psa: Use psa_status_t in psa_key_agreement_ecdh()

Patater · Patater · commit 0c72f83f9a5f · 2019-01-10T20:25:55.000Z
Use the PSA-native status type in psa_key_agreement_ecdh() in
preparation for us calling PSA functions (and not just Mbed TLS
functions) and still being able to return a psa_status_t (without having
to translate it to a Mbed TLS error and then back again).
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
@@ -4043,46 +4043,49 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
     mbedtls_pk_context pk;
     mbedtls_ecp_keypair *their_key = NULL;
     mbedtls_ecdh_context ecdh;
-    int ret;
+    psa_status_t status;
     mbedtls_ecdh_init( &ecdh );
     mbedtls_pk_init( &pk );
 
-    ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length );
-    if( ret != 0 )
+    status = mbedtls_to_psa_error(
+        mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ) );
+    if( status != PSA_SUCCESS )
         goto exit;
     switch( mbedtls_pk_get_type( &pk ) )
     {
         case MBEDTLS_PK_ECKEY:
         case MBEDTLS_PK_ECKEY_DH:
             break;
         default:
-            ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+            status = PSA_ERROR_INVALID_ARGUMENT;
             goto exit;
     }
     their_key = mbedtls_pk_ec( pk );
     if( their_key->grp.id != our_key->grp.id )
     {
-        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        status = PSA_ERROR_INVALID_ARGUMENT;
         goto exit;
     }
 
-    ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS );
-    if( ret != 0 )
+    status = mbedtls_to_psa_error(
+        mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) );
+    if( status != PSA_SUCCESS )
         goto exit;
-    ret = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS );
-    if( ret != 0 )
+    status = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS );
+    if( status != PSA_SUCCESS )
         goto exit;
 
-    ret = mbedtls_ecdh_calc_secret( &ecdh,
-                                    shared_secret_length,
-                                    shared_secret, shared_secret_size,
-                                    mbedtls_ctr_drbg_random,
-                                    &global_data.ctr_drbg );
+    status = mbedtls_to_psa_error(
+        mbedtls_ecdh_calc_secret( &ecdh,
+                                  shared_secret_length,
+                                  shared_secret, shared_secret_size,
+                                  mbedtls_ctr_drbg_random,
+                                  &global_data.ctr_drbg ) );
 
 exit:
     mbedtls_pk_free( &pk );
     mbedtls_ecdh_free( &ecdh );
-    return( mbedtls_to_psa_error( ret ) );
+    return( status );
 }
 #endif /* MBEDTLS_ECDH_C */
 
