Crypto: Make parameter error code consistent
This patch makes the parameter validation error code
inline with the other checks being done on parameters.
The previous PSA_ERROR_CONNECTION_REFUSED is now replaced
with PSA_ERROR_PROGRAMMER_ERROR.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I26e0c52e42404ef497265fd64dadce06adbd71bd
diff --git a/secure_fw/partitions/crypto/crypto_key_derivation.c b/secure_fw/partitions/crypto/crypto_key_derivation.c
index baeab11..b2e09be 100644
--- a/secure_fw/partitions/crypto/crypto_key_derivation.c
+++ b/secure_fw/partitions/crypto/crypto_key_derivation.c
@@ -8,11 +8,6 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
- * integrity checks but this will have to be revised
- * when the full set of error codes mandated by PSA FF
- * is available.
- */
#include "tfm_mbedcrypto_include.h"
/* Required for mbedtls_calloc in tfm_crypto_huk_derivation_input_bytes */
@@ -147,7 +142,7 @@
if ((out_vec[0].len != sizeof(uint32_t)) ||
(in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint32_t handle = iov->op_handle;
@@ -193,7 +188,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(size_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -227,7 +222,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -260,7 +255,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 0, 0);
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -301,7 +296,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -335,7 +330,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -376,7 +371,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
(out_vec[0].len != sizeof(psa_key_handle_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -442,7 +437,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(uint32_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -494,7 +489,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 0, 0);
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -537,7 +532,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
uint8_t *output = out_vec[0].base;
size_t output_size = out_vec[0].len;
@@ -558,7 +553,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 0, 1);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
uint8_t *output = out_vec[0].base;