Removes mode param from mbedtls_rsa_rsassa_pss_verify_ext
Commit removes the mode parameter
from the mbedtls_rsa_rsassa_pss_verify_ext
function. This change is propagated
throughout the codebase.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 3f453f6..2c2af3f 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -1080,8 +1080,6 @@
* \note The \p hash_id in the RSA context is ignored.
*
* \param ctx The initialized RSA public key context to use.
- * \param mode The mode of operation. This must be either
- * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
* \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest.
@@ -1102,7 +1100,6 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
- int mode,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
diff --git a/library/pk.c b/library/pk.c
index 65a4d0c..06021e2 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -367,11 +367,10 @@
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
- MBEDTLS_RSA_PUBLIC,
- md_alg, (unsigned int) hash_len, hash,
- pss_opts->mgf1_hash_id,
- pss_opts->expected_salt_len,
- sig );
+ md_alg, (unsigned int) hash_len, hash,
+ pss_opts->mgf1_hash_id,
+ pss_opts->expected_salt_len,
+ sig );
if( ret != 0 )
return( ret );
diff --git a/library/rsa.c b/library/rsa.c
index db684c8..14eb920 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -2147,7 +2147,6 @@
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function
*/
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
- int mode,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
@@ -2168,24 +2167,17 @@
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
RSA_VALIDATE_RET( ctx != NULL );
- RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
- mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( sig != NULL );
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
hashlen == 0 ) ||
hash != NULL );
- if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
- return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
siglen = ctx->len;
if( siglen < 16 || siglen > sizeof( buf ) )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
- ret = ( mode == MBEDTLS_RSA_PUBLIC )
- ? mbedtls_rsa_public( ctx, sig, buf )
- : mbedtls_rsa_private( ctx, NULL, NULL, sig, buf );
+ ret = mbedtls_rsa_public( ctx, sig, buf );
if( ret != 0 )
return( ret );
@@ -2312,7 +2304,6 @@
: md_alg;
return( mbedtls_rsa_rsassa_pss_verify_ext( ctx,
- MBEDTLS_RSA_PUBLIC,
md_alg, hashlen, hash,
mgf1_hash_id,
MBEDTLS_RSA_SALT_LEN_ANY,
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index c52edcb..8f22f20 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -248,10 +248,9 @@
hash_len, hash_result,
result_str->x ) == result_simple );
- TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC,
- msg_digest_id, hash_len, hash_result,
- mgf_hash, salt_len,
- result_str->x ) == result_full );
+ TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, msg_digest_id, hash_len,
+ hash_result, mgf_hash, salt_len,
+ result_str->x ) == result_full );
exit:
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index b822ed9..442e857 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -334,26 +334,22 @@
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_verify_ext( NULL,
- MBEDTLS_RSA_PUBLIC,
0, sizeof( buf ),
buf,
0, 0,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
- MBEDTLS_RSA_PUBLIC,
0, sizeof( buf ),
NULL, 0, 0,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
- MBEDTLS_RSA_PUBLIC,
0, sizeof( buf ),
buf, 0, 0,
NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
- MBEDTLS_RSA_PUBLIC,
MBEDTLS_MD_SHA1,
0, NULL,
0, 0,