From 4f3262de2d88358e7115bd40b83295895620364a Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 19 Mar 2024 15:43:25 +0100
Subject: [PATCH] pk_wrap: fix algorithm selection in rsa_opaque_sign_wrap()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/pk_wrap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 256863a5a5..98b4f9a4e2 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -1508,10 +1508,11 @@ static int rsa_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg
     }
 
     type = psa_get_key_type(&attributes);
+    alg = psa_get_key_algorithm(&attributes);
     psa_reset_key_attributes(&attributes);
 
     if (PSA_KEY_TYPE_IS_RSA(type)) {
-        alg = PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_md_psa_alg_from_type(md_alg));
+        alg = (alg & ~PSA_ALG_HASH_MASK) | mbedtls_md_psa_alg_from_type(md_alg);
     } else {
         return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
     }