Error codes for hardware accelerator failures

Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography modules where the software implementation can be replaced by a hardware implementation. This does not include the individual message digest modules since they currently have no way to return error codes. This does include the higher-level md, cipher and pk modules since alternative implementations and even algorithms can be plugged in at runtime.
2024-10-18 10:11:04 +00:00 · 2018-01-26 17:56:38 +01:00 · 2018-01-26 17:56:38 +01:00 · 7ecab3df4c
parent 9214327623
commit 7ecab3df4c
19 changed files with 84 additions and 18 deletions
--- a/3
+++ b/3
@ -117,6 +117,9 @@ Changes
   * Tighten the RSA PKCS#1 v1.5 signature verification code and remove the
     undeclared dependency of the RSA module on the ASN.1 module.
   * Add mechanism to provide alternative implementation of the DHM module.
+   * Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
+     modules where the software implementation can be replaced by a hardware
+     implementation.

 = mbed TLS 2.6.0 branch released 2017-08-10

--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@ -41,8 +41,9 @@
 #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
 #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */

-/* Error codes in range 0x0023-0x0023 */
+/* Error codes in range 0x0023-0x0025 */
 #define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE               -0x0023  /**< Feature not available, e.g. unsupported AES key size. */
+#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED                   -0x0025  /**< AES hardware accelerator failed. */

 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
    !defined(inline) && !defined(__cplusplus)
--- a/include/mbedtls/arc4.h
+++ b/include/mbedtls/arc4.h
@ -32,6 +32,8 @@

 #include <stddef.h>

+#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED                  -0x0019  /**< ARC4 hardware accelerator failed. */
+
 #if !defined(MBEDTLS_ARC4_ALT)
 // Regular implementation
 //
--- a/include/mbedtls/blowfish.h
+++ b/include/mbedtls/blowfish.h
@ -41,6 +41,7 @@
 #define MBEDTLS_BLOWFISH_BLOCKSIZE   8          /* Blowfish uses 64 bit blocks */

 #define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH                -0x0016  /**< Invalid key length. */
+#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED                   -0x0017  /**< Blowfish hardware accelerator failed. */
 #define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH              -0x0018  /**< Invalid data input length. */

 #if !defined(MBEDTLS_BLOWFISH_ALT)
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@ -38,6 +38,7 @@

 #define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH           -0x0024  /**< Invalid key length. */
 #define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH         -0x0026  /**< Invalid data input length. */
+#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED              -0x0027  /**< Camellia hardware accelerator failed. */

 #if !defined(MBEDTLS_CAMELLIA_ALT)
 // Regular implementation
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@ -28,6 +28,7 @@

 #define MBEDTLS_ERR_CCM_BAD_INPUT      -0x000D /**< Bad input parameters to function. */
 #define MBEDTLS_ERR_CCM_AUTH_FAILED    -0x000F /**< Authenticated decryption failed. */
+#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED                   -0x0011  /**< CCM hardware accelerator failed. */

 #if !defined(MBEDTLS_CCM_ALT)
 // Regular implementation
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@ -58,7 +58,8 @@
 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING                -0x6200  /**< Input data contains invalid padding and is rejected. */
 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED            -0x6280  /**< Decryption of block requires a full block. */
 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED                    -0x6300  /**< Authentication failed (for AEAD modes). */
-#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT              -0x6380  /**< The context is invalid, eg because it was free()ed. */
+#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT                -0x6380  /**< The context is invalid, eg because it was free()ed. */
+#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED                -0x6400  /**< Cipher hardware accelerator failed. */

 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN     0x01    /**< Cipher accepts IVs of variable length */
 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN    0x02    /**< Cipher accepts keys of variable length */
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@ -31,6 +31,8 @@
 extern "C" {
 #endif

+#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED                  -0x007A  /**< CMAC hardware accelerator failed. */
+
 #define MBEDTLS_AES_BLOCK_SIZE          16
 #define MBEDTLS_DES3_BLOCK_SIZE         8

--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@ -37,6 +37,7 @@
 #define MBEDTLS_DES_DECRYPT     0

 #define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH              -0x0032  /**< The data input has an invalid length. */
+#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED                   -0x0033  /**< DES hardware accelerator failed. */

 #define MBEDTLS_DES_KEY_SIZE    8

--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@ -44,6 +44,7 @@
 #define MBEDTLS_ERR_DHM_INVALID_FORMAT                    -0x3380  /**< The ASN.1 data is not formatted correctly. */
 #define MBEDTLS_ERR_DHM_ALLOC_FAILED                      -0x3400  /**< Allocation of memory failed. */
 #define MBEDTLS_ERR_DHM_FILE_IO_ERROR                     -0x3480  /**< Read/write of file failed. */
+#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED                   -0x3500  /**< DHM hardware accelerator failed. */

