AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rename PSA_ERROR_TAMPERING_DETECTED to ..._CORRUPTION_DETECTED

Browse Source 
“Tampering detected” was misleading because in the real world it can
also arise due to a software bug. “Corruption detected” is neutral and
more precisely reflects what can trigger the error.

perl -i -pe 's/PSA_ERROR_TAMPERING_DETECTED/PSA_ERROR_CORRUPTION_DETECTED/gi' $(git ls-files)
This commit is contained in:
Gilles Peskine 2019-05-16 21:35:18 +02:00
parent eef988fc2d
commit 4b3eb69271
8 changed files with 73 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/mbedtls/psa_util.h
View File

@ -413,7 +413,7 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
/* All other failures */
case PSA_ERROR_COMMUNICATION_FAILURE:
case PSA_ERROR_HARDWARE_FAILURE:
case PSA_ERROR_TAMPERING_DETECTED:
case PSA_ERROR_CORRUPTION_DETECTED:
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
default: /* We return the same as for the 'other failures',
* but list them separately nonetheless to indicate

114
include/psa/crypto.h
View File

@ -86,7 +86,7 @@ extern "C" {
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
*/
psa_status_t psa_crypto_init(void);
@ -651,7 +651,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -692,7 +692,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
* to erase key material even in this stage, however applications
* should be aware that it may be impossible to guarantee that the
* key material is not recoverable in such cases.
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* An unexpected condition which is not a storage corruption or
* a communication failure occurred. The cryptoprocessor may have
* been compromised.
@ -782,7 +782,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle);
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -854,7 +854,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle,
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -947,7 +947,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_copy_key(psa_key_handle_t source_handle,
const psa_key_attributes_t *attributes,
@ -981,7 +981,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_compute(psa_algorithm_t alg,
const uint8_t *input,
@ -1010,7 +1010,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_compare(psa_algorithm_t alg,
const uint8_t *input,
@ -1104,7 +1104,7 @@ static psa_hash_operation_t psa_hash_operation_init(void);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
psa_algorithm_t alg);
@ -1126,7 +1126,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_update(psa_hash_operation_t *operation,
const uint8_t *input,
@ -1167,7 +1167,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
uint8_t *hash,
@ -1203,7 +1203,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
const uint8_t *hash,
@ -1234,7 +1234,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
* \p operation is not an active hash operation.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
@ -1260,7 +1260,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
* \p target_operation is active.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
psa_hash_operation_t *target_operation);
@ -1303,7 +1303,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -1342,7 +1342,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_mac_verify(psa_key_handle_t handle,
psa_algorithm_t alg,
@ -1445,7 +1445,7 @@ static psa_mac_operation_t psa_mac_operation_init(void);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (already set up and not
* subsequently completed).
@ -1505,7 +1505,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (already set up and not
* subsequently completed).
@ -1537,7 +1537,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_mac_update(psa_mac_operation_t *operation,
const uint8_t *input,
@ -1579,7 +1579,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
uint8_t *mac,
@ -1615,7 +1615,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
const uint8_t *mac,
@ -1647,7 +1647,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
* \p operation is not an active MAC operation.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
@ -1690,7 +1690,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_encrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
@ -1732,7 +1732,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_decrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
@ -1837,7 +1837,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (already set up and not
* subsequently completed).
@ -1899,7 +1899,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (already set up and not
* subsequently completed).
@ -1938,7 +1938,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
unsigned char *iv,
@ -1973,7 +1973,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
const unsigned char *iv,
@ -2009,7 +2009,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
const uint8_t *input,
@ -2047,7 +2047,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
uint8_t *output,
@ -2080,7 +2080,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
* \p operation is not an active cipher operation.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
@ -2130,7 +2130,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -2188,7 +2188,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -2307,7 +2307,7 @@ static psa_aead_operation_t psa_aead_operation_init(void);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -2369,7 +2369,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -2406,7 +2406,7 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
unsigned char *nonce,
@ -2440,7 +2440,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
const unsigned char *nonce,
@ -2478,7 +2478,7 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
size_t ad_length,
@ -2520,7 +2520,7 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
const uint8_t *input,
@ -2592,7 +2592,7 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_update(psa_aead_operation_t *operation,
const uint8_t *input,
@ -2661,7 +2661,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
uint8_t *ciphertext,
@ -2719,7 +2719,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
uint8_t *plaintext,
@ -2754,7 +2754,7 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
* \p operation is not an active AEAD operation.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
@ -2796,7 +2796,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
@ -2840,7 +2840,7 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -2893,7 +2893,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
@ -2949,7 +2949,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
* \retval #PSA_ERROR_INVALID_PADDING
* \retval #PSA_ERROR_BAD_STATE
@ -3062,7 +3062,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void);
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
*/
psa_status_t psa_key_derivation_setup(
@ -3144,7 +3144,7 @@ psa_status_t psa_key_derivation_set_capacity(
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The value of \p step is not valid given the state of \p operation.
* \retval #PSA_ERROR_BAD_STATE
@ -3190,7 +3190,7 @@ psa_status_t psa_key_derivation_input_bytes(
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The value of \p step is not valid given the state of \p operation.
* \retval #PSA_ERROR_BAD_STATE
@ -3254,7 +3254,7 @@ psa_status_t psa_key_derivation_input_key(
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_key_derivation_key_agreement(
psa_key_derivation_operation_t *operation,
@ -3288,7 +3288,7 @@ psa_status_t psa_key_derivation_key_agreement(
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_key_derivation_output_bytes(
psa_key_derivation_operation_t *operation,
@ -3403,7 +3403,7 @@ psa_status_t psa_key_derivation_output_bytes(
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -3434,7 +3434,7 @@ psa_status_t psa_key_derivation_output_key(
* \retval #PSA_ERROR_BAD_STATE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_key_derivation_abort(
psa_key_derivation_operation_t *operation);
@ -3481,7 +3481,7 @@ psa_status_t psa_key_derivation_abort(
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
psa_key_handle_t private_key,
@ -3514,7 +3514,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -3560,7 +3560,7 @@ psa_status_t psa_generate_random(uint8_t *output,
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize

10
include/psa/crypto_extra.h
View File

@ -185,7 +185,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -283,7 +283,7 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -301,7 +301,7 @@ psa_status_t psa_set_key_policy(psa_key_handle_t handle,
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -393,7 +393,7 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle);
* The handle is to a key slot which does not contain key material yet.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
@ -413,7 +413,7 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle,
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize

2
include/psa/crypto_se_driver.h
View File

@ -756,7 +756,7 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key);
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key,
uint8_t *p_data,

4
include/psa/crypto_values.h
View File

@ -162,7 +162,7 @@
*
* This error indicates that some persistent storage is corrupted.
* It should not be used for a corruption of volatile memory
* (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
* (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error
* between the cryptoprocessor and its external storage (use
* #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
* in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
@ -218,7 +218,7 @@
* This error indicates an attack against the application. Implementations
* shall not return this error code as a consequence of the behavior of
* the application itself. */
#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)-151)
#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
/** There is not enough entropy to generate random data needed
* for the requested action.

10
library/psa_crypto.c
View File

@ -202,7 +202,7 @@ static psa_status_t mbedtls_to_psa_error( int ret )
case MBEDTLS_ERR_CIPHER_AUTH_FAILED:
return( PSA_ERROR_INVALID_SIGNATURE );
case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
return( PSA_ERROR_TAMPERING_DETECTED );
return( PSA_ERROR_CORRUPTION_DETECTED );
case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
@ -311,7 +311,7 @@ static psa_status_t mbedtls_to_psa_error( int ret )
return( PSA_ERROR_INVALID_ARGUMENT );
case MBEDTLS_ERR_RSA_PUBLIC_FAILED:
case MBEDTLS_ERR_RSA_PRIVATE_FAILED:
return( PSA_ERROR_TAMPERING_DETECTED );
return( PSA_ERROR_CORRUPTION_DETECTED );
case MBEDTLS_ERR_RSA_VERIFY_FAILED:
return( PSA_ERROR_INVALID_SIGNATURE );
case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
@ -588,7 +588,7 @@ static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve,
size_t data_length,
mbedtls_ecp_keypair **p_ecp )
{
psa_status_t status = PSA_ERROR_TAMPERING_DETECTED;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_keypair *ecp = NULL;
mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
@ -637,7 +637,7 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve,
size_t data_length,
mbedtls_ecp_keypair **p_ecp )
{
psa_status_t status = PSA_ERROR_TAMPERING_DETECTED;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_keypair *ecp = NULL;
mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
@ -901,7 +901,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{
/* Shouldn't happen: the key type is not any type that we
* put in. */
return( PSA_ERROR_TAMPERING_DETECTED );
return( PSA_ERROR_CORRUPTION_DETECTED );
}
return( PSA_SUCCESS );

2
library/psa_crypto_core.h
View File

@ -68,7 +68,7 @@ typedef struct
* \retval PSA_SUCCESS
* Success. This includes the case of a key slot that was
* already fully wiped.
* \retval PSA_ERROR_TAMPERING_DETECTED
* \retval PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );

2
library/psa_crypto_slot_management.c
View File

@ -129,7 +129,7 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
{