PSA Crypto error code definitions

Removed the psa_status_t enum and defined error codes as defines.
Conditionally defining PSA_SUCCESS and psa_status_t.

include/psa/crypto.h

@@ -50,18 +50,24 @@ extern "C" {
  *
  * Zero indicates success, anything else indicates an error.
  */
-typedef enum {
+#if defined(PSA_SUCCESS)
-    /** The action was completed successfully. */
+typedef psa_error_t psa_status_t;
-    PSA_SUCCESS = 0,
+#else
-    /** The requested operation or a parameter is not supported
+typedef int32_t psa_status_t;
+/** The action was completed successfully. */
+#define PSA_SUCCESS ((psa_status_t)0)
+#endif // PSA_SUCCESS
+
+/** The requested operation or a parameter is not supported
  * by this implementation.
  *
  * Implementations should return this error code when an enumeration
  * parameter such as a key type, algorithm, etc. is not recognized.
  * If a combination of parameters is recognized and identified as
  * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_NOT_SUPPORTED,
+#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)1)
-    /** The requested action is denied by a policy.
+
+/** The requested action is denied by a policy.
  *
  * Implementations should return this error code when the parameters
  * are recognized as valid and supported, and a policy explicitly
@@ -72,8 +78,9 @@ typedef enum {
  * not valid or not supported, it is unspecified whether the function
  * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
  * #PSA_ERROR_INVALID_ARGUMENT. */
-    PSA_ERROR_NOT_PERMITTED,
+#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)2)
-    /** An output buffer is too small.
+
+/** An output buffer is too small.
  *
  * Applications can call the `PSA_xxx_SIZE` macro listed in the function
  * description to determine a sufficient buffer size.
@@ -83,22 +90,25 @@ typedef enum {
  * buffer would succeed. However implementations may return this
  * error if a function has invalid or unsupported parameters in addition
  * to the parameters that determine the necessary output buffer size. */
-    PSA_ERROR_BUFFER_TOO_SMALL,
+#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)3)
-    /** A slot is occupied, but must be empty to carry out the
+
+/** A slot is occupied, but must be empty to carry out the
  * requested action.
  *
  * If the slot number is invalid (i.e. the requested action could
  * not be performed even after erasing the slot's content),
  * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_OCCUPIED_SLOT,
+#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)4)
-    /** A slot is empty, but must be occupied to carry out the
+
+/** A slot is empty, but must be occupied to carry out the
  * requested action.
  *
  * If the slot number is invalid (i.e. the requested action could
  * not be performed even after creating appropriate content in the slot),
  * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_EMPTY_SLOT,
+#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)5)
-    /** The requested action cannot be performed in the current state.
+
+/** The requested action cannot be performed in the current state.
  *
  * Multipart operations return this error when one of the
  * functions is called out of sequence. Refer to the function
@@ -108,8 +118,9 @@ typedef enum {
  * that a key slot is occupied when it needs to be free or vice versa,
  * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
  * as applicable. */
-    PSA_ERROR_BAD_STATE,
+#define PSA_ERROR_BAD_STATE             ((psa_status_t)6)
-    /** The parameters passed to the function are invalid.
+
+/** The parameters passed to the function are invalid.
  *
  * Implementations may return this error any time a parameter or
  * combination of parameters are recognized as invalid.
@@ -118,21 +129,24 @@ typedef enum {
  * that a key slot is occupied when it needs to be free or vice versa,
  * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
  * as applicable. */
-    PSA_ERROR_INVALID_ARGUMENT,
+#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)7)
-    /** There is not enough runtime memory.
+
+/** There is not enough runtime memory.
  *
  * If the action is carried out across multiple security realms, this
  * error can refer to available memory in any of the security realms. */
-    PSA_ERROR_INSUFFICIENT_MEMORY,
+#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)8)
-    /** There is not enough persistent storage.
+
+/** There is not enough persistent storage.
  *
  * Functions that modify the key storage return this error code if
  * there is insufficient storage space on the host media. In addition,
  * many functions that do not otherwise access storage may return this
  * error code if the implementation requires a mandatory log entry for
  * the requested action and the log storage space is full. */
-    PSA_ERROR_INSUFFICIENT_STORAGE,
+#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)9)
-    /** There was a communication failure inside the implementation.
+
+/** There was a communication failure inside the implementation.
  *
  * This can indicate a communication failure between the application
  * and an external cryptoprocessor or between the cryptoprocessor and
@@ -147,8 +161,9 @@ typedef enum {
  * cryptoprocessor but there was a breakdown of communication before
  * the cryptoprocessor could report the status to the application.
  */
-    PSA_ERROR_COMMUNICATION_FAILURE,
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)10)
-    /** There was a storage failure that may have led to data loss.
+
+/** There was a storage failure that may have led to data loss.
  *
  * This error indicates that some persistent storage is corrupted.
  * It should not be used for a corruption of volatile memory
@@ -171,13 +186,15 @@ typedef enum {
  * permanent storage corruption. However application writers should
  * keep in mind that transient errors while reading the storage may be
  * reported using this error code. */
-    PSA_ERROR_STORAGE_FAILURE,
+#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)11)
-    /** A hardware failure was detected.
+
+/** A hardware failure was detected.
  *
  * A hardware failure may be transient or permanent depending on the
  * cause. */
-    PSA_ERROR_HARDWARE_FAILURE,
+#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)12)
-    /** A tampering attempt was detected.
+
+/** A tampering attempt was detected.
  *
  * If an application receives this error code, there is no guarantee
  * that previously accessed or computed data was correct and remains
@@ -206,8 +223,9 @@ typedef enum {
  * This error indicates an attack against the application. Implementations
  * shall not return this error code as a consequence of the behavior of
  * the application itself. */
-    PSA_ERROR_TAMPERING_DETECTED,
+#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)13)
-    /** There is not enough entropy to generate random data needed
+
+/** There is not enough entropy to generate random data needed
  * for the requested action.
  *
  * This error indicates a failure of a hardware random generator.
@@ -224,8 +242,9 @@ typedef enum {
  * secure pseudorandom generator (PRNG). However implementations may return
  * this error at any time if a policy requires the PRNG to be reseeded
  * during normal operation. */
-    PSA_ERROR_INSUFFICIENT_ENTROPY,
+#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)14)
-    /** The signature, MAC or hash is incorrect.
+
+/** The signature, MAC or hash is incorrect.
  *
  * Verification functions return this error if the verification
  * calculations completed successfully, and the value to be verified
@@ -233,8 +252,9 @@ typedef enum {
  *
  * If the value to verify has an invalid size, implementations may return
  * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-    PSA_ERROR_INVALID_SIGNATURE,
+#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)15)
-    /** The decrypted padding is incorrect.
+
+/** The decrypted padding is incorrect.
  *
  * \warning In some protocols, when decrypting data, it is essential that
  * the behavior of the application does not depend on whether the padding
@@ -248,14 +268,14 @@ typedef enum {
  * as close as possible to indistinguishable to an external observer.
  * In particular, the timing of a decryption operation should not
  * depend on the validity of the padding. */
-    PSA_ERROR_INVALID_PADDING,
+#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)16)
-    /** An error occurred that does not correspond to any defined
+
+/** An error occurred that does not correspond to any defined
  * failure cause.
  *
  * Implementations may use this error code if none of the other standard
  * error codes are applicable. */
-    PSA_ERROR_UNKNOWN_ERROR,
+#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)17)
-} psa_status_t;
 
 /**
  * \brief Library initialization.