Skip to content

Commit

Permalink
[crypto] Rename cryptolib status value enum members.
Browse files Browse the repository at this point in the history
This is a fixup after code review and mostly consists of running:
```
git ls-files sw/ | xargs sed -i -E 's/kOtcryptoStatus/kOtcryptoStatusValue/g'
```
and then manually reviewing the result.

Signed-off-by: Jade Philipoom <[email protected]>
  • Loading branch information
jadephilipoom committed Jan 12, 2024
1 parent 31fe5c7 commit 0d0e777
Show file tree
Hide file tree
Showing 7 changed files with 56 additions and 55 deletions.
11 changes: 6 additions & 5 deletions sw/device/lib/crypto/impl/status.h
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,14 @@ extern "C" {
((__LINE__ & 0x7ff) << 5) | kUnimplemented)})
#else

#define OTCRYPTO_RECOV_ERR ((status_t){.value = kOtcryptoStatusInternalError})
#define OTCRYPTO_FATAL_ERR ((status_t){.value = kCryptoStatusFatalError})
#define OTCRYPTO_BAD_ARGS ((status_t){.value = kOtcryptoStatusBadArgs})
#define OTCRYPTO_RECOV_ERR \
((status_t){.value = kOtcryptoStatusValueInternalError})
#define OTCRYPTO_FATAL_ERR ((status_t){.value = kOtcryptoStatusValueFatalError})
#define OTCRYPTO_BAD_ARGS ((status_t){.value = kOtcryptoStatusValueBadArgs})
#define OTCRYPTO_ASYNC_INCOMPLETE \
((status_t){.value = kOtcryptoStatusAsyncIncomplete})
((status_t){.value = kOtcryptoStatusValueAsyncIncomplete})
#define OTCRYPTO_NOT_IMPLEMENTED \
((status_t){.value = kOtcryptoStatusNotImplemented})
((status_t){.value = kOtcryptoStatusValueNotImplemented})

#endif

Expand Down
10 changes: 5 additions & 5 deletions sw/device/lib/crypto/impl/status_unittest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ namespace status_unittest {
namespace {

TEST(Status, OkIsHardenedTrue) {
EXPECT_EQ(kOtcryptoStatusOk, kHardenedBoolTrue);
EXPECT_EQ(kOtcryptoStatusValueOk, kHardenedBoolTrue);
}

int HammingDistance(int32_t a, int32_t b) {
Expand All @@ -32,19 +32,19 @@ TEST(Status, TopLevelStatusHammingDistance) {
OTCRYPTO_ASYNC_INCOMPLETE, OTCRYPTO_NOT_IMPLEMENTED};

// Expect the "OK" code to have a significant Hamming distance from 0.
EXPECT_GE(HammingDistance(kOtcryptoStatusOk, 0), kMinimumHammingDistance)
<< "The 'OK' status code " << kOtcryptoStatusOk
EXPECT_GE(HammingDistance(kOtcryptoStatusValueOk, 0), kMinimumHammingDistance)
<< "The 'OK' status code " << kOtcryptoStatusValueOk
<< " is too close to zero.";

for (const otcrypto_status_t status1 : error_codes) {
// Expect a significant Hamming distance from 0.
EXPECT_GE(HammingDistance(status1.value, 0), kMinimumHammingDistance)
<< "Error code " << status1.value << " is too close to zero.";
// Expect an extra significant Hamming distance from the "OK" code.
EXPECT_GE(HammingDistance(status1.value, kOtcryptoStatusOk),
EXPECT_GE(HammingDistance(status1.value, kOtcryptoStatusValueOk),
kMinimumHammingDistance)
<< "Error code " << status1.value << " is too close to the 'OK' value ("
<< kOtcryptoStatusOk << ").";
<< kOtcryptoStatusValueOk << ").";

// Expect a significant Hamming distance from all other error codes.
for (const otcrypto_status_t status2 : error_codes) {
Expand Down
6 changes: 3 additions & 3 deletions sw/device/lib/crypto/include/aes.h
Original file line number Diff line number Diff line change
Expand Up @@ -90,9 +90,9 @@ typedef struct otcrypto_aes_gcm_context {
* Get the number of blocks needed for the plaintext length and padding mode.
*
* This returns the size of the padded plaintext, which is the same as the
* ciphertext size. Returns `kOtcryptoStatusBadArgs` if the padding mode and
* length are incompatible (for instance, if the padding mode is "no padding"
* but the input length is not a multiple of the AES block size).
* ciphertext size. Returns `kOtcryptoStatusValueBadArgs` if the padding mode
* and length are incompatible (for instance, if the padding mode is "no
* padding" but the input length is not a multiple of the AES block size).
*
* @param plaintext_len Plaintext data length in bytes.
* @param aes_padding Padding scheme to be used for the data.
Expand Down
12 changes: 6 additions & 6 deletions sw/device/lib/crypto/include/datatypes.h
Original file line number Diff line number Diff line change
Expand Up @@ -59,18 +59,18 @@ typedef status_t otcrypto_status_t;
*/
typedef enum otcrypto_status_value {
// Status is OK; no errors.
kOtcryptoStatusOk = (int32_t)0x739,
kOtcryptoStatusValueOk = (int32_t)0x739,
// Invalid input arguments; wrong length or invalid type.
kOtcryptoStatusBadArgs = (int32_t)0x8000fea0 | kInvalidArgument,
kOtcryptoStatusValueBadArgs = (int32_t)0x8000fea0 | kInvalidArgument,
// Error after which it is OK to retry (e.g. timeout).
kOtcryptoStatusInternalError = (int32_t)0x80005340 | kAborted,
kOtcryptoStatusValueInternalError = (int32_t)0x80005340 | kAborted,
// Error after which it is not OK to retry (e.g. integrity check).
kCryptoStatusFatalError = (int32_t)0x80006d80 | kFailedPrecondition,
kOtcryptoStatusValueFatalError = (int32_t)0x80006d80 | kFailedPrecondition,
// An asynchronous operation is still in progress.
kOtcryptoStatusAsyncIncomplete = (int32_t)0x8000ea40 | kUnavailable,
kOtcryptoStatusValueAsyncIncomplete = (int32_t)0x8000ea40 | kUnavailable,
// TODO: remove all instances of this error before release; it is to track
// implementations that are not yet complete.
kOtcryptoStatusNotImplemented = (int32_t)0x80008d20 | kUnimplemented,
kOtcryptoStatusValueNotImplemented = (int32_t)0x80008d20 | kUnimplemented,
} otcrypto_status_value_t;

/**
Expand Down
68 changes: 34 additions & 34 deletions sw/device/lib/crypto/include/ecc.h
Original file line number Diff line number Diff line change
Expand Up @@ -320,8 +320,8 @@ otcrypto_status_t otcrypto_x25519(const otcrypto_blinded_key_t *private_key,
* only for a custom curve. For named curves this field is ignored
* and can be set to `NULL`.
*
* Returns `kOtcryptoStatusOk` if the operation was successfully
* started, or`kOtcryptoStatusInternalError` if the operation cannot be
* Returns `kOtcryptoStatusValueOk` if the operation was successfully
* started, or`kOtcryptoStatusValueInternalError` if the operation cannot be
* started.
*
* @param elliptic_curve Pointer to the elliptic curve to be used.
Expand All @@ -336,10 +336,10 @@ otcrypto_status_t otcrypto_ecdsa_keygen_async_start(
/**
* Finalizes the asynchronous key generation for ECDSA operation.
*
* Returns `kOtcryptoStatusOk` and copies the private key (d) and public
* Returns `kOtcryptoStatusValueOk` and copies the private key (d) and public
* key (Q), if the OTBN status is done, or
* `kOtcryptoStatusAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusInternalError` if there is an error.
* `kOtcryptoStatusValueAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusValueInternalError` if there is an error.
*
* The caller must ensure that the `elliptic_curve` parameter matches the one
* that was previously passed to the corresponding `_start` function; a
Expand Down Expand Up @@ -378,9 +378,9 @@ otcrypto_status_t otcrypto_ecdsa_sign_async_start(
/**
* Finalizes the asynchronous ECDSA digital signature generation.
*
* Returns `kOtcryptoStatusOk` and copies the signature if the OTBN
* status is done, or `kOtcryptoStatusAsyncIncomplete` if the OTBN is
* busy or `kOtcryptoStatusInternalError` if there is an error.
* Returns `kOtcryptoStatusValueOk` and copies the signature if the OTBN
* status is done, or `kOtcryptoStatusValueAsyncIncomplete` if the OTBN is
* busy or `kOtcryptoStatusValueInternalError` if there is an error.
*
* The caller must ensure that the `elliptic_curve` parameter matches the one
* that was previously passed to the corresponding `_start` function; a
Expand Down Expand Up @@ -419,9 +419,9 @@ otcrypto_status_t otcrypto_ecdsa_verify_async_start(
/**
* Finalizes the asynchronous ECDSA digital signature verification.
*
* Returns `kOtcryptoStatusOk` and populates the `verification result`
* if the OTBN status is done. `kOtcryptoStatusAsyncIncomplete` if the
* OTBN is busy or `kOtcryptoStatusInternalError` if there is an error.
* Returns `kOtcryptoStatusValueOk` and populates the `verification result`
* if the OTBN status is done. `kOtcryptoStatusValueAsyncIncomplete` if the
* OTBN is busy or `kOtcryptoStatusValueInternalError` if there is an error.
* The computed signature is compared against the input signature
* and a PASS or FAIL is returned.
*
Expand Down Expand Up @@ -453,8 +453,8 @@ otcrypto_status_t otcrypto_ecdsa_verify_async_finalize(
* only for a custom curve. For named curves this field is ignored
* and can be set to `NULL`.
*
* Returns `kOtcryptoStatusOk` if the operation was successfully
* started, or`kOtcryptoStatusInternalError` if the operation cannot be
* Returns `kOtcryptoStatusValueOk` if the operation was successfully
* started, or`kOtcryptoStatusValueInternalError` if the operation cannot be
* started.
*
* @param elliptic_curve Pointer to the elliptic curve to be used.
Expand All @@ -469,10 +469,10 @@ otcrypto_status_t otcrypto_ecdh_keygen_async_start(
/**
* Finalizes the asynchronous key generation for ECDSA operation.
*
* Returns `kOtcryptoStatusOk` and copies the private key (d) and public
* Returns `kOtcryptoStatusValueOk` and copies the private key (d) and public
* key (Q), if the OTBN status is done, or
* `kOtcryptoStatusAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusInternalError` if there is an error.
* `kOtcryptoStatusValueAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusValueInternalError` if there is an error.
*
* The caller must ensure that the `elliptic_curve` parameter matches the one
* that was previously passed to the corresponding `_start` function; a
Expand Down Expand Up @@ -512,9 +512,9 @@ otcrypto_status_t otcrypto_ecdh_async_start(
* Finalizes the asynchronous Elliptic Curve Diffie Hellman shared
* secret generation.
*
* Returns `kOtcryptoStatusOk` and copies `shared_secret` if the OTBN
* status is done, or `kOtcryptoStatusAsyncIncomplete` if the OTBN
* is busy or `kOtcryptoStatusInternalError` if there is an error.
* Returns `kOtcryptoStatusValueOk` and copies `shared_secret` if the OTBN
* status is done, or `kOtcryptoStatusValueAsyncIncomplete` if the OTBN
* is busy or `kOtcryptoStatusValueInternalError` if there is an error.
*
* The caller must ensure that the `elliptic_curve` parameter matches the one
