diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 0dfd6eed3..965125b4a 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -62,11 +62,6 @@ #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ -// TODO [TR] for #4283: can't remove it because it's still used in the code. -// see other TODOS -/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */ -#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */ - #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */ diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 38b89c8c4..170ef19ad 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -38,11 +38,6 @@ #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ -// TODO [TR] for #4283: can't remove it because it's still used in the code. -// see other TODOs -/* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */ -#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */ - #ifdef __cplusplus extern "C" { #endif diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 7e8e3941b..d4eff7308 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -67,11 +67,6 @@ #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ -// TODO [TR] for #4283 can't remove it because it's still used in the code. -// see the other TODOs -/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */ -#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ - #ifdef __cplusplus extern "C" { #endif diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f18857cf5..a9264e583 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -32,6 +32,10 @@ #include MBEDTLS_CONFIG_FILE #endif +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#endif + #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" @@ -352,11 +356,11 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) case PSA_ERROR_COMMUNICATION_FAILURE: case PSA_ERROR_HARDWARE_FAILURE: case PSA_ERROR_CORRUPTION_DETECTED: - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); default: /* We return the same as for the 'other failures', * but list them separately nonetheless to indicate * which failure conditions we have considered. */ - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); } } diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 9ed5c81dd..1a30dd6e2 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -54,10 +54,6 @@ #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ -/* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used. - */ -#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */ - /* * RSA constants */ diff --git a/library/cipher.c b/library/cipher.c index 457f8f660..45d7e7ede 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -328,7 +328,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, case PSA_ERROR_NOT_SUPPORTED: return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); default: - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); } /* Indicate that we own the key slot and need to * destroy it in mbedtls_cipher_free(). */ @@ -1244,23 +1244,23 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, * are terminated by unsuccessful calls to psa_cipher_update(), * and by any call to psa_cipher_finish(). */ if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); status = psa_cipher_set_iv( &cipher_op, iv, iv_len ); if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); status = psa_cipher_update( &cipher_op, input, ilen, output, ilen, olen ); if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); status = psa_cipher_finish( &cipher_op, output + *olen, ilen - *olen, &part_len ); if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); *olen += part_len; return( 0 ); @@ -1323,7 +1323,7 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, input, ilen, output, ilen + tag_len, olen ); if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); *olen -= tag_len; return( 0 ); @@ -1405,7 +1405,7 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, if( status == PSA_ERROR_INVALID_SIGNATURE ) return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); else if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); return( 0 ); } diff --git a/library/error.c b/library/error.c index a734bb437..ba67c3a3a 100644 --- a/library/error.c +++ b/library/error.c @@ -215,7 +215,7 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "CIPHER - Authentication failed (for AEAD modes)" ); case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): return( "CIPHER - The context is invalid. For example, because it was freed" ); - case -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED): + case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): return( "CIPHER - Cipher hardware accelerator failed" ); #endif /* MBEDTLS_CIPHER_C */ @@ -272,7 +272,7 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "MD - Failed to allocate memory" ); case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): return( "MD - Opening or reading of file failed" ); - case -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED): + case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): return( "MD - MD hardware accelerator failed" ); #endif /* MBEDTLS_MD_C */ @@ -326,7 +326,7 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): return( "PK - The buffer contains a valid signature followed by more data" ); - case -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED): + case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): return( "PK - PK hardware accelerator failed" ); #endif /* MBEDTLS_PK_C */ @@ -371,7 +371,7 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "RSA - The output buffer for decryption is not large enough" ); case -(MBEDTLS_ERR_RSA_RNG_FAILED): return( "RSA - The random generator failed to generate non-zeros" ); - case -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION): + case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): return( "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" ); #endif /* MBEDTLS_RSA_C */ diff --git a/library/pk.c b/library/pk.c index ecf002d45..89d0dca20 100644 --- a/library/pk.c +++ b/library/pk.c @@ -626,7 +626,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, /* import private key into PSA */ if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); /* make PK context wrap the key slot */ mbedtls_pk_free( pk ); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 107e912ac..d89ebb9f7 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -941,7 +941,7 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, /* this is only reached if the signature was invalid */ if( len == 0 ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); /* if the msb is 1, ASN.1 requires that we prepend a 0. * Neither r nor s can be 0, so we can assume len > 0 at all times. */ diff --git a/library/pkwrite.c b/library/pkwrite.c index 566153dd9..c9b0817e1 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -271,7 +271,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si key_id = *((psa_key_id_t*) key->pk_ctx ); if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); key_type = psa_get_key_type( &attributes ); bits = psa_get_key_bits( &attributes ); psa_reset_key_attributes( &attributes ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e367fbd9c..6c28574e0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7567,7 +7567,7 @@ exit: case PSA_ERROR_INSUFFICIENT_MEMORY: return( MBEDTLS_ERR_MD_ALLOC_FAILED ); default: - return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); } } return( 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index cdbaa13e6..b892ec207 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -630,7 +630,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, TEST_ASSERT( res == 0 ); #else TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) ); #endif if( res == 0 ) @@ -691,7 +691,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( res == 0 ); #else TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) ); #endif if( res == 0 )