diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8cb5bb1a75..f42ba58933 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3025,18 +3025,6 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, signature, signature_length ); } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) -static int psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, - mbedtls_rsa_context *rsa ) -{ - psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - - return( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ) ); -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, @@ -3122,80 +3110,14 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, goto exit; } - if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - mbedtls_rsa_context *rsa = NULL; - status = mbedtls_psa_rsa_load_representation( slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) - goto exit; + psa_key_attributes_t attributes = { + .core = slot->attr + }; - if( input_length != mbedtls_rsa_get_len( rsa ) ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto rsa_exit; - } -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || - * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - - if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) - status = mbedtls_to_psa_error( - mbedtls_rsa_pkcs1_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - output_length, - input, - output, - output_size ) ); -#else - status = PSA_ERROR_NOT_SUPPORTED; -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ - } - else - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - status = mbedtls_to_psa_error( - psa_rsa_oaep_set_padding_mode( alg, rsa ) ); - if( status != PSA_SUCCESS ) - goto rsa_exit; - - status = mbedtls_to_psa_error( - mbedtls_rsa_rsaes_oaep_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - salt, salt_length, - output_length, - input, - output, - output_size ) ); -#else - status = PSA_ERROR_NOT_SUPPORTED; -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ - } - else - { - status = PSA_ERROR_INVALID_ARGUMENT; - } - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) -rsa_exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || - * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - } - else - { - status = PSA_ERROR_NOT_SUPPORTED; - } + status = psa_driver_wrapper_asymmetric_decrypt( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, salt, salt_length, + output, output_size, output_length ); exit: unlock_status = psa_unlock_key_slot( slot );