commit 324c6e9cc9768f435f0f13bf66b3df449b94ceb3
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Nov 06 11:52:41 2019 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Nov 21 15:14:59 2019 +0100
tree 84777add74386b5302cd5e2daccfe5da013e75d4
parent e6d6f17738b46a73bbf255073a96899b1667840d

Add error code MBEDTLS_ERR_PLATFORM_FAULT_DETECTED

This can be used by Mbed TLS functions in any module to signal that a fault
attack is likely happening, so this can be appropriately handled by the
application (report, fall back to safer mode or even halt, etc.)

include/mbedtls/error.h

diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 31f294f..a52f9f5 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -86,7 +86,7 @@
  * CHACHA20  3                  0x0051-0x0055
  * POLY1305  3                  0x0057-0x005B
  * CHACHAPOLY 2 0x0054-0x0056
- * PLATFORM  1  0x0070-0x0072
+ * PLATFORM  3  0x0070-0x0072   0x0071-0x0071
  *
  * High-level module nr (3 bits - 0x0...-0x7...)
  * Name      ID  Nr of Errors

include/mbedtls/platform.h

diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 89fe8a7..82d5e33 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -45,6 +45,7 @@
 
 #define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED     -0x0070 /**< Hardware accelerator failed */
 #define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */
+#define MBEDTLS_ERR_PLATFORM_FAULT_DETECTED      -0x0071 /**< A fault was detected in a critical path, likely indicative of an active physical attack */
 
 #ifdef __cplusplus
 extern "C" {