commit acd2d0e92389a7e64a7d8d1b7d3e1d2077124dfb
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Oct 04 18:10:38 2021 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Tue Oct 05 14:26:25 2021 +0200
tree d909b50406c22cbef4a1b8fb565b6a9e79e6fdfb
parent 8135cb9e072cb693727a786a871e3a1299e5a295

New algorithm PSA_ALG_RSA_PSS_ANY_SALT

This is a variant of PSA_ALG_RSA_PSS which currently has exactly the same
behavior, but is intended to have a different behavior when verifying
signatures.

In a subsequent commit, PSA_ALG_RSA_PSS will change to requiring the salt
length to be what it would produce when signing, as is currently documented,
whereas PSA_ALG_RSA_PSS_ANY_SALT will retain the current behavior of
allowing any salt length (including 0).

Changes in this commit:

* New algorithm constructor PSA_ALG_RSA_PSS_ANY_SALT.
* New predicates PSA_ALG_IS_RSA_PSS_STANDARD_SALT (corresponding to
  PSA_ALG_RSA_PSS) and PSA_ALG_IS_RSA_PSS_ANY_SALT (corresponding to
  PSA_ALG_RSA_PSS_ANY_SALT).
* Support for the new predicates in macro_collector.py (needed for
  generate_psa_constant_names).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

scripts/mbedtls_dev/macro_collector.py

diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py
index bd2d296..bf82f13 100644
--- a/scripts/mbedtls_dev/macro_collector.py
+++ b/scripts/mbedtls_dev/macro_collector.py
@@ -250,6 +250,8 @@
         suffix = name[len(prefix):]
         if suffix in ['DSA', 'ECDSA']:
             midfix += 'RANDOMIZED_'
+        elif suffix == 'RSA_PSS':
+            suffix += '_STANDARD_SALT'
         return prefix + midfix + suffix
 
     def record_algorithm_subtype(self, name: str, expansion: str) -> None: