commit 4c32b69f3724b0bc5fc1dd1d7885a61d26022957
author Gilles Peskine <Gilles.Peskine@arm.com> Fri Feb 16 00:11:09 2024 +0100
committer Gilles Peskine <Gilles.Peskine@arm.com> Mon Feb 26 08:50:38 2024 +0100
tree 7518318bd90c47bc4f07fe00866a898c5d73f7ca
parent 6a2c400b8c690e0e9db0ac784dac2ae03a6aa45d

Ignore domain parameters in RSA key generation

Remove the ability to select a custom public exponent via domain parameters
in RSA key generation. The only way to select a custom public exponent is
now to pass custom production parameters to psa_generate_key_ext().

A subsequent commit will remove domain parameters altogether from the API,
thus this commit does not bother to update the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e9061f5..159b3c5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7576,11 +7576,8 @@
          * that mbedtls_psa_rsa_generate_key() gets e via a new
          * parameter instead. */
         psa_key_attributes_t override_attributes = *attributes;
-        if (params_data_length != 0) {
-            override_attributes.domain_parameters_size = params_data_length;
-            override_attributes.domain_parameters = (uint8_t *) &params->data;
-        }
         return mbedtls_psa_rsa_generate_key(&override_attributes,
+                                            params, params_data_length,
                                             key_buffer,
                                             key_buffer_size,
                                             key_buffer_length);