mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-10 22:35:38 +00:00
mbedtls_to_psa_error: prefer dispatching on the low-level error
When an Mbed TLS error code combines a low-level error and a high-level error, the low-level error is usually closer to the root cause (for example HW_ACCEL_FAILED or ENTROPY_SOURCE_FAILED is more informative than RSA_PRIVATE_FAILED). So prioritize the low-level code when converting to a PSA error code, rather than the high-level code as was (rather arbitrarily) done before. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
1631514b8e
commit
dbf6896c82
|
@ -135,9 +135,11 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
|
||||||
|
|
||||||
psa_status_t mbedtls_to_psa_error( int ret )
|
psa_status_t mbedtls_to_psa_error( int ret )
|
||||||
{
|
{
|
||||||
/* If there's both a high-level code and low-level code, dispatch on
|
/* Mbed TLS error codes can combine a high-level error code and a
|
||||||
* the high-level code. */
|
* low-level error code. The low-level error usually reflects the
|
||||||
switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
|
* root cause better, so dispatch on that preferably. */
|
||||||
|
int low_level_ret = - ( -ret & 0x007f );
|
||||||
|
switch( low_level_ret != 0 ? low_level_ret : ret )
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
|
|
Loading…
Reference in a new issue