Error codes for hardware accelerator failures #1303
Conversation
|
While we are working on this, I would also think adding |
|
@RonEld Shouldn't this be a job for the higher-level modules (cipher, md, pk)? |
|
@gilles-peskine-arm I don't think so. IMHO, I am talking about errors that should be returned by the alternative implementations, in case they don't support a specific feature. But, this could wait. |
include/mbedtls/error.h
Outdated
| @@ -75,11 +78,11 @@ | |||
| * X509 2 20 | |||
| * PKCS5 2 4 (Started from top) | |||
| * DHM 3 9 | |||
There was a problem hiding this comment.
Didn't adding MBEDTLS_ERR_DHM_HW_ACCEL_FAILED increase the DHM error count by 1?
There was a problem hiding this comment.
Indeed. Thanks, fixed.
| "SHA1", "SHA256", "SHA512", "GCM", "THREADING", "CCM" ); | ||
| my @high_level_modules = ( "PEM", "X509", "DHM", "RSA", "ECP", "MD", "CIPHER", "SSL", | ||
| "PK", "PKCS12", "PKCS5" ); | ||
| my @low_level_modules = qw( AES ARC4 ASN1 BASE64 BIGNUM BLOWFISH |
There was a problem hiding this comment.
Thanks for cleaning up this list! However I'd have preferred a separate commit for the cleanup rather than mixing cleanup and adding new modules to that list. (As far as I'm concerned, don't bother rewriting history for that, just saying for the future.)
There was a problem hiding this comment.
You're right, I rushed this through. Since the PR needs updating anyway and it doesn't have a complicated history, I can rewrite the history while I'm at it, if it's ok with you.
There was a problem hiding this comment.
Sure, feel free to clean up the history!
include/mbedtls/error.h
Outdated
| * XTEA 1 0x0028-0x0028 | ||
| * AES 4 0x0020-0x0022 0x0023-0x0025 | ||
| * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 | ||
| * XTEA 1 0x0028-0x0028 0x0029-0x0029 |
There was a problem hiding this comment.
Please update the Nr column from 1 to 2.
include/mbedtls/ecjpake.h
Outdated
| @@ -44,6 +44,8 @@ | |||
| #include "ecp.h" | |||
| #include "md.h" | |||
|
|
|||
| #define MBEDTLS_ERR_ECJPAKE_HW_ACCEL_FAILED -0x0078 /**< ECJPAKE hardware accelerator failed */ | |||
There was a problem hiding this comment.
Treating ECJPAKE as a low-level module it inconsistent with the fact that it's built on top of ECP which is considered a high-level module (due to the fact that it build on top of MPI I guess).
Now I realise that in practice that distinction mostly matters because so that we can do this in high-level modules:
ret = some_low_level_function();
if( ret != 0 )
ret += my_high_level_code;
and in practice I don't see than happening here, but it still bothers me to have a low-level module based on a "high-level" one.
Now I also realise we don't have enough spots left for high-level module any more, and so far we've cheated by deciding that modules based on ECP use error codes in the ECP namespace (which is why we have such things as MBEDTLS_ERR_ECP_VERIFY_FAILED rather than having it in ECDSA. So far most errors returned by ECJPAKE functions live in the ECP namespace too.
So I understand there may not be any good solution here in our current system, but I'm not really happy with adding low-level error codes fro ECJPAKE.
There was a problem hiding this comment.
Note: what I'm suggesting is that alternative implementation of ECJPAKE use the ECP error code, just like alt ECDH implementations do.
There was a problem hiding this comment.
Ugh. That's a good point. Indeed, it's annoying. @hanno-arm ECJPAKE_HW_ACCEL_FAILED is to complement #1304 . What do you think of Manuel's proposal to use ECP_HW_ACCEL_FAILED?
There was a problem hiding this comment.
@gilles-peskine-arm @mpg I support Manuel's proposal of using ECP_HW_ACCEL_FAILED. I think that while perhaps not optimal, having modules based on ECP use error codes from the ECP namespace -- thereby effectively collapsing the namespaces from there because our allocation of error codes doesn't allow to step 'one level up' -- is still cleaner than using low-level codes.
There was a problem hiding this comment.
@sbutcher-arm verbally approved using ECP_HW_ACCEL_FAILED for ECJPAKE, so I'll withdraw the ECJPAKE_HW_ACCEL_FAILED error code.
1b5045c to
728197b
Compare
|
@mpg @hanno-arm @AndrzejKurek @RonEld I rewrote the history to split out the list sorting in |
|
Looks fine to me. |
include/mbedtls/aes.h
Outdated
| #define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available, e.g. unsupported AES key size. */ | ||
| #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed */ |
There was a problem hiding this comment.
Dot missing at the end, here and in the rest of the PR.
There was a problem hiding this comment.
I amended and force-pushed a version with dots at the end. The previous commit is at https://github.com/gilles-peskine-arm/mbedtls/tree/err_hw_failed-2
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography modules where the software implementation can be replaced by a hardware implementation. This does not include the individual message digest modules since they currently have no way to return error codes. This does include the higher-level md, cipher and pk modules since alternative implementations and even algorithms can be plugged in at runtime.
728197b to
7ecab3d
Compare
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
modules where the software implementation can be replaced by a hardware
implementation.
This does not include the individual message digest modules since they
currently have no way to return error codes. That part is done in #1294
This does include the higher-level md, cipher and pk modules since
alternative implementations and even algorithms can be plugged in at
runtime.
[added by mpg]: no backports required, hardware acceleration is a new feature
Internal reference: IOTSSL-2039