 /**
 * RFC 3526 defines a number of standardized Diffie-Hellman groups
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@ -37,6 +37,7 @@
 #define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00  /**< Generation of random value, such as (ephemeral) key, failed. */
 #define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80  /**< Invalid private or public key. */
 #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< Signature is valid but shorter than the user-supplied length. */
+#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED                   -0x4B80  /**< ECP hardware accelerator failed. */

 #if !defined(MBEDTLS_ECP_ALT)
 /*
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@ -50,23 +50,25 @@
 *
 * Module   Nr  Codes assigned
 * MPI       7  0x0002-0x0010
- * GCM       2  0x0012-0x0014
- * BLOWFISH  2  0x0016-0x0018
+ * GCM       3  0x0012-0x0014   0x0013-0x0013
+ * BLOWFISH  3  0x0016-0x0018   0x0017-0x0017
 * THREADING 3  0x001A-0x001E
- * AES       2  0x0020-0x0022   0x0023-0x0023
- * CAMELLIA  2  0x0024-0x0026
- * XTEA      1  0x0028-0x0028
+ * AES       4  0x0020-0x0022   0x0023-0x0025
+ * CAMELLIA  3  0x0024-0x0026   0x0027-0x0027
+ * XTEA      2  0x0028-0x0028   0x0029-0x0029
 * BASE64    2  0x002A-0x002C
 * OID       1  0x002E-0x002E   0x000B-0x000B
 * PADLOCK   1  0x0030-0x0030
- * DES       1  0x0032-0x0032
+ * DES       2  0x0032-0x0032   0x0033-0x0033
 * CTR_DBRG  4  0x0034-0x003A
 * ENTROPY   3  0x003C-0x0040   0x003D-0x003F
 * NET      11  0x0042-0x0052   0x0043-0x0045
 * ASN1      7  0x0060-0x006C
+ * CMAC      1  0x007A-0x007A
 * PBKDF2    1  0x007C-0x007C
 * HMAC_DRBG 4  0x0003-0x0009
- * CCM       2                  0x000D-0x000F
+ * CCM       3                  0x000D-0x0011
+ * ARC4      1                  0x0019-0x0019
 *
 * High-level module nr (3 bits - 0x0...-0x7...)
 * Name      ID  Nr of Errors
@ -74,12 +76,12 @@
 * PKCS#12   1   4 (Started from top)
 * X509      2   20
 * PKCS5     2   4 (Started from top)
- * DHM       3   9
- * PK        3   14 (Started from top)
- * RSA       4   10
- * ECP       4   8 (Started from top)
- * MD        5   4
- * CIPHER    6   6
+ * DHM       3   10
+ * PK        3   15 (Started from top)
+ * RSA       4   11
+ * ECP       4   9 (Started from top)
+ * MD        5   5
+ * CIPHER    6   8
 * SSL       6   17 (Started from top)
 * SSL       7   31
 *
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@ -32,6 +32,7 @@
 #define MBEDTLS_GCM_DECRYPT     0

 #define MBEDTLS_ERR_GCM_AUTH_FAILED                       -0x0012  /**< Authenticated decryption failed. */
+#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED                   -0x0013  /**< GCM hardware accelerator failed. */
 #define MBEDTLS_ERR_GCM_BAD_INPUT                         -0x0014  /**< Bad input parameters to function. */

 #if !defined(MBEDTLS_GCM_ALT)
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@ -38,6 +38,7 @@
 #define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
 #define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
 #define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
+#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED                    -0x5280  /**< MD hardware accelerator failed. */

 #ifdef __cplusplus
 extern "C" {
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@ -64,6 +64,7 @@
 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00  /**< Elliptic curve is unsupported (only NIST curves are supported). */
 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980  /**< Unavailable feature, e.g. RSA disabled for RSA key. */
 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH    -0x3900  /**< The signature is valid but its length is less than expected. */
+#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED     -0x3880  /**< PK hardware accelerator failed. */

 #ifdef __cplusplus
 extern "C" {
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@ -50,6 +50,7 @@
 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE                  -0x4400  /**< The output buffer for decryption is not large enough. */
 #define MBEDTLS_ERR_RSA_RNG_FAILED                        -0x4480  /**< The random generator failed to generate non-zeros. */
 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION             -0x4500  /**< The implementation doesn't offer the requested operation, e.g. because of security violations or lack of functionality */
+#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED                   -0x4580  /**< RSA hardware accelerator failed. */

