mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 10:20:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Removes mode param from mbedtls_rsa_rsassa_pss_sign

Browse Source 
Commit removes the mode param from
mbedtls_rsa_rsassa_pss_sign and propagates
the changes throughout the codebase.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2021-05-18 17:10:04 +01:00
parent 526549854c
commit de9fdc4b12
4 changed files with 3 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/mbedtls/rsa.h
View File

@ -939,21 +939,10 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
* the key size in bytes), this function returns * the key size in bytes), this function returns
* #MBEDTLS_ERR_RSA_BAD_INPUT_DATA. * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
* *
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
* are likely to remove the \p mode argument and have it
* implicitly set to #MBEDTLS_RSA_PRIVATE.
*
* \note Alternative implementations of RSA need not support
* mode being set to #MBEDTLS_RSA_PUBLIC and might instead
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
*
* \param ctx The initialized RSA context to use. * \param ctx The initialized RSA context to use.
* \param f_rng The RNG function. It must not be \c NULL. * \param f_rng The RNG function. It must not be \c NULL.
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
* if \p f_rng doesn't need a context argument. * if \p f_rng doesn't need a context argument.
* \param mode The mode of operation. This must be either
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
* \param md_alg The message-digest algorithm used to hash the original data. * \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data. * Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest. * \param hashlen The length of the message digest.
@ -974,7 +963,6 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,

1
library/psa_crypto_rsa.c
View File

@ -433,7 +433,6 @@ static psa_status_t rsa_sign_hash(
ret = mbedtls_rsa_rsassa_pss_sign( rsa, ret = mbedtls_rsa_rsassa_pss_sign( rsa,
mbedtls_psa_get_random, mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE, MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PRIVATE,
MBEDTLS_MD_NONE, MBEDTLS_MD_NONE,
(unsigned int) hash_length, (unsigned int) hash_length,
hash, hash,

7
library/rsa.c
View File

@ -1897,13 +1897,12 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ) unsigned char *sig )
{ {
return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg,
hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig ); hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig );
} }
#endif /* MBEDTLS_PKCS1_V21 */ #endif /* MBEDTLS_PKCS1_V21 */
@ -2134,8 +2133,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
#if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_PKCS1_V21)
case MBEDTLS_RSA_PKCS_V21: case MBEDTLS_RSA_PKCS_V21:
return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg,
md_alg, hashlen, hash, sig ); hashlen, hash, sig );
#endif #endif
default: default:

4
tests/suites/test_suite_rsa.function
View File

@ -241,22 +241,18 @@ void rsa_invalid_param( )
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
MBEDTLS_RSA_PRIVATE,
0, sizeof( buf ), buf, 0, sizeof( buf ), buf,
buf ) ); buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
MBEDTLS_RSA_PRIVATE,
0, sizeof( buf ), NULL, 0, sizeof( buf ), NULL,
buf ) ); buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
MBEDTLS_RSA_PRIVATE,
0, sizeof( buf ), buf, 0, sizeof( buf ), buf,
NULL ) ); NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
MBEDTLS_RSA_PRIVATE,
MBEDTLS_MD_SHA1, MBEDTLS_MD_SHA1,
0, NULL, 0, NULL,
buf ) ); buf ) );