From 718a53db2c5bf4d615ce8e73aed3ba68fb1a8b9e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:01:35 +0100 Subject: [PATCH] Removed f_rng param from mbedtls_rsa_rsassa_pss_verify Commit removes f_rng parameter from mbedtls_rsa_rsassa_pss_verify function in preparation of mode parameter removal. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 4 ---- library/psa_crypto_rsa.c | 1 - library/rsa.c | 5 ++--- tests/suites/test_suite_rsa.function | 8 ++++---- 4 files changed, 6 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index a89c1f59bf..ab2d5a53b1 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1054,9 +1054,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA public key context to use. - * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. Otherwise, it is ignored. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1076,7 +1073,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 464e027d72..4108703909 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -502,7 +502,6 @@ static psa_status_t rsa_verify_hash( { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_verify( rsa, - mbedtls_psa_get_random, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, (unsigned int) hash_length, diff --git a/library/rsa.c b/library/rsa.c index 333747e494..99a56b799f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2297,7 +2297,6 @@ exit: * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2317,7 +2316,7 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, NULL, mode, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, NULL, mode, md_alg, hashlen, hash, mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, sig ) ); @@ -2424,7 +2423,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 41cef93832..b9d7b59004 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -315,22 +315,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL,