From dbf6896c827f31cc96b1263596cf7bc3a30cfec5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jan 2021 20:04:23 +0100
Subject: [PATCH] mbedtls_to_psa_error: prefer dispatching on the low-level
 error

When an Mbed TLS error code combines a low-level error and a
high-level error, the low-level error is usually closer to the root
cause (for example HW_ACCEL_FAILED or ENTROPY_SOURCE_FAILED is more
informative than RSA_PRIVATE_FAILED). So prioritize the low-level code
when converting to a PSA error code, rather than the high-level code
as was (rather arbitrarily) done before.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/psa_crypto.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 73f5a6e72..b7c459166 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -135,9 +135,11 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
 
 psa_status_t mbedtls_to_psa_error( int ret )
 {
-    /* If there's both a high-level code and low-level code, dispatch on
-     * the high-level code. */
-    switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
+    /* Mbed TLS error codes can combine a high-level error code and a
+     * low-level error code. The low-level error usually reflects the
+     * root cause better, so dispatch on that preferably. */
+    int low_level_ret = - ( -ret & 0x007f );
+    switch( low_level_ret != 0 ? low_level_ret : ret )
     {
         case 0:
             return( PSA_SUCCESS );