 /*
 * RSA constants
--- a/include/mbedtls/xtea.h
+++ b/include/mbedtls/xtea.h
@ -37,6 +37,7 @@
 #define MBEDTLS_XTEA_DECRYPT     0

 #define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH             -0x0028  /**< The data input has an invalid length. */
+#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED                  -0x0029  /**< XTEA hardware accelerator failed. */

 #if !defined(MBEDTLS_XTEA_ALT)
 // Regular implementation
--- a/library/error.c
+++ b/library/error.c
@ -45,6 +45,10 @@
 #include "mbedtls/aes.h"
 #endif

+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
 #if defined(MBEDTLS_BASE64_C)
 #include "mbedtls/base64.h"
 #endif
@ -69,6 +73,10 @@
 #include "mbedtls/cipher.h"
 #endif

+#if defined(MBEDTLS_CMAC_C)
+#include "mbedtls/cmac.h"
+#endif
+
 #if defined(MBEDTLS_CTR_DRBG_C)
 #include "mbedtls/ctr_drbg.h"
 #endif
@ -185,6 +193,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
        if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
            mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid, eg because it was free()ed" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
 #endif /* MBEDTLS_CIPHER_C */

 #if defined(MBEDTLS_DHM_C)
@ -206,6 +216,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
        if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
            mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
 #endif /* MBEDTLS_DHM_C */

 #if defined(MBEDTLS_ECP_C)
@ -225,6 +237,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
        if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
            mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
 #endif /* MBEDTLS_ECP_C */

 #if defined(MBEDTLS_MD_C)
@ -236,6 +250,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
        if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
            mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
 #endif /* MBEDTLS_MD_C */

 #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
@ -288,6 +304,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
        if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
            mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
+        if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
 #endif /* MBEDTLS_PK_C */

 #if defined(MBEDTLS_PKCS12_C)
@ -333,6 +351,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
        if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
            mbedtls_snprintf( buf, buflen, "RSA - The implementation doesn't offer the requested operation, e.g. because of security violations or lack of functionality" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
 #endif /* MBEDTLS_RSA_C */

 #if defined(MBEDTLS_SSL_TLS_C)
@ -522,8 +542,15 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
        mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
    if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
        mbedtls_snprintf( buf, buflen, "AES - Feature not available, e.g. unsupported AES key size" );
+    if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
 #endif /* MBEDTLS_AES_C */

+#if defined(MBEDTLS_ARC4_C)
+    if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
+#endif /* MBEDTLS_ARC4_C */
+
 #if defined(MBEDTLS_ASN1_PARSE_C)
    if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
        mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
@ -570,6 +597,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
 #if defined(MBEDTLS_BLOWFISH_C)
    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
        mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
+    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
        mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
 #endif /* MBEDTLS_BLOWFISH_C */
@ -579,6 +608,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
        mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
    if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
        mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
+    if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
 #endif /* MBEDTLS_CAMELLIA_C */

 #if defined(MBEDTLS_CCM_C)
@ -586,8 +617,15 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
        mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to function" );
    if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
        mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
+    if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
 #endif /* MBEDTLS_CCM_C */

+#if defined(MBEDTLS_CMAC_C)
+    if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
+#endif /* MBEDTLS_CMAC_C */
+
 #if defined(MBEDTLS_CTR_DRBG_C)
    if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
        mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
@ -602,6 +640,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
 #if defined(MBEDTLS_DES_C)
    if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
        mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
+    if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
 #endif /* MBEDTLS_DES_C */

 #if defined(MBEDTLS_ENTROPY_C)
@ -620,6 +660,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
 #if defined(MBEDTLS_GCM_C)
    if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
        mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
+    if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
    if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
        mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
 #endif /* MBEDTLS_GCM_C */
@ -684,6 +726,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
 #if defined(MBEDTLS_XTEA_C)
    if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
        mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
+    if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
 #endif /* MBEDTLS_XTEA_C */
    // END generated code

--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@ -29,9 +29,9 @@ if( @ARGV ) {

 my $error_format_file = $data_dir.'/error.fmt';

-my @low_level_modules = qw( AES ASN1 BASE64 BIGNUM BLOWFISH
-                            CAMELLIA CCM CTR_DRBG DES ENTROPY
-                            GCM HMAC_DRBG MD2 MD4 MD5
+my @low_level_modules = qw( AES ARC4 ASN1 BASE64 BIGNUM BLOWFISH
+                            CAMELLIA CCM CMAC CTR_DRBG DES
+                            ENTROPY GCM HMAC_DRBG MD2 MD4 MD5
                            NET OID PADLOCK PBKDF2 RIPEMD160
                            SHA1 SHA256 SHA512 THREADING XTEA );
 my @high_level_modules = qw( CIPHER DHM ECP MD