commit 62d452baac5b3c5c6e999c53983db58a72d2505f
author Neil Armstrong <narmstrong@baylibre.com> Tue Apr 12 15:11:49 2022 +0200
committer Neil Armstrong <narmstrong@baylibre.com> Tue Apr 12 15:11:49 2022 +0200
tree a08e4f9094ff828268c6829ba2799e807ab9f84b
parent 7624a5ae5eade9b6253bca518c576791ed2524d5

Implement PK Opaque RSA PSS signature

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>

library/pk.c

diff --git a/library/pk.c b/library/pk.c
index e238911..5f8cbc2 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -545,6 +545,33 @@
     if( ! mbedtls_pk_can_do( ctx, pk_type ) )
         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 
+    if( pk_type == MBEDTLS_PK_RSASSA_PSS &&
+        mbedtls_pk_get_type( ctx ) == MBEDTLS_PK_OPAQUE )
+    {
+#if defined(MBEDTLS_RSA_C)
+        const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx->pk_ctx;
+        psa_status_t status;
+
+        /* PSA has its own RNG */
+        (void) f_rng;
+        (void) p_rng;
+
+        psa_md_alg = mbedtls_psa_translate_md( md_alg );
+        if( psa_md_alg == 0 )
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+        status = psa_sign_hash( *key, PSA_ALG_RSA_PSS( psa_md_alg ),
+                                hash, hash_len,
+                                sig, sig_size, sig_len );
+        if( status != PSA_SUCCESS )
+            return( mbedtls_pk_error_from_psa_rsa( status ) );
+
+        return 0;
+#else
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_RSA_C */
+    }
+
     if( pk_type != MBEDTLS_PK_RSASSA_PSS )
     {
         return( mbedtls_pk_sign( ctx, md_alg, hash, hash_len,