From 6958355a51582875c851586924662c1c7801261c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 10 Jun 2022 12:46:46 +0200
Subject: [PATCH] Use PSA Crypto more often in pk_verify_ext()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See https://github.com/Mbed-TLS/mbedtls/issues/5277 - strategy 1.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 library/pk.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/library/pk.c b/library/pk.c
index 8dc19ef99..1ae041db8 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -482,9 +482,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
     pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( pss_opts->mgf1_hash_id == md_alg &&
-        ( (size_t) pss_opts->expected_salt_len == hash_len ||
-            pss_opts->expected_salt_len  == MBEDTLS_RSA_SALT_LEN_ANY ) )
+    if( pss_opts->mgf1_hash_id == md_alg )
     {
         /* see RSA_PUB_DER_MAX_BYTES in pkwrite.c */
         unsigned char buf[ 38 + 2 * MBEDTLS_MPI_MAX_SIZE ];
@@ -497,10 +495,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
         psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
         mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
         psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-        psa_algorithm_t psa_sig_alg =
-            ( pss_opts->expected_salt_len == MBEDTLS_RSA_SALT_LEN_ANY ?
-                                 PSA_ALG_RSA_PSS_ANY_SALT(psa_md_alg) :
-                                 PSA_ALG_RSA_PSS(psa_md_alg) );
+        psa_algorithm_t psa_sig_alg = PSA_ALG_RSA_PSS_ANY_SALT( psa_md_alg );
         p = buf + sizeof( buf );
         key_len = mbedtls_pk_write_pubkey( &p, buf, ctx );