From 89f5af84affc07f01d2bae3797a2bd97dd3786b7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 18 Apr 2024 06:54:32 +0200 Subject: [PATCH 1/3] adjust_legacy_crypto: enable ASN1_[PARSE|WRITE]_C when RSA_C RSA needs ASN1 functions to parse/write private and public keys, but there is no guards in the code for that. So we need to enable ASN1 support whenever RSA is enabled. Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 9b06041228..e477c0796a 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -293,6 +293,14 @@ #define MBEDTLS_ECP_LIGHT #endif +/* Backward compatibility: after #8740 the RSA module offers functions to parse + * and write RSA private/public keys without relying on the PK one. Of course + * this needs ASN1 support to do so, so we enable it here. */ +#if defined(MBEDTLS_RSA_C) +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#endif + /* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in Mbed TLS version 3.5, while * in previous version compressed points were automatically supported as long * as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward From ce86865258cb4cafc56db21dfea9399774310bf0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 19 Apr 2024 09:37:17 +0200 Subject: [PATCH 2/3] add changelog Signed-off-by: Valerio Setti --- ChangeLog.d/asn1-missing-guard-in-rsa.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/asn1-missing-guard-in-rsa.txt diff --git a/ChangeLog.d/asn1-missing-guard-in-rsa.txt b/ChangeLog.d/asn1-missing-guard-in-rsa.txt new file mode 100644 index 0000000000..613bdc5d87 --- /dev/null +++ b/ChangeLog.d/asn1-missing-guard-in-rsa.txt @@ -0,0 +1,3 @@ +Bugfix + * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C is automatically enabled + as soon as MBEDTLS_RSA_C is enabled. Fixes #9041. From ec3b90f34851cfb3918c563e822dbf18e5430c6a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 19 Apr 2024 11:09:56 +0200 Subject: [PATCH 3/3] changelog: fix text Signed-off-by: Valerio Setti --- ChangeLog.d/asn1-missing-guard-in-rsa.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/asn1-missing-guard-in-rsa.txt b/ChangeLog.d/asn1-missing-guard-in-rsa.txt index 613bdc5d87..bb5b470881 100644 --- a/ChangeLog.d/asn1-missing-guard-in-rsa.txt +++ b/ChangeLog.d/asn1-missing-guard-in-rsa.txt @@ -1,3 +1,3 @@ Bugfix - * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C is automatically enabled + * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C are now automatically enabled as soon as MBEDTLS_RSA_C is enabled. Fixes #9041.