers/builtin/src/pem.c @@ -16,7 +16,7 @@ #include "mbedtls/md.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pk.c b/tf-psa-crypto/drivers/builtin/src/pk.c index 28b4e7a65a..9632c76ff5 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk.c +++ b/tf-psa-crypto/drivers/builtin/src/pk.c @@ -14,7 +14,7 @@ #include "pk_internal.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pk_ecc.c b/tf-psa-crypto/drivers/builtin/src/pk_ecc.c index 707988d2d9..0c4ffbfb13 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk_ecc.c +++ b/tf-psa-crypto/drivers/builtin/src/pk_ecc.c @@ -8,7 +8,7 @@ #include "common.h" #include "mbedtls/pk.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ecp.h" #include "pk_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pk_wrap.c b/tf-psa-crypto/drivers/builtin/src/pk_wrap.c index 31ec2fdf3e..9063555d64 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk_wrap.c +++ b/tf-psa-crypto/drivers/builtin/src/pk_wrap.c @@ -12,7 +12,7 @@ #if defined(MBEDTLS_PK_C) #include "pk_wrap.h" #include "pk_internal.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/psa_util.h" /* Even if RSA not activated, for the sake of RSA-alt */ diff --git a/tf-psa-crypto/drivers/builtin/src/pkcs12.c b/tf-psa-crypto/drivers/builtin/src/pkcs12.c index a3467b9820..0c78569079 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkcs12.c +++ b/tf-psa-crypto/drivers/builtin/src/pkcs12.c @@ -21,7 +21,7 @@ #include "mbedtls/cipher.h" #endif /* MBEDTLS_CIPHER_C */ #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/pkcs5.c b/tf-psa-crypto/drivers/builtin/src/pkcs5.c index c57f672f8a..b43aaf7b7e 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkcs5.c +++ b/tf-psa-crypto/drivers/builtin/src/pkcs5.c @@ -20,7 +20,7 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pkparse.c b/tf-psa-crypto/drivers/builtin/src/pkparse.c index 3419ad90cc..006774ca23 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkparse.c +++ b/tf-psa-crypto/drivers/builtin/src/pkparse.c @@ -14,7 +14,7 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/ecp.h" #include "pk_internal.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pkwrite.c b/tf-psa-crypto/drivers/builtin/src/pkwrite.c index 0b57995849..ba073ad716 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkwrite.c +++ b/tf-psa-crypto/drivers/builtin/src/pkwrite.c @@ -13,7 +13,7 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "pk_internal.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/platform.c b/tf-psa-crypto/drivers/builtin/src/platform.c index 890c4cbaba..c535e9e9da 100644 --- a/tf-psa-crypto/drivers/builtin/src/platform.c +++ b/tf-psa-crypto/drivers/builtin/src/platform.c @@ -11,7 +11,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" /* The compile time configuration of memory allocation via the macros * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime diff --git a/tf-psa-crypto/drivers/builtin/src/poly1305.c b/tf-psa-crypto/drivers/builtin/src/poly1305.c index 81a484691a..6d898f7c8a 100644 --- a/tf-psa-crypto/drivers/builtin/src/poly1305.c +++ b/tf-psa-crypto/drivers/builtin/src/poly1305.c @@ -12,7 +12,7 @@ #include "mbedtls/poly1305.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c index a201985b4f..bcd7d9544e 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c @@ -21,7 +21,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" #include "mbedtls/gcm.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" static psa_status_t psa_aead_setup( mbedtls_psa_aead_operation_t *operation, diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c index 3216c94898..2f635e81db 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c @@ -15,7 +15,7 @@ #include "psa_crypto_random_impl.h" #include "mbedtls/cipher.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c index 749e11be03..cc5b483ced 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c @@ -23,7 +23,7 @@ #include #include #include -#include +#include #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c index ae38f6d7c6..1d7828e956 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c @@ -21,7 +21,7 @@ #include "psa_crypto_ffdh.h" #include "psa_crypto_random_impl.h" #include "mbedtls/platform.