* that was previously passed to the corresponding `_start` function; a
Expand Down Expand Up @@ -550,9 +550,9 @@ otcrypto_status_t otcrypto_ed25519_keygen_async_start(
/**
* Finalizes the asynchronous key generation for Ed25519.
*
* Returns `kOtcryptoStatusOk` and copies private key (d) and public key
* (Q), if the OTBN status is done, or `kOtcryptoStatusAsyncIncomplete`
* if the OTBN is busy or `kOtcryptoStatusInternalError` if there is an
* Returns `kOtcryptoStatusValueOk` and copies private key (d) and public key
* (Q), if the OTBN status is done, or `kOtcryptoStatusValueAsyncIncomplete`
* if the OTBN is busy or `kOtcryptoStatusValueInternalError` if there is an
* error.
*
* The caller must ensure that `config` matches the key configuration initially
Expand Down Expand Up @@ -588,9 +588,9 @@ otcrypto_status_t otcrypto_ed25519_sign_async_start(
/**
* Finalizes the asynchronous Ed25519 digital signature generation.
*
* Returns `kOtcryptoStatusOk` and copies the signature if the OTBN
* status is done, or `kOtcryptoStatusAsyncIncomplete` if the OTBN is
* busy or `kOtcryptoStatusInternalError` if there is an error.
* Returns `kOtcryptoStatusValueOk` and copies the signature if the OTBN
* status is done, or `kOtcryptoStatusValueAsyncIncomplete` if the OTBN is
* busy or `kOtcryptoStatusValueInternalError` if there is an error.
*
* @param[out] signature Pointer to the EdDSA signature to get (s) value.
* @return Result of async Ed25519 finalize operation.
Expand Down Expand Up @@ -621,10 +621,10 @@ otcrypto_status_t otcrypto_ed25519_verify_async_start(
/**
* Finalizes the asynchronous Ed25519 digital signature verification.
*
* Returns `kOtcryptoStatusOk` and populates the `verification result`
* Returns `kOtcryptoStatusValueOk` and populates the `verification result`
* with a PASS or FAIL, if the OTBN status is done,
* `kOtcryptoStatusAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusInternalError` if there is an error.
* `kOtcryptoStatusValueAsyncIncomplete` if the OTBN is busy or
* `kOtcryptoStatusValueInternalError` if there is an error.
*
* @param[out] verification_result Result of signature verification
* (Pass/Fail).
Expand Down Expand Up @@ -655,9 +655,9 @@ otcrypto_status_t otcrypto_x25519_keygen_async_start(
/**
* Finalizes the asynchronous key generation for X25519.
*
* Returns `kOtcryptoStatusOk` and copies private key (d) and public key
* (Q), if the OTBN status is done, or `kOtcryptoStatusAsyncIncomplete`
* if the OTBN is busy or `kOtcryptoStatusInternalError` if there is an
* Returns `kOtcryptoStatusValueOk` and copies private key (d) and public key
* (Q), if the OTBN status is done, or `kOtcryptoStatusValueAsyncIncomplete`
* if the OTBN is busy or `kOtcryptoStatusValueInternalError` if there is an
* error.
*
* The caller must ensure that `config` matches the key configuration initially
Expand Down Expand Up @@ -692,9 +692,9 @@ otcrypto_status_t otcrypto_x25519_async_start(
* Finalizes the asynchronous X25519 Diffie Hellman shared secret
* generation.
*
* Returns `kOtcryptoStatusOk` and copies `shared_secret` if the OTBN
* status is done, or `kOtcryptoStatusAsyncIncomplete` if the OTBN
* is busy or `kOtcryptoStatusInternalError` if there is an error.
* Returns `kOtcryptoStatusValueOk` and copies `shared_secret` if the OTBN
* status is done, or `kOtcryptoStatusValueAsyncIncomplete` if the OTBN
* is busy or `kOtcryptoStatusValueInternalError` if there is an error.
*
* @param[out] shared_secret Pointer to shared secret key (u-coordinate).
* @return Result of async X25519 finalize operation.
Expand Down
2 changes: 1 addition & 1 deletion sw/device/lib/crypto/include/kdf.h
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ otcrypto_status_t otcrypto_kdf_ctr(
*
* HKDF is defined in IETF RFC 5869 and is based on HMAC. The HMAC hash
* function is determined by the mode of the key derivation key, e.g. the key
* mode kOtcryptoKeyModeHmacSha256 results in HMAC with SHA-256. The key mode
* mode `kOtcryptoKeyModeHmacSha256` results in HMAC with SHA-256. The key mode
* for the output pseudo-random key (PRK) should match the key mode for the
* input key derivation key.
*
Expand Down
2 changes: 1 addition & 1 deletion sw/device/tests/crypto/rsa_3072_verify_functest.c
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ status_t rsa_3072_verify_test(const rsa_3072_verify_test_vector_t *testvec) {
return OTCRYPTO_RECOV_ERR;
}
// Error code may be OK or BAD_ARGS, but other errors indicate a problem.
if (!status_ok(err) && err.value != kOtcryptoStatusBadArgs) {
if (!status_ok(err) && err.value != kOtcryptoStatusValueBadArgs) {
LOG_ERROR("Unexpected error on invalid signature: %r.", err);
return err;
}
Expand Down

0 comments on commit 0d0e777

Please sign in to comment.