Don't break the rsa context abstraction
This would fail on alternative implementation.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9988ec0..af0b2f6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1774,7 +1774,7 @@
if( status != PSA_SUCCESS )
return( status );
- if( signature_size < rsa->len )
+ if( signature_size < mbedtls_rsa_get_len( rsa ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
/* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
@@ -1822,7 +1822,7 @@
}
if( ret == 0 )
- *signature_length = rsa->len;
+ *signature_length = mbedtls_rsa_get_len( rsa );
return( mbedtls_to_psa_error( ret ) );
}
@@ -1841,7 +1841,7 @@
if( status != PSA_SUCCESS )
return( status );
- if( signature_length < rsa->len )
+ if( signature_length < mbedtls_rsa_get_len( rsa ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
@@ -2124,7 +2124,7 @@
{
mbedtls_rsa_context *rsa = slot->data.rsa;
int ret;
- if( output_size < rsa->len )
+ if( output_size < mbedtls_rsa_get_len( rsa ) )
return( PSA_ERROR_INVALID_ARGUMENT );
#if defined(MBEDTLS_PKCS1_V15)
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
@@ -2150,7 +2150,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
}
if( ret == 0 )
- *output_length = rsa->len;
+ *output_length = mbedtls_rsa_get_len( rsa );
return( mbedtls_to_psa_error( ret ) );
}
else
@@ -2189,7 +2189,7 @@
mbedtls_rsa_context *rsa = slot->data.rsa;
int ret;
- if( input_length != rsa->len )
+ if( input_length != mbedtls_rsa_get_len( rsa ) )
return( PSA_ERROR_INVALID_ARGUMENT );
#if defined(MBEDTLS_PKCS1_V15)