Crypto: Improve code quality
This patch fixes the following things:
* add const keyword when mutability is not required
* cast unused parameters/return values to void to be more explicit
Change-Id: I62471d95cc3249db2cf00fdd12c9634f12e99747
Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
diff --git a/interface/include/crypto_psa_wrappers.h b/interface/include/crypto_psa_wrappers.h
index 81d3894..61c4772 100644
--- a/interface/include/crypto_psa_wrappers.h
+++ b/interface/include/crypto_psa_wrappers.h
@@ -39,8 +39,7 @@
* \brief This function is a TF-M compatible wrapper for the
* \ref tfm_crypto_cipher_update implemented in the Crypto service
*
- * \param[out] operation Pointer to the structure containing output parameters
- * associated with \ref psa_cipher_update_output
+ * \param[out] operation Pointer to a cipher operation context in the backend
* \param[in] input_s Pointer to the structure containing input parameters
* associated with \ref psa_cipher_update_input
* \param[out] output_s Pointer to the structure containing output parameters
@@ -48,9 +47,9 @@
*
*/
enum tfm_crypto_err_t tfm_crypto_cipher_update_wrapper(
- psa_cipher_operation_t *operation,
- struct psa_cipher_update_input *input_s,
- struct psa_cipher_update_output *output_s);
+ psa_cipher_operation_t *operation,
+ const struct psa_cipher_update_input *input_s,
+ const struct psa_cipher_update_output *output_s);
/*!
* \struct psa_aead_encrypt_input
@@ -121,8 +120,8 @@
*
*/
enum tfm_crypto_err_t tfm_crypto_aead_encrypt_wrapper(
- struct psa_aead_encrypt_input *input_s,
- struct psa_aead_encrypt_output *output_s);
+ const struct psa_aead_encrypt_input *input_s,
+ const struct psa_aead_encrypt_output *output_s);
/*!
* \brief This function is a TF-M compatible wrapper for the
* \ref tfm_crypto_aead_decrypt implemented in the Crypto service
@@ -134,8 +133,8 @@
*
*/
enum tfm_crypto_err_t tfm_crypto_aead_decrypt_wrapper(
- struct psa_aead_decrypt_input *input_s,
- struct psa_aead_decrypt_output *output_s);
+ const struct psa_aead_decrypt_input *input_s,
+ const struct psa_aead_decrypt_output *output_s);
#ifdef __cplusplus
}
#endif
diff --git a/interface/src/tfm_crypto_api.c b/interface/src/tfm_crypto_api.c
index 9d28d5b..1ee71d8 100644
--- a/interface/src/tfm_crypto_api.c
+++ b/interface/src/tfm_crypto_api.c
@@ -83,6 +83,11 @@
size_t data_size,
size_t *data_length)
{
+ (void)key;
+ (void)data;
+ (void)data_size;
+ (void)data_length;
+
/* TODO: This API is not supported yet */
return PSA_ERROR_NOT_SUPPORTED;
}
diff --git a/secure_fw/services/crypto/crypto_cipher.c b/secure_fw/services/crypto/crypto_cipher.c
index 85fe892..9f6ae9d 100644
--- a/secure_fw/services/crypto/crypto_cipher.c
+++ b/secure_fw/services/crypto/crypto_cipher.c
@@ -128,7 +128,7 @@
/* Start the crypto engine */
status = tfm_crypto_engine_cipher_start(&(ctx->engine_ctx), &engine_info);
if (status != PSA_SUCCESS) {
- /* Release the operation context */
+ /* Release the operation context, ignore if this operation fails. */
(void)tfm_crypto_cipher_release(operation, ctx);
return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
}
@@ -145,7 +145,7 @@
CRYPTO_CIPHER_MAX_KEY_LENGTH,
&key_size);
if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
- /* Release the operation context */
+ /* Release the operation context, ignore if this operation fails. */
(void)tfm_crypto_cipher_release(operation, ctx);
return err;
}
@@ -156,7 +156,7 @@
key_size,
&engine_info);
if (status != PSA_SUCCESS) {
- /* Release the operation context */
+ /* Release the operation context, ignore if this operation fails. */
(void)tfm_crypto_cipher_release(operation, ctx);
return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
}
@@ -171,7 +171,7 @@
status = tfm_crypto_engine_cipher_set_padding_mode(&(ctx->engine_ctx),
&engine_info);
if (status != PSA_SUCCESS) {
- /* Release the operation context */
+ /* Release the operation context, ignore if this operation fails. */
(void)tfm_crypto_cipher_release(operation, ctx);
return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
}
diff --git a/secure_fw/services/crypto/crypto_hash.c b/secure_fw/services/crypto/crypto_hash.c
index 5e99dbf..7dc6582 100644
--- a/secure_fw/services/crypto/crypto_hash.c
+++ b/secure_fw/services/crypto/crypto_hash.c
@@ -92,7 +92,7 @@
/* Start the engine */
status = tfm_crypto_engine_hash_start(&(ctx->engine_ctx), &engine_info);
if (status != PSA_SUCCESS) {
- /* Release the operation context */
+ /* Release the operation context, ignore if the operation fails. */
(void)tfm_crypto_hash_release(operation, ctx);
return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
}
diff --git a/secure_fw/services/crypto/crypto_key.c b/secure_fw/services/crypto/crypto_key.c
index 277ed10..499ffa7 100644
--- a/secure_fw/services/crypto/crypto_key.c
+++ b/secure_fw/services/crypto/crypto_key.c
@@ -10,9 +10,9 @@
#include "tfm_crypto_api.h"
#include "crypto_utils.h"
+#include "secure_fw/core/tfm_memory_utils.h"
#include "psa_crypto.h"
#include "tfm_crypto_defs.h"
-#include "secure_fw/core/tfm_memory_utils.h"
/**
* \brief This is the default value of maximum number of simultaneous
@@ -100,7 +100,7 @@
enum tfm_crypto_err_t tfm_crypto_init_key(void)
{
/* Clear the contents of the local key_storage */
- tfm_memset(key_storage, 0, sizeof(key_storage));
+ (void)tfm_memset(key_storage, 0, sizeof(key_storage));
return TFM_CRYPTO_ERR_PSA_SUCCESS;
}
@@ -275,6 +275,11 @@
size_t data_size,
size_t *data_length)
{
+ (void)key;
+ (void)data;
+ (void)data_size;
+ (void)data_length;
+
/* FIXME: This API is not supported yet */
return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
}
diff --git a/secure_fw/services/crypto/crypto_mac.c b/secure_fw/services/crypto/crypto_mac.c
index 2ffe331..2aeb99e 100644
--- a/secure_fw/services/crypto/crypto_mac.c
+++ b/secure_fw/services/crypto/crypto_mac.c
@@ -5,6 +5,7 @@
*
*/
+#include "crypto_utils.h"
#include "secure_fw/core/tfm_memory_utils.h"
#include "tfm_crypto_defs.h"
@@ -13,7 +14,6 @@
#include "tfm_crypto_struct.h"
#include "tfm_crypto_api.h"
-#include "crypto_utils.h"
/**
* \def UNUSED_VAR
@@ -34,7 +34,7 @@
static void mac_zeroize(void *data, size_t size)
{
- tfm_memset(data, 0, size);
+ (void)tfm_memset(data, 0, size);
}
static size_t get_hash_block_size(psa_algorithm_t alg)
@@ -67,18 +67,11 @@
psa_mac_operation_t *operation,
struct tfm_mac_operation_s *ctx)
{
- enum tfm_crypto_err_t err;
-
/* No release necessary on the ctx related quantites for the time being */
UNUSED_VAR(ctx);
/* Release the operation context */
- err = tfm_crypto_operation_release(TFM_CRYPTO_MAC_OPERATION, operation);
- if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
- return err;
- }
-
- return TFM_CRYPTO_ERR_PSA_SUCCESS;
+ return tfm_crypto_operation_release(TFM_CRYPTO_MAC_OPERATION, operation);
}
static enum tfm_crypto_err_t tfm_crypto_hmac_setup(
diff --git a/secure_fw/services/crypto/crypto_wrappers.c b/secure_fw/services/crypto/crypto_wrappers.c
index 40e08ce..6bd40d9 100644
--- a/secure_fw/services/crypto/crypto_wrappers.c
+++ b/secure_fw/services/crypto/crypto_wrappers.c
@@ -19,9 +19,9 @@
/*!@{*/
enum tfm_crypto_err_t tfm_crypto_cipher_update_wrapper(
- psa_cipher_operation_t *operation,
- struct psa_cipher_update_input *input_s,
- struct psa_cipher_update_output *output_s)
+ psa_cipher_operation_t *operation,
+ const struct psa_cipher_update_input *input_s,
+ const struct psa_cipher_update_output *output_s)
{
/* Extract the following fields from the input and output structures */
const uint8_t *input = input_s->input;
@@ -36,8 +36,8 @@
}
enum tfm_crypto_err_t tfm_crypto_aead_encrypt_wrapper(
- struct psa_aead_encrypt_input *input_s,
- struct psa_aead_encrypt_output *output_s)
+ const struct psa_aead_encrypt_input *input_s,
+ const struct psa_aead_encrypt_output *output_s)
{
/* Extract the following fields from the input and output structures */
psa_key_slot_t key = input_s->key;
@@ -60,8 +60,8 @@
}
enum tfm_crypto_err_t tfm_crypto_aead_decrypt_wrapper(
- struct psa_aead_decrypt_input *input_s,
- struct psa_aead_decrypt_output *output_s)
+ const struct psa_aead_decrypt_input *input_s,
+ const struct psa_aead_decrypt_output *output_s)
{
/* Extract the following fields from the input and output structures */
psa_key_slot_t key = input_s->key;