secure_storage: its: improve return codes

Instead of returning storage-related error codes, return ones which
make it clear that it's not about the storage itself.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>

subsys/secure_storage/include/psa/internal_trusted_storage.h

@@ -34,6 +34,7 @@
  * @param create_flags Flags indicating the properties of the entry.
  *
  * @retval PSA_SUCCESS                    The operation completed successfully.
+ * @retval PSA_ERROR_GENERIC_ERROR        An unspecified internal failure happened.
  * @retval PSA_ERROR_NOT_PERMITTED        An entry associated with the provided `uid` already
  *                                        exists and was created with `PSA_STORAGE_FLAG_WRITE_ONCE`.
  * @retval PSA_ERROR_NOT_SUPPORTED        One or more of the flags provided in `create_flags`
@@ -63,6 +64,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid, size_t data_length,
  * @param[out] p_data_length On success, the number of bytes placed in `p_data`.
  *
  * @retval PSA_SUCCESS                The operation completed successfully.
+ * @retval PSA_ERROR_GENERIC_ERROR    An unspecified internal failure happened.
  * @retval PSA_ERROR_INVALID_ARGUMENT One or more of the arguments are invalid. This can also
  *                                    happen if `data_offset` is larger than the size of the data
  *                                    associated with `uid`.
@@ -87,6 +89,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid, size_t data_offset,
  *                    be populated with the metadata on success.
  *
  * @retval PSA_SUCCESS                The operation completed successfully.
+ * @retval PSA_ERROR_GENERIC_ERROR    An unspecified internal failure happened.
  * @retval PSA_ERROR_INVALID_ARGUMENT One or more of the arguments are invalid.
  * @retval PSA_ERROR_DOES_NOT_EXIST   The provided `uid` was not found in the storage.
  * @retval PSA_ERROR_STORAGE_FAILURE  The physical storage has failed (fatal error).

subsys/secure_storage/src/its/implementation.c

@@ -56,9 +56,8 @@ static psa_status_t get_stored_data(
 		if (ret != PSA_ERROR_DOES_NOT_EXIST) {
 			log_failed_operation("retrieve", "from", ret);
 		}
-		return ret;
 	}
-	return PSA_SUCCESS;
+	return ret;
 }
 
 static psa_status_t transform_stored_data(
@@ -73,7 +72,7 @@ static psa_status_t transform_stored_data(
 						      data_size, data, data_len, create_flags);
 	if (ret != PSA_SUCCESS) {
 		log_failed_operation("transform", "from", ret);
-		return PSA_ERROR_STORAGE_FAILURE;
+		return PSA_ERROR_GENERIC_ERROR;
 	}
 	return PSA_SUCCESS;
 }
@@ -141,7 +140,7 @@ static psa_status_t store_entry(secure_storage_its_uid_t uid, size_t data_length
 						    stored_data, &stored_data_len);
 	if (ret != PSA_SUCCESS) {
 		log_failed_operation("transform", "for", ret);
-		return PSA_ERROR_STORAGE_FAILURE;
+		return PSA_ERROR_GENERIC_ERROR;
 	}
 
 	ret = secure_storage_its_store_set(uid, stored_data_len, stored_data);
@@ -167,7 +166,7 @@ psa_status_t secure_storage_its_set(secure_storage_its_caller_id_t caller_id, ps
 	if (data_length > CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE) {
 		LOG_DBG("Passed data length (%zu) exceeds maximum allowed (%u).",
 			data_length, CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE);
-		return PSA_ERROR_INSUFFICIENT_STORAGE;
+		return PSA_ERROR_INVALID_ARGUMENT;
 	}
 
 	if (keep_stored_entry(its_uid, data_length, p_data, create_flags, &ret)) {
@@ -258,7 +257,9 @@ psa_status_t secure_storage_its_remove(secure_storage_its_caller_id_t caller_id,
 		return PSA_ERROR_NOT_PERMITTED;
 	}
 	/* Allow overwriting corrupted entries as well to not be stuck with them forever. */
-	if (ret == PSA_SUCCESS || ret == PSA_ERROR_STORAGE_FAILURE) {
+	if (ret == PSA_SUCCESS ||
+	    ret == PSA_ERROR_STORAGE_FAILURE ||
+	    ret == PSA_ERROR_GENERIC_ERROR) {
 		ret = secure_storage_its_store_remove(its_uid);
 		if (ret != PSA_SUCCESS) {
 			log_failed_operation("remove", "from", ret);