From 86326a9131101aa3cb18ffaca7d9b5511c360f39 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 30 Nov 2020 16:50:34 +0100 Subject: [PATCH] Fix possible error codes in the documentation Signed-off-by: gabor-mezei-arm --- include/psa/crypto.h | 10 +++++++++- include/psa/crypto_compat.h | 1 + include/psa/crypto_se_driver.h | 1 - library/psa_crypto.c | 3 +-- library/psa_crypto_storage.c | 8 ++++---- library/psa_crypto_storage.h | 5 +---- 6 files changed, 16 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 66222c5c9..fdebabb26 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -98,7 +98,6 @@ extern "C" { * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_crypto_init(void); @@ -373,6 +372,8 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -508,6 +509,7 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -547,6 +549,10 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * There was an failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. * \retval #PSA_ERROR_DATA_INVALID + * This error is typically a result of either storage corruption on a + * cleartext storage backend, or an attempt to read data that was + * written by an incompatible version of the library. + * \retval #PSA_ERROR_STORAGE_FAILURE * The storage is corrupted. Implementations shall make a best effort * to erase key material even in this stage, however applications * should be aware that it may be impossible to guarantee that the @@ -3566,6 +3572,7 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3732,6 +3739,7 @@ psa_status_t psa_generate_random(uint8_t *output, * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index f593b6d81..ccbfa7131 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -296,6 +296,7 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * through implementation-specific means. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT * \retval #PSA_ERROR_BAD_STATE diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 77295b61f..f5fe02990 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -1380,7 +1380,6 @@ typedef struct { * \return #PSA_ERROR_NOT_PERMITTED * \return #PSA_ERROR_STORAGE_FAILURE * \return #PSA_ERROR_DATA_CORRUPT - * \return #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_register_se_driver( psa_key_location_t location, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7258f7284..48597b33c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2098,8 +2098,7 @@ static psa_status_t psa_start_key_creation( * \retval #PSA_ERROR_ALREADY_EXISTS * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_ERROR_STORAGE_FAILURE * * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 86e416dd8..ce37b1232 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -93,6 +93,7 @@ static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) * \retval #PSA_SUCCESS * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DOES_NOT_EXIST */ static psa_status_t psa_crypto_storage_load( @@ -139,11 +140,10 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) * that make up the data. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_ALREADY_EXISTS + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_DATA_CORRUPT */ static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key, const uint8_t *data, @@ -214,9 +214,9 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) * \param[out] data_length The number of bytes that make up the data. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INVALID_ARGUMENT */ static psa_status_t psa_crypto_storage_get_data_length( const mbedtls_svc_key_id_t key, diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index a681690a3..49d5f2091 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -96,11 +96,10 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_ALREADY_EXISTS * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_DOES_NOT_EXIST */ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, const uint8_t *data, @@ -130,7 +129,6 @@ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, uint8_t **data, @@ -342,7 +340,6 @@ psa_status_t psa_crypto_save_transaction( void ); * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_crypto_load_transaction( void );