fpsensor: Change crypto functions to return error code instead of result code

EC_RES_SUCCESS and EC_RES_ERROR are meant to be returned in EC command handler to represent command result, so change crypto functions to return EC_SUCCESS and EC error codes instead. BRANCH=nocturne BUG=none TEST=make -j buildall TEST=tested enrollment, matching, deletion and multifinger on nocturne DUT Change-Id: Ia98fa7469ab4e5dba00ede19dd34c5007d17b054 Signed-off-by: Yicheng Li <yichengli@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1715512 Reviewed-by: Nicolas Norvez <norvez@chromium.org>
author: Yicheng Li <yichengli@chromium.org> 2019-07-24 17:38:23 -0700
committer: Commit Bot <commit-bot@chromium.org> 2019-07-26 20:49:01 +0000
commit: 30ab5997d7aed6c71943c9779544792695f4608f (patch)
tree: 9c3ce75fbde3e4f8f83a752f159a9553971614a5 /common/fpsensor
parent: 9ff89625dc098838a60ace547b2db4ebb27dee41 (diff)
download: chrome-ec-30ab5997d7aed6c71943c9779544792695f4608f.tar.gz
2 files changed, 21 insertions, 21 deletions
diff --git a/common/fpsensor/fpsensor.c b/common/fpsensor/fpsensor.c
index 98ac892d18..facdd3c1bb 100644
--- a/common/fpsensor/fpsensor.c
+++ b/common/fpsensor/fpsensor.c
@@ -419,7 +419,7 @@ static int fp_command_frame(struct host_cmd_handler_args *args)
 		exit_trng();
 
 		ret = derive_encryption_key(key, enc_info->salt);
-		if (ret != EC_RES_SUCCESS) {
+		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to derive key", fgr);
 			return EC_RES_UNAVAILABLE;
 		}
@@ -429,7 +429,7 @@ static int fp_command_frame(struct host_cmd_handler_args *args)
 				      sizeof(fp_template[0]),
 				      enc_info->nonce, FP_CONTEXT_NONCE_BYTES,
 				      enc_info->tag, FP_CONTEXT_TAG_BYTES);
-		if (ret != EC_RES_SUCCESS) {
+		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to encrypt template", fgr);
 			return EC_RES_UNAVAILABLE;
 		}
@@ -507,7 +507,7 @@ static int fp_command_template(struct host_cmd_handler_args *args)
 			return EC_RES_INVALID_PARAM;
 		}
 		ret = derive_encryption_key(key, enc_info->salt);
-		if (ret != EC_RES_SUCCESS) {
+		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to derive key", idx);
 			return EC_RES_UNAVAILABLE;
 		}
@@ -517,7 +517,7 @@ static int fp_command_template(struct host_cmd_handler_args *args)
 				      sizeof(fp_template[0]),
 				      enc_info->nonce, FP_CONTEXT_NONCE_BYTES,
 				      enc_info->tag, FP_CONTEXT_TAG_BYTES);
-		if (ret != EC_RES_SUCCESS) {
+		if (ret != EC_SUCCESS) {
 			CPRINTS("fgr%d: Failed to decipher template", idx);
 			/* Don't leave bad data in the template buffer */
 			fp_clear_finger_context(idx);
diff --git a/common/fpsensor/fpsensor_crypto.c b/common/fpsensor/fpsensor_crypto.c
index 3a5a8b251c..6385b7116d 100644
--- a/common/fpsensor/fpsensor_crypto.c
+++ b/common/fpsensor/fpsensor_crypto.c
@@ -22,7 +22,7 @@ static int get_ikm(uint8_t *ikm)
 
 	if (!fp_tpm_seed_is_set()) {
 		CPRINTS("Seed hasn't been set.");
-		return EC_RES_ERROR;
+		return EC_ERROR_ACCESS_DENIED;
 	}
 
 	/*
@@ -32,7 +32,7 @@ static int get_ikm(uint8_t *ikm)
 	ret = rollback_get_secret(ikm);
 	if (ret != EC_SUCCESS) {
 		CPRINTS("Failed to read rollback secret: %d", ret);
-		return EC_RES_ERROR;
+		return EC_ERROR_HW_INTERNAL;
 	}
 	/*
 	 * IKM is the concatenation of the rollback secret and the seed from
@@ -40,7 +40,7 @@ static int get_ikm(uint8_t *ikm)
 	 */
 	memcpy(ikm + CONFIG_ROLLBACK_SECRET_SIZE, tpm_seed, sizeof(tpm_seed));
 
-	return EC_RES_SUCCESS;
+	return EC_SUCCESS;
 }
 
 static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size,
@@ -63,12 +63,12 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	if (out_key_size > SHA256_DIGEST_SIZE) {
 		CPRINTS("Deriving key material longer than SHA256_DIGEST_SIZE "
 			"requires more steps of HKDF expand.");
-		return EC_RES_ERROR;
+		return EC_ERROR_INVAL;
 	}
 
 	if (info_size > SHA256_DIGEST_SIZE) {
 		CPRINTS("Info size too big for HKDF.");
-		return EC_RES_ERROR;
+		return EC_ERROR_INVAL;
 	}
 
 	memcpy(message_buf, info, info_size);
@@ -79,7 +79,7 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	memcpy(out_key, key_buf, out_key_size);
 	memset(key_buf, 0, sizeof(key_buf));
 
-	return EC_RES_SUCCESS;
+	return EC_SUCCESS;
 }
 
 int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
@@ -93,9 +93,9 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 	BUILD_ASSERT(sizeof(user_id) == SHA256_DIGEST_SIZE);
 
 	ret = get_ikm(ikm);
-	if (ret != EC_RES_SUCCESS) {
+	if (ret != EC_SUCCESS) {
 		CPRINTS("Failed to get IKM: %d", ret);
-		return EC_RES_ERROR;
+		return ret;
 	}
 
 	/* "Extract step of HKDF. */
@@ -126,13 +126,13 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size,
 
 	if (nonce_size != FP_CONTEXT_NONCE_BYTES) {
 		CPRINTS("Invalid nonce size %d bytes", nonce_size);
-		return EC_RES_INVALID_PARAM;
+		return EC_ERROR_INVAL;
 	}
 
 	res = AES_set_encrypt_key(key, 8 * key_size, &aes_key);
 	if (res) {
 		CPRINTS("Failed to set encryption key: %d", res);
-		return EC_RES_ERROR;
+		return EC_ERROR_UNKNOWN;
 	}
 	CRYPTO_gcm128_init(&ctx, &aes_key, (block128_f)AES_encrypt, 0);
 	CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_size);
@@ -141,10 +141,10 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size,
 				    text_size);
 	if (!res) {
 		CPRINTS("Failed to encrypt: %d", res);
-		return EC_RES_ERROR;
+		return EC_ERROR_UNKNOWN;
 	}
 	CRYPTO_gcm128_tag(&ctx, tag, tag_size);
-	return EC_RES_SUCCESS;
+	return EC_SUCCESS;
 }
 
 int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
@@ -158,13 +158,13 @@ int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
 
 	if (nonce_size != FP_CONTEXT_NONCE_BYTES) {
 		CPRINTS("Invalid nonce size %d bytes", nonce_size);
-		return EC_RES_INVALID_PARAM;
+		return EC_ERROR_INVAL;
 	}
 
 	res = AES_set_encrypt_key(key, 8 * key_size, &aes_key);
 	if (res) {
 		CPRINTS("Failed to set decryption key: %d", res);
-		return EC_RES_ERROR;
+		return EC_ERROR_UNKNOWN;
 	}
 	CRYPTO_gcm128_init(&ctx, &aes_key, (block128_f)AES_encrypt, 0);
 	CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_size);
@@ -173,12 +173,12 @@ int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
 				    text_size);
 	if (!res) {
 		CPRINTS("Failed to decrypt: %d", res);
-		return EC_RES_ERROR;
+		return EC_ERROR_UNKNOWN;
 	}
 	res = CRYPTO_gcm128_finish(&ctx, tag, tag_size);
 	if (!res) {
 		CPRINTS("Found incorrect tag: %d", res);
-		return EC_RES_ERROR;
+		return EC_ERROR_UNKNOWN;
 	}
-	return EC_RES_SUCCESS;
+	return EC_SUCCESS;
 }
author	Yicheng Li <yichengli@chromium.org>	2019-07-24 17:38:23 -0700
committer	Commit Bot <commit-bot@chromium.org>	2019-07-26 20:49:01 +0000
commit	30ab5997d7aed6c71943c9779544792695f4608f (patch)
tree	9c3ce75fbde3e4f8f83a752f159a9553971614a5 /common/fpsensor
parent	9ff89625dc098838a60ace547b2db4ebb27dee41 (diff)
download	chrome-ec-30ab5997d7aed6c71943c9779544792695f4608f.tar.gz