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c index eeb7666c1c..0849c9f259 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c @@ -14,7 +14,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_hash.h" -#include +#include #include #if defined(MBEDTLS_PSA_BUILTIN_HASH) diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c index 8fe6218118..9486b317f9 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c @@ -16,7 +16,7 @@ #include "psa_crypto_mac.h" #include -#include +#include #include "mbedtls/constant_time.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c index 9ac2e8c486..2703e7d7d7 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c @@ -19,7 +19,7 @@ #include "psa_util_internal.h" #include -#include +#include #include /* diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c index 5fe26ec87c..9678a96f8b 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c @@ -23,7 +23,7 @@ #include "mbedtls/platform.h" #include -#include +#include #include "rsa_internal.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ diff --git a/tf-psa-crypto/drivers/builtin/src/psa_util.c b/tf-psa-crypto/drivers/builtin/src/psa_util.c index 36ad0ce59a..55803ea5e4 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_util.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_util.c @@ -9,7 +9,7 @@ #include "common.h" /* This is needed for MBEDTLS_ERR_XXX macros */ -#include +#include #if defined(MBEDTLS_ASN1_WRITE_C) #include diff --git a/tf-psa-crypto/drivers/builtin/src/ripemd160.c b/tf-psa-crypto/drivers/builtin/src/ripemd160.c index 0845fe821f..b696c04b4d 100644 --- a/tf-psa-crypto/drivers/builtin/src/ripemd160.c +++ b/tf-psa-crypto/drivers/builtin/src/ripemd160.c @@ -17,7 +17,7 @@ #include "mbedtls/ripemd160.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/rsa.c b/tf-psa-crypto/drivers/builtin/src/rsa.c index 33bb1d346e..458ee26a3e 100644 --- a/tf-psa-crypto/drivers/builtin/src/rsa.c +++ b/tf-psa-crypto/drivers/builtin/src/rsa.c @@ -35,7 +35,7 @@ #include "mbedtls/oid.h" #include "mbedtls/asn1write.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" #include "md_psa.h" diff --git a/tf-psa-crypto/drivers/builtin/src/sha1.c b/tf-psa-crypto/drivers/builtin/src/sha1.c index bd1b6301fd..208bac44dc 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha1.c +++ b/tf-psa-crypto/drivers/builtin/src/sha1.c @@ -16,7 +16,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 842b892cd5..f2800e4db1 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -54,7 +54,7 @@ #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha3.c b/tf-psa-crypto/drivers/builtin/src/sha3.c index 57385595f5..dc7cac47f0 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha3.c +++ b/tf-psa-crypto/drivers/builtin/src/sha3.c @@ -43,7 +43,7 @@ #include "mbedtls/sha3.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 9d8cffbc68..b915f99c13 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -32,7 +32,7 @@ #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 diff --git a/tf-psa-crypto/tests/suites/helpers.function b/tf-psa-crypto/tests/suites/helpers.function index b561f4766a..f28da70537 100644 --- a/tf-psa-crypto/tests/suites/helpers.function +++ b/tf-psa-crypto/tests/suites/helpers.function @@ -16,8 +16,8 @@ #include #include -#if defined(MBEDTLS_ERROR_C) -#include "mbedtls/error.h" +#if defined(MBEDTLS_ERRORCOMMON_C) +#include "mbedtls/error_common.h" #endif #include "mbedtls/platform.h" diff --git a/tf-psa-crypto/tests/suites/main_test.function b/tf-psa-crypto/tests/suites/main_test.function index c0cc2ac50b..fd0656ba38 100644 --- a/tf-psa-crypto/tests/suites/main_test.function +++ b/tf-psa-crypto/tests/suites/main_test.function @@ -232,7 +232,7 @@ int main(int argc, const char *argv[]) #if defined(MBEDTLS_TEST_HOOKS) extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const char *file); mbedtls_test_hook_test_fail = &mbedtls_test_fail; -#if defined(MBEDTLS_ERROR_C) +#if defined(MBEDTLS_ERRORCOMMON_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; #endif #endif diff --git a/tf-psa-crypto/tests/suites/test_suite_error.function b/tf-psa-crypto/tests/suites/test_suite_error.function index 4c38ab05f2..2c17463b3b 100644 --- a/tf-psa-crypto/tests/suites/test_suite_error.function +++ b/tf-psa-crypto/tests/suites/test_suite_error.function @@ -1,9 +1,9 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ERROR_C + * depends_on:MBEDTLS_ERRORCOMMON_C * END_DEPENDENCIES */ diff --git a/tf-psa-crypto/tests/suites/test_suite_pk.function b/tf-psa-crypto/tests/suites/test_suite_pk.function index 55848abdf1..bad09fac89 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pk.function +++ b/tf-psa-crypto/tests/suites/test_suite_pk.function @@ -7,7 +7,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/base64.h" #include "mbedtls/ecp.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/rsa.h" #include "rsa_internal.h" #include "pk_internal.h" From bd77a35b955accff48bee8cf32da088a50df46db Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 14 Oct 2024 11:56:40 +0100 Subject: [PATCH 06/19] Move tests for error.c from tf-psa-crypto to Mbed TLS This commit moves the test functions and test data from tf-psa-crypto to Mbed TLS. Signed-off-by: Harry Ramsey --- {tf-psa-crypto/tests => tests}/suites/test_suite_error.data | 0 {tf-psa-crypto/tests => tests}/suites/test_suite_error.function | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename {tf-psa-crypto/tests => tests}/suites/test_suite_error.data (100%) rename {tf-psa-crypto/tests => tests}/suites/test_suite_error.function (100%) diff --git a/tf-psa-crypto/tests/suites/test_suite_error.data b/tests/suites/test_suite_error.data similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_error.data rename to tests/suites/test_suite_error.data diff --git a/tf-psa-crypto/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_error.function rename to tests/suites/test_suite_error.function From 3901af52b8d3a0a4d134445c7421235a34b66b42 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 15 Oct 2024 12:03:11 +0100 Subject: [PATCH 07/19] Add x509 library to utility programs This commit adds Mbed TLS x509 as a library dependency for utility programs. This is necessary for strerror.c to work correctly. Signed-off-by: Harry Ramsey --- programs/util/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index 264d9416cc..9ceb13f7cf 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -1,5 +1,6 @@ set(libs ${mbedcrypto_target} + ${mbedx509_target} ) set(executables From 8b4b15269a60bec1c7fb1a5fb0497eec643b9ad2 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 15 Oct 2024 12:04:26 +0100 Subject: [PATCH 08/19] Fix test scripts for split error files This commit fixes failing tests to do with generated files and code styles. Signed-off-by: Harry Ramsey --- tests/scripts/check-generated-files.sh | 2 +- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 583c26e8de..a224e58cad 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -170,7 +170,7 @@ check scripts/generate_driver_wrappers.py ${crypto_core_dir}/psa_crypto_driver_w # Additional checks for Mbed TLS only if in_mbedtls_repo; then - check scripts/generate_errors.pl ${builtin_drivers_dir}/error.c + check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c check framework/scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index 4598a93f5a..dc5e387cc2 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERRORCOMMON_COMMON_H -#define MBEDTLS_ERRORCOMMON_COMMON_H +#ifndef MBEDTLS_ERRORCOMMON_H +#define MBEDTLS_ERRORCOMMON_H #include "mbedtls/build_info.h" From 9c664050980c1167df996759a34d8c5194d180db Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Wed, 16 Oct 2024 14:08:19 +0100 Subject: [PATCH 09/19] Disable strerror in test programs This commit disables printing strerror messages in test programs. This is due to moving the functions back to Mbed TLS and wanting to keep dependencies of programs small. The code has not been removed but simply commented out for when these functions are reimplemented. Signed-off-by: Harry Ramsey --- programs/pkey/gen_key.c | 5 +++-- programs/pkey/key_app.c | 5 +++-- programs/pkey/key_app_writer.c | 5 +++-- programs/pkey/pk_decrypt.c | 5 +++-- programs/pkey/pk_encrypt.c | 5 +++-- programs/pkey/pk_sign.c | 5 +++-- programs/pkey/pk_verify.c | 5 +++-- programs/test/benchmark.c | 5 +++-- 8 files changed, 24 insertions(+), 16 deletions(-) diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 83d7b71875..da7d262f2e 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -453,8 +453,9 @@ exit: if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" - %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); */ #else mbedtls_printf("\n"); #endif diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index e3a6966050..5ccb063274 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -347,8 +347,9 @@ cleanup: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 