Error codes for hardware accelerator failures
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography modules where the software implementation can be replaced by a hardware implementation. This does not include the individual message digest modules since they currently have no way to return error codes. This does include the higher-level md, cipher and pk modules since alternative implementations and even algorithms can be plugged in at runtime.
This commit is contained in:
Gilles Peskine
parent
9214327623
commit
7ecab3df4c
19 changed files with 84 additions and 18 deletions
|
|
@ -45,6 +45,10 @@
|
|||
#include "mbedtls/aes.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ARC4_C)
|
||||
#include "mbedtls/arc4.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
#include "mbedtls/base64.h"
|
||||
#endif
|
||||
|
|
@ -69,6 +73,10 @@
|
|||
#include "mbedtls/cipher.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CMAC_C)
|
||||
#include "mbedtls/cmac.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#endif
|
||||
|
|
@ -185,6 +193,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
|
||||
mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid, eg because it was free()ed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_CIPHER_C */
|
||||
|
||||
#if defined(MBEDTLS_DHM_C)
|
||||
|
|
@ -206,6 +216,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_DHM_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
|
|
@ -225,6 +237,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
|
||||
mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
|
|
@ -236,6 +250,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
|
||||
if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
|
||||
|
|
@ -288,6 +304,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
|
||||
if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
|
||||
mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
|
||||
if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_PK_C */
|
||||
|
||||
#if defined(MBEDTLS_PKCS12_C)
|
||||
|
|
@ -333,6 +351,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
|
||||
if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
|
||||
mbedtls_snprintf( buf, buflen, "RSA - The implementation doesn't offer the requested operation, e.g. because of security violations or lack of functionality" );
|
||||
if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS_C)
|
||||
|
|
@ -522,8 +542,15 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
|
||||
mbedtls_snprintf( buf, buflen, "AES - Feature not available, e.g. unsupported AES key size" );
|
||||
if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#if defined(MBEDTLS_ARC4_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_ARC4_C */
|
||||
|
||||
#if defined(MBEDTLS_ASN1_PARSE_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
|
||||
mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
|
||||
|
|
@ -570,6 +597,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
#if defined(MBEDTLS_BLOWFISH_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
|
||||
#endif /* MBEDTLS_BLOWFISH_C */
|
||||
|
|
@ -579,6 +608,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
|
|
@ -586,8 +617,15 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to function" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_CCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CMAC_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_CMAC_C */
|
||||
|
||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
|
||||
|
|
@ -602,6 +640,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
#if defined(MBEDTLS_DES_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
|
||||
#if defined(MBEDTLS_ENTROPY_C)
|
||||
|
|
@ -620,6 +660,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
#if defined(MBEDTLS_GCM_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
|
||||
mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
|
@ -684,6 +726,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
#if defined(MBEDTLS_XTEA_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_XTEA_C */
|
||||
// END generated code
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue