TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 68d9cbca97aa9aaf495318904096f8a2a15e90cd^! / . / library
commit68d9cbca97aa9aaf495318904096f8a2a15e90cd[log] [tgz]
authorThomas Daubney <thomas.daubney@arm.com>Tue May 18 18:45:09 2021 +0100
committerThomas Daubney <thomas.daubney@arm.com>Tue May 18 20:14:32 2021 +0100
tree2ff67ba7d72d801b9f1c5beda7cebd51b58390e5
parent613d1a4fb7ce0a4c172b5f30e0b1220594ca0a9b [diff]
Removes mode param from mbedtls_rsa_pkcs1_verify

Commit removes mode parameter from
mbedtls_rsa_pkcs1_verify and propagates the
change throughout the codebase.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index b536b66..c351113 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c

@@ -90,8 +90,8 @@
     if( sig_len < rsa_len )
         return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
 
-    if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, MBEDTLS_RSA_PUBLIC,
-                                          md_alg, (unsigned int) hash_len,
+    if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, md_alg,
+                                          (unsigned int) hash_len,
                                           hash, sig ) ) != 0 )
         return( ret );
 

diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 25157d2..11c9ab2 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c

@@ -490,7 +490,6 @@
         mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
                                  MBEDTLS_MD_NONE );
         ret = mbedtls_rsa_pkcs1_verify( rsa,
-                                        MBEDTLS_RSA_PUBLIC,
                                         md_alg,
                                         (unsigned int) hash_length,
                                         hash,

diff --git a/library/rsa.c b/library/rsa.c
index ba164ff..4619f02 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -2414,15 +2414,12 @@
  * Do an RSA operation and check the message digest
  */
 int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
-                      int mode,
                       mbedtls_md_type_t md_alg,
                       unsigned int hashlen,
                       const unsigned char *hash,
                       const unsigned char *sig )
 {
     RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
     RSA_VALIDATE_RET( sig != NULL );
     RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
                         hashlen == 0 ) ||
@@ -2432,13 +2429,13 @@
     {
 #if defined(MBEDTLS_PKCS1_V15)
         case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, mode, md_alg,
+            return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg,
                                                 hashlen, hash, sig );
 #endif
 
 #if defined(MBEDTLS_PKCS1_V21)
         case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, mode, md_alg,
+            return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg,
                                           hashlen, hash, sig );
 #endif
 
@@ -2705,8 +2702,7 @@
     if( verbose != 0 )
         mbedtls_printf( "passed\n  PKCS#1 sig. verify: " );
 
-    if( mbedtls_rsa_pkcs1_verify( &rsa,
-                                  MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0,
+    if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA1, 0,
                                   sha1sum, rsa_ciphertext ) != 0 )
     {
         if( verbose != 0 )