Remove mode param from mbedtls_rsa_pkcs1_decrypt

The mode parameter has been removed from the
mbedtls_rsa_pkcs1_decrypt function. The change
has been progagated to all function calls,
including in test suite .function files.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 38784fc..93dd725 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -705,7 +705,7 @@
  *                 message padding.
  *
  *                 It is the generic wrapper for performing a PKCS#1 decryption
- *                 operation using the \p mode from the context.
+ *                 operation.
  *
  * \note           The output buffer length \c output_max_len should be
  *                 as large as the size \p ctx->len of \p ctx->N (for example,
@@ -714,24 +714,16 @@
  *                 hold the decryption of the particular ciphertext provided,
  *                 the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
  *
- * \deprecated     It is deprecated and discouraged to call this function
- *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
- *                 are likely to remove the \p mode argument and have it
- *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
  *
  * \note           Alternative implementations of RSA need not support
  *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
  *                 return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
  *
  * \param ctx      The initialized RSA context to use.
- * \param f_rng    The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE,
- *                 this is used for blinding and should be provided; see
- *                 mbedtls_rsa_private() for more. If \p mode is
- *                 #MBEDTLS_RSA_PUBLIC, it is ignored.
+ * \param f_rng    The RNG function. This is used for blinding and should
+ *                 be provided; see mbedtls_rsa_private() for more.
  * \param p_rng    The RNG context to be passed to \p f_rng. This may be
  *                 \c NULL if \p f_rng is \c NULL or doesn't need a context.
- * \param mode     The mode of operation. This must be either
- *                 #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
  * \param olen     The address at which to store the length of
  *                 the plaintext. This must not be \c NULL.
  * \param input    The ciphertext buffer. This must be a readable buffer
@@ -747,7 +739,7 @@
 int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
                        int (*f_rng)(void *, unsigned char *, size_t),
                        void *p_rng,
-                       int mode, size_t *olen,
+                       size_t *olen,
                        const unsigned char *input,
                        unsigned char *output,
                        size_t output_max_len );
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 3663fb8..8e4f251 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -135,7 +135,7 @@
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
-                MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
+                olen, input, output, osize ) );
 }
 
 static int rsa_encrypt_wrap( void *ctx,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c153217..8f0b62c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3171,7 +3171,6 @@
                 mbedtls_rsa_pkcs1_decrypt( rsa,
                                            mbedtls_psa_get_random,
                                            MBEDTLS_PSA_RANDOM_STATE,
-                                           MBEDTLS_RSA_PRIVATE,
                                            output_length,
                                            input,
                                            output,
diff --git a/library/rsa.c b/library/rsa.c
index 209273e..502fe86 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1763,14 +1763,12 @@
 int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
                        int (*f_rng)(void *, unsigned char *, size_t),
                        void *p_rng,
-                       int mode, size_t *olen,
+                       size_t *olen,
                        const unsigned char *input,
                        unsigned char *output,
                        size_t output_max_len)
 {
     RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
     RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
     RSA_VALIDATE_RET( input != NULL );
     RSA_VALIDATE_RET( olen != NULL );
@@ -1779,13 +1777,13 @@
     {
 #if defined(MBEDTLS_PKCS1_V15)
         case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen,
+            return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, olen,
                                                 input, output, output_max_len );
 #endif
 
 #if defined(MBEDTLS_PKCS1_V21)
         case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0,
+            return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, NULL, 0,
                                            olen, input, output,
                                            output_max_len );
 #endif
@@ -2733,7 +2731,7 @@
     if( verbose != 0 )
         mbedtls_printf( "passed\n  PKCS#1 decryption : " );
 
-    if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE,
+    if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL,
                                    &len, rsa_ciphertext, rsa_decrypted,
                                    sizeof(rsa_decrypted) ) != 0 )
     {
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index 01bf3a6..1ba8c73 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -177,7 +177,7 @@
     fflush( stdout );
 
     ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random,
-                                            &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i,
+                                            &ctr_drbg, &i,
                                             buf, result, 1024 );
     if( ret != 0 )
     {
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 9408bb8..b81bd7b 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -66,7 +66,6 @@
 {
     return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
                                        mbedtls_test_rnd_std_rand, NULL,
-                                       MBEDTLS_RSA_PRIVATE,
                                        olen, input, output, output_max_len ) );
 }
 int mbedtls_rsa_sign_func( void *ctx,
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 273c604..b03bdda 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -89,7 +89,6 @@
         TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
                                                 &mbedtls_test_rnd_pseudo_rand,
                                                 &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
                                                 &output_len, message_str->x,
                                                 NULL, 0 ) == result );
     }
@@ -97,7 +96,7 @@
     {
         TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
                                                 &mbedtls_test_rnd_pseudo_rand,
-                                                &rnd_info, MBEDTLS_RSA_PRIVATE,
+                                                &rnd_info,
                                                 &output_len, message_str->x,
                                                 output, 1000 ) == result );
         if( result == 0 )
@@ -211,7 +210,7 @@
     memcpy( final, default_content, sizeof( final ) );
     TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
                                             &mbedtls_test_rnd_pseudo_rand,
-                                            &rnd_info, MBEDTLS_RSA_PRIVATE, &output_length,
+                                            &rnd_info, &output_length,
                                             intermediate, final,
                                             output_size ) == expected_result );
     if( expected_result == 0 )
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 97f440d..2e7f339 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -85,7 +85,6 @@
         TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
                                                 &mbedtls_test_rnd_pseudo_rand,
                                                 &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
                                                 &output_len, message_str->x,
                                                 NULL, 0 ) == result );
     }
@@ -94,7 +93,6 @@
         TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
                                                 &mbedtls_test_rnd_pseudo_rand,
                                                 &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
                                                 &output_len, message_str->x,
                                                 output,
                                                 sizeof( output ) ) == result );
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 516b3a0..1313f55 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -180,23 +180,19 @@
 
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
                             mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
-                                                       valid_mode, &olen,
+                                                       &olen,
                                                        buf, buf, 42 ) );
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
                             mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       invalid_mode, &olen,
+                                                       NULL,
                                                        buf, buf, 42 ) );
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
                             mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, NULL,
-                                                       buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, &olen,
+                                                       &olen,
                                                        NULL, buf, 42 ) );
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
                             mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, &olen,
+                                                       &olen,
                                                        buf, NULL, 42 ) );
 
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
@@ -823,7 +819,7 @@
     output_len = 0;
 
     TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
-                                            &rnd_info, MBEDTLS_RSA_PRIVATE,
+                                            &rnd_info,
                                             &output_len, message_str->x, output,
                                             max_output ) == result );
     if( result == 0 )
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 234ef45..04ea69b 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -12,8 +12,7 @@
                        size_t output_max_len )
 {
     return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL,
-                               MBEDTLS_RSA_PRIVATE, olen,
-                               input, output, output_max_len ) );
+                                        olen, input, output, output_max_len ) );
 }
 int mbedtls_rsa_sign_func( void *ctx,
                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,