Crypto: Make parameter error code consistent
This patch makes the parameter validation error code
inline with the other checks being done on parameters.
The previous PSA_ERROR_CONNECTION_REFUSED is now replaced
with PSA_ERROR_PROGRAMMER_ERROR.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I26e0c52e42404ef497265fd64dadce06adbd71bd
diff --git a/secure_fw/partitions/crypto/crypto_key.c b/secure_fw/partitions/crypto/crypto_key.c
index caf5387..a2ca7d8 100644
--- a/secure_fw/partitions/crypto/crypto_key.c
+++ b/secure_fw/partitions/crypto/crypto_key.c
@@ -8,11 +8,6 @@
#include <stddef.h>
#include <stdint.h>
-/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
- * integrity checks but this will have to be revised
- * when the full set of error codes mandated by PSA FF
- * is available.
- */
#include "tfm_mbedcrypto_include.h"
#include "tfm_crypto_api.h"
@@ -200,7 +195,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
(out_vec[0].len != sizeof(psa_key_handle_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct psa_client_key_attributes_s *client_key_attr = in_vec[1].base;
const uint8_t *data = in_vec[2].base;
@@ -261,7 +256,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(psa_app_key_id_t)) ||
(out_vec[0].len != sizeof(psa_key_handle_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
psa_app_key_id_t client_key_id = *((psa_app_key_id_t *)in_vec[1].base);
@@ -314,7 +309,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -351,7 +346,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -388,7 +383,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -426,7 +421,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
struct psa_client_key_attributes_s *client_key_attr = out_vec[0].base;
@@ -465,7 +460,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -489,7 +484,7 @@
CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -515,7 +510,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(out_vec[0].len != sizeof(psa_key_handle_t)) ||
(in_vec[1].len != sizeof(struct psa_client_key_attributes_s))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
@@ -577,7 +572,7 @@
if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
(in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
(out_vec[0].len != sizeof(psa_key_handle_t))) {
- return PSA_ERROR_CONNECTION_REFUSED;
+ return PSA_ERROR_PROGRAMMER_ERROR;
}
psa_key_handle_t *key_handle = out_vec[0].base;
const struct psa_client_key_attributes_s *client_key_attr = in_vec[1].base;