Simplify padding check and get rid of psa_sig_md in rsa_decrypt_wrap()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index d5d57aa..c4d715c 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -227,24 +227,14 @@
int key_len;
unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES];
mbedtls_pk_info_t pk_info = mbedtls_rsa_info;
- psa_algorithm_t psa_sig_md;
((void) f_rng);
((void) p_rng);
#if !defined(MBEDTLS_RSA_ALT)
- switch( rsa->padding )
- {
- case MBEDTLS_RSA_PKCS_V15:
- psa_sig_md = PSA_ALG_RSA_PKCS1V15_CRYPT;
- break;
-
- default:
- return( MBEDTLS_ERR_RSA_INVALID_PADDING );
- }
-#else
- psa_sig_md = PSA_ALG_RSA_PKCS1V15_CRYPT;
-#endif
+ if( rsa->padding != MBEDTLS_RSA_PKCS_V15 )
+ return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+#endif /* !MBEDTLS_RSA_ALT */
if( ilen != mbedtls_rsa_get_len( rsa ) )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@@ -259,7 +249,7 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
- psa_set_key_algorithm( &attributes, psa_sig_md );
+ psa_set_key_algorithm( &attributes, PSA_ALG_RSA_PKCS1V15_CRYPT );
status = psa_import_key( &attributes,
buf + sizeof( buf ) - key_len, key_len,
@@ -270,8 +260,10 @@
goto cleanup;
}
- status = psa_asymmetric_decrypt( key_id, psa_sig_md, input, ilen,
- NULL, 0, output, osize, olen );
+ status = psa_asymmetric_decrypt( key_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
+ input, ilen,
+ NULL, 0,
+ output, osize, olen );
if( status != PSA_SUCCESS )
{
ret = mbedtls_pk_error_from_psa_rsa( status );