60f992e431..a460b18dba 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -469,8 +469,9 @@ exit: if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" - %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); */ #else mbedtls_printf("\n"); #endif diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index b8f7943d62..025f69c069 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -142,8 +142,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index a916bc6e25..9ada67d5b8 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -143,8 +143,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index d48911c886..b8f06c4fb1 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -143,8 +143,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index b4e84c303f..063abd755a 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -117,8 +117,9 @@ exit: #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { - mbedtls_strerror(ret, (char *) buf, sizeof(buf)); - mbedtls_printf(" ! Last error was: %s\n", buf); + mbedtls_printf("Error code: %d", ret); + /* mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); */ } #endif diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 93c17291f2..36ac02259b 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -117,8 +117,9 @@ static unsigned long mbedtls_timing_hardclock(void); #if defined(MBEDTLS_ERROR_C) #define PRINT_ERROR \ - mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ - mbedtls_printf("FAILED: %s\n", tmp); + mbedtls_printf("Error code: %d", ret); +/* mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ + mbedtls_printf("FAILED: %s\n", tmp); */ #else #define PRINT_ERROR \ mbedtls_printf("FAILED: -0x%04x\n", (unsigned int) -ret); From c44f67b5811ca1360aba75da797d9a996155d6e3 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Wed, 16 Oct 2024 21:46:44 +0100 Subject: [PATCH 10/19] Fix error.c generation issue with headers This commit fixes include issues with error.c. Since error_common.h now defines error codes, this is a mandatory include. The macro MBEDTLS_ERROR_C guards functions for strerror which is now found in error.h. Signed-off-by: Harry Ramsey --- scripts/generate_errors.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 147ecdca76..c05184227c 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -37,7 +37,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY ERROR_COMMON GCM HKDF HMAC_DRBG LMS MD5 + ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5 NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 SHA3 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD @@ -91,6 +91,7 @@ foreach my $file (@files) { if ($found) { my $include_name = $file; $include_name =~ s!.*/!!; + $include_name = "error.h" if ($include_name eq "error_common.h"); push @necessary_include_files, $include_name; } } @@ -121,7 +122,6 @@ foreach my $match (@matches) $module_name = "BIGNUM" if ($module_name eq "MPI"); $module_name = "CTR_DRBG" if ($module_name eq "CTR"); $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); - $module_name = "ERROR_COMMON" if ($module_name eq "ERROR"); my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); From 924dca9d392aacb8edb61d056de1f168003c0007 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Fri, 18 Oct 2024 12:25:20 +0100 Subject: [PATCH 11/19] Move mbedtls_test_hook_error_add from error.c to helpers.c This commit moves mbedtls_test_hook_error_add from error.c to helpers.c. Signed-off-by: Harry Ramsey --- scripts/data_files/error.fmt | 4 ---- tests/src/helpers.c | 5 +++++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 781e72a919..b75a9ab4ec 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -152,8 +152,4 @@ void mbedtls_strerror(int ret, char *buf, size_t buflen) #endif /* MBEDTLS_ERROR_C */ -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif - #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index db50296e01..bf823fed3e 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -717,4 +717,9 @@ void mbedtls_test_err_add_check(int high, int low, line, file); } } + +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + #endif /* MBEDTLS_TEST_HOOKS */ From bef54c5003a185d749b7b6dbdc728938aa3b0cb7 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:00:24 +0100 Subject: [PATCH 12/19] Remove unnecessary if defined This commit removes unnecessary if defined for multiple files as they