commit 89dad93a78c674152e40f8d84dbb2e24ea65ff35
author Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com> Mon Jan 31 09:18:07 2022 +0100
committer Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com> Mon Jan 31 15:39:24 2022 +0100
tree 64d85ae81aa286a1a4c1d14dfe737d252f1fdbda
parent 2cb59df939a684e9492715abce6790a7e26105a9

Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index c484415..4f2caa2 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2056,7 +2056,7 @@
  *
  * \return             corresponding mbedtls error code
  */
-static inline int psa_status_to_mbedtls( psa_status_t status )
+static inline int ssl_psa_status_to_mbedtls( psa_status_t status )
 {
     switch( status )
     {
@@ -2066,6 +2066,8 @@
             return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
         case PSA_ERROR_NOT_SUPPORTED:
             return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INVALID_SIGNATURE:
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
         default:
             return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
     }

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 6e3dff7..1d9b012 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -744,26 +744,26 @@
                                         transform->psa_key_enc, transform->psa_alg );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_set_iv( &cipher_op, transform->iv_enc, transform->ivlen );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_update( &cipher_op,
                                         data, rec->data_len,
                                         data, rec->data_len, &olen );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_finish( &cipher_op,
                                         data + olen, rec->data_len - olen,
                                         &part_len );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             olen += part_len;
         } else {
@@ -872,7 +872,7 @@
                                &rec->data_len );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 #else
         if( ( ret = mbedtls_cipher_auth_encrypt_ext( &transform->cipher_ctx_enc,
                    iv, transform->ivlen,
@@ -986,26 +986,26 @@
                                     transform->psa_key_enc, transform->psa_alg );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_set_iv( &cipher_op, transform->iv_enc, transform->ivlen );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_update( &cipher_op,
                                     data, rec->data_len,
                                     data, rec->data_len, &olen );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_finish( &cipher_op,
                                     data + olen, rec->data_len - olen,
                                     &part_len );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         olen += part_len;
 #else
@@ -1177,26 +1177,26 @@
                                         transform->psa_key_dec, transform->psa_alg );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_set_iv( &cipher_op, transform->iv_dec, transform->ivlen );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_update( &cipher_op,
                                         data, rec->data_len,
                                         data, rec->data_len, &olen );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             status = psa_cipher_finish( &cipher_op,
                                         data + olen, rec->data_len - olen,
                                         &part_len );
 
             if( status != PSA_SUCCESS )
-                return( psa_status_to_mbedtls( status ) );
+                return( ssl_psa_status_to_mbedtls( status ) );
 
             olen += part_len;
         } else {
@@ -1325,7 +1325,7 @@
                                &olen );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 #else
         if( ( ret = mbedtls_cipher_auth_decrypt_ext( &transform->cipher_ctx_dec,
                   iv, transform->ivlen,
@@ -1512,26 +1512,26 @@
                                     transform->psa_key_dec, transform->psa_alg );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_set_iv( &cipher_op, transform->iv_dec, transform->ivlen );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_update( &cipher_op,
                                     data, rec->data_len,
                                     data, rec->data_len, &olen );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         status = psa_cipher_finish( &cipher_op,
                                     data + olen, rec->data_len - olen,
                                     &part_len );
 
         if( status != PSA_SUCCESS )
-            return( psa_status_to_mbedtls( status ) );
+            return( ssl_psa_status_to_mbedtls( status ) );
 
         olen += part_len;
 #else

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ba8a096..a3148fb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1015,7 +1015,7 @@
                                  &key_type,
                                  &key_bits ) ) != PSA_SUCCESS )
     {
-        ret = psa_status_to_mbedtls( status );
+        ret = ssl_psa_status_to_mbedtls( status );
         MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cipher_to_psa", ret );
         goto end;
     }
@@ -1031,7 +1031,7 @@
                              PSA_BITS_TO_BYTES( key_bits ),
                              &transform->psa_key_enc ) ) != PSA_SUCCESS )
     {
-        ret = psa_status_to_mbedtls( status );
+        ret = ssl_psa_status_to_mbedtls( status );
         MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", ret );
         goto end;
     }
@@ -1043,7 +1043,7 @@
                              PSA_BITS_TO_BYTES( key_bits ),
                              &transform->psa_key_dec ) ) != PSA_SUCCESS )
     {
-        ret = psa_status_to_mbedtls( status );
+        ret = ssl_psa_status_to_mbedtls( status );
         MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", ret );
         goto end;
     }

library/ssl_tls13_keys.c

diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 13122c8..7defac2 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -936,8 +936,8 @@
                                  &key_type,
                                  &key_bits ) ) != PSA_SUCCESS )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cipher_to_psa", psa_status_to_mbedtls( status ) );
-        return( psa_status_to_mbedtls( status ) );
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cipher_to_psa", ssl_psa_status_to_mbedtls( status ) );
+        return( ssl_psa_status_to_mbedtls( status ) );
     }
 
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
@@ -951,8 +951,8 @@
                              PSA_BITS_TO_BYTES( key_bits ),
                              &transform->psa_key_enc ) ) != PSA_SUCCESS )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", psa_status_to_mbedtls( status ) );
-        return( psa_status_to_mbedtls( status ) );
+        MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", ssl_psa_status_to_mbedtls( status ) );
+        return( ssl_psa_status_to_mbedtls( status ) );
     }
 
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
@@ -962,8 +962,8 @@
                              PSA_BITS_TO_BYTES( key_bits ),
                              &transform->psa_key_dec ) ) != PSA_SUCCESS )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", psa_status_to_mbedtls( status ) );
-        return( psa_status_to_mbedtls( status ) );
+        MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_key", ssl_psa_status_to_mbedtls( status ) );
+        return( ssl_psa_status_to_mbedtls( status ) );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */