Merge pull request #7041 from gilles-peskine-arm/pk_ext-pss_options-public

Make the fields of mbedtls_pk_rsassa_pss_options public
This commit is contained in:
Gilles Peskine 2023-02-10 15:08:06 +01:00 committed by GitHub
commit 928593f732
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 2 deletions

View file

@ -0,0 +1,4 @@
Bugfix
* Make the fields of mbedtls_pk_rsassa_pss_options public. This makes it
possible to verify RSA PSS signatures with the pk module, which was
inadvertently broken since Mbed TLS 3.0.

View file

@ -98,8 +98,24 @@ typedef enum {
* See \c mbedtls_rsa_rsassa_pss_verify_ext() * See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/ */
typedef struct mbedtls_pk_rsassa_pss_options { typedef struct mbedtls_pk_rsassa_pss_options {
mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id); /** The digest to use for MGF1 in PSS.
int MBEDTLS_PRIVATE(expected_salt_len); *
* \note When #MBEDTLS_USE_PSA_CRYPTO is enabled and #MBEDTLS_RSA_C is
* disabled, this must be equal to the \c md_alg argument passed
* to mbedtls_pk_verify_ext(). In a future version of the library,
* this constraint may apply whenever #MBEDTLS_USE_PSA_CRYPTO is
* enabled regardless of the status of #MBEDTLS_RSA_C.
*/
mbedtls_md_type_t mgf1_hash_id;
/** The expected length of the salt, in bytes. This may be
* #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
*
* \note When #MBEDTLS_USE_PSA_CRYPTO is enabled, only
* #MBEDTLS_RSA_SALT_LEN_ANY is valid. Any other value may be
* ignored (allowing any salt length).
*/
int expected_salt_len;
} mbedtls_pk_rsassa_pss_options; } mbedtls_pk_rsassa_pss_options;