are already guarded. Signed-off-by: Harry Ramsey --- tests/src/helpers.c | 2 -- tf-psa-crypto/tests/suites/helpers.function | 2 -- tf-psa-crypto/tests/suites/main_test.function | 2 -- 3 files changed, 6 deletions(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index bf823fed3e..1a157331b6 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -718,8 +718,6 @@ void mbedtls_test_err_add_check(int high, int low, } } -#if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)(int, int, const char *, int); -#endif #endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tf-psa-crypto/tests/suites/helpers.function b/tf-psa-crypto/tests/suites/helpers.function index f28da70537..37ed61ac51 100644 --- a/tf-psa-crypto/tests/suites/helpers.function +++ b/tf-psa-crypto/tests/suites/helpers.function @@ -16,9 +16,7 @@ #include #include -#if defined(MBEDTLS_ERRORCOMMON_C) #include "mbedtls/error_common.h" -#endif #include "mbedtls/platform.h" #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) diff --git a/tf-psa-crypto/tests/suites/main_test.function b/tf-psa-crypto/tests/suites/main_test.function index fd0656ba38..aebae1c967 100644 --- a/tf-psa-crypto/tests/suites/main_test.function +++ b/tf-psa-crypto/tests/suites/main_test.function @@ -232,9 +232,7 @@ int main(int argc, const char *argv[]) #if defined(MBEDTLS_TEST_HOOKS) extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const char *file); mbedtls_test_hook_test_fail = &mbedtls_test_fail; -#if defined(MBEDTLS_ERRORCOMMON_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; -#endif #endif /* Try changing to the directory containing the executable, if From b791a88c33a66cb8a03d816cb59a1a9228a11e45 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:05:20 +0100 Subject: [PATCH 13/19] Fix test case dependency This commit fixes the error test suite to depend on MBEDTLS_ERROR_C rather than MBEDTLS_ERRORCOMMON_C. Signed-off-by: Harry Ramsey --- tests/suites/test_suite_error.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function index 2c17463b3b..4c38ab05f2 100644 --- a/tests/suites/test_suite_error.function +++ b/tests/suites/test_suite_error.function @@ -1,9 +1,9 @@ /* BEGIN_HEADER */ -#include "mbedtls/error_common.h" +#include "mbedtls/error.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ERRORCOMMON_C + * depends_on:MBEDTLS_ERROR_C * END_DEPENDENCIES */ From 8b3f513c0ae6436587f2cc053a2bdab7bdd29ac4 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 12:26:59 +0100 Subject: [PATCH 14/19] Fix linking error for mbedtls_test_hook_error_add This commit fixes a linking error with psa_sim_crypto_server.c where mbedtls_test_hook_error_add was undefined. Signed-off-by: Harry Ramsey --- tests/psa-client-server/psasim/src/psa_sim_crypto_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c index b2ed070c8a..2daacd8498 100644 --- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c +++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c @@ -21,6 +21,10 @@ #error "Error: MBEDTLS_PSA_CRYPTO_C must be enabled on server build" #endif +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#endif + // Returns 1 for success, 0 for failure int psa_crypto_init_wrapper( uint8_t *in_params, size_t in_params_len, From c0240b314f45c392f8f0d2de972815613ce76699 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 21 Oct 2024 18:38:15 +0100 Subject: [PATCH 15/19] Fix formatting issue This commit fixes a formatting issue where whitespace was added at the end of lines. Signed-off-by: Harry Ramsey --- tests/psa-client-server/psasim/src/psa_sim_crypto_server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c index 2daacd8498..a88fc51cce 100644 --- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c +++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c @@ -21,8 +21,8 @@ #error "Error: MBEDTLS_PSA_CRYPTO_C must be enabled on server build" #endif -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)(int, int, const char *, int); +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif // Returns 1 for success, 0 for failure From 331f08430c28444475a0e82b8ae9fceb361b1c55 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:27:08 +0100 Subject: [PATCH 16/19] Move error.o to OBJS_X509 This commit moves error.o to a build object for OBJS_X509. Signed-off-by: Harry Ramsey --- library/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/Makefile b/library/Makefile index d69f9e0592..53c8600077 100644 --- a/library/Makefile +++ b/library/Makefile @@ -148,7 +148,6 @@ OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \ - error.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \ @@ -206,6 +205,7 @@ OBJS_X509= \ x509write_crt.o \ x509write_csr.o \ pkcs7.o \ + error.o \ # This line is intentionally left blank OBJS_TLS= \ From fa3663d63364cd6bdcedb19a0a1b2455adc1a0f7 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:33:36 +0100 Subject: [PATCH 17/19] Fix include for tf-psa-crypto tests This commit replaces #includes "error.h" with #include "error_common.h" since error.h no longer exists in tf-psa-crypto. Signed-off-by: Harry Ramsey --- tf-psa-crypto/tests/suites/test_suite_dhm.function | 2 +- tf-psa-crypto/tests/suites/test_suite_pkcs5.function | 2 +- tf-psa-crypto/tests/suites/test_suite_pkparse.function | 2 +- .../tests/suites/test_suite_psa_crypto_se_driver_hal.function | 2 +- tf-psa-crypto/tests/suites/test_suite_rsa.function | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_dhm.function b/tf-psa-crypto/tests/suites/test_suite_dhm.function index 6c6f15bbf7..d040c81bc4 100644 --- a/tf-psa-crypto/tests/suites/test_suite_dhm.function +++ b/tf-psa-crypto/tests/suites/test_suite_dhm.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/dhm.h" -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" static int check_get_value(const mbedtls_dhm_context *ctx, mbedtls_dhm_parameter param, diff --git a/tf-psa-crypto/tests/suites/test_suite_pkcs5.function b/tf-psa-crypto/tests/suites/test_suite_pkcs5.function index f6be142089..56582d4b45 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pkcs5.function +++ b/tf-psa-crypto/tests/suites/test_suite_pkcs5.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pkcs5.h" #include "mbedtls/cipher.h" /* END_HEADER */ diff --git a/tf-psa-crypto/tests/suites/test_suite_pkparse.function b/tf-psa-crypto/tests/suites/test_suite_pkparse.function index 1cd6e2bb98..15c6de039b 100644 --- a/tf-psa-crypto/tests/suites/test_suite_pkparse.function +++ b/tf-psa-crypto/tests/suites/test_suite_pkparse.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/pk.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 66d2a4eb99..400d89dc04 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -9,7 +9,7 @@ #if defined(MBEDTLS_PSA_ITS_FILE_C) #include "psa_crypto_its.h" #else /* Native ITS implementation */ -#include "psa/error.h" +#include "psa/error_common.h" #include "psa/internal_trusted_storage.h" #endif diff --git a/tf-psa-crypto/tests/suites/test_suite_rsa.function b/tf-psa-crypto/tests/suites/test_suite_rsa.function index b84848b916..0d086a4e7e 100644 --- a/tf-psa-crypto/tests/suites/test_suite_rsa.function +++ b/tf-psa-crypto/tests/suites/test_suite_rsa.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/error.h" +#include "mbedtls/error_common.h" #include "mbedtls/rsa.h" #include "bignum_core.h" #include "rsa_alt_helpers.h" From ddc59dca21ab6ba7b7352fcc50ec9876d3f2a92a Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 10:36:21 +0100 Subject: [PATCH 18/19] Refactor error_common ifdef header This commit refactors MBEDTLS_ERRORCOMMON_H to MBEDTLS_ERROR_COMMON_H. Signed-off-by: Harry Ramsey --- tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index dc5e387cc2..58f1cde331 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -7,8 +7,8 @@ * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#ifndef MBEDTLS_ERRORCOMMON_H -#define MBEDTLS_ERRORCOMMON_H +#ifndef MBEDTLS_ERROR_COMMON_H +#define MBEDTLS_ERROR_COMMON_H #include "mbedtls/build_info.h" From 08007ed23db3f78c96ab5169e393f43c0d920571 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Tue, 22 Oct 2024 14:18:17 +0100 Subject: [PATCH 19/19] Update guards for crypto only builds This commit updates the guards for crypto only builds to prevent error.c being built. Signed-off-by: Harry Ramsey --- scripts/config.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index beeb5e27e0..0641a23cb1 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -218,6 +218,8 @@ def include_in_crypto(name): 'MBEDTLS_DEBUG_C', # part of libmbedtls 'MBEDTLS_NET_C', # part of libmbedtls 'MBEDTLS_PKCS7_C', # part of libmbedx509 + 'MBEDTLS_ERROR_C', # part of libmbedx509 + 'MBEDTLS_ERROR_STRERROR_DUMMY', # part of libmbedx509 ]: return False if name in EXCLUDE_FROM_CRYPTO: