Don't break the rsa context abstraction

This would fail on alternative implementation.
2025-09-01 05:01:58 +03:00 · 2018-06-29 17:49:35 +02:00
parent 3ff2162d14
commit 630a18a51e
1 changed files with 6 additions and 6 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1774,7 +1774,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
    if( status != PSA_SUCCESS )
        return( status );

-    if( signature_size < rsa->len )
+    if( signature_size < mbedtls_rsa_get_len( rsa ) )
        return( PSA_ERROR_BUFFER_TOO_SMALL );

    /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
@@ -1822,7 +1822,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
    }

    if( ret == 0 )
-        *signature_length = rsa->len;
+        *signature_length = mbedtls_rsa_get_len( rsa );
    return( mbedtls_to_psa_error( ret ) );
 }

@@ -1841,7 +1841,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
    if( status != PSA_SUCCESS )
        return( status );

-    if( signature_length < rsa->len )
+    if( signature_length < mbedtls_rsa_get_len( rsa ) )
        return( PSA_ERROR_BUFFER_TOO_SMALL );

 #if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
@@ -2124,7 +2124,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
    {
        mbedtls_rsa_context *rsa = slot->data.rsa;
        int ret;
-        if( output_size < rsa->len )
+        if( output_size < mbedtls_rsa_get_len( rsa ) )
            return( PSA_ERROR_INVALID_ARGUMENT );
 #if defined(MBEDTLS_PKCS1_V15)
        if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
@@ -2150,7 +2150,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
            return( PSA_ERROR_INVALID_ARGUMENT );
        }
        if( ret == 0 )
-            *output_length = rsa->len;
+            *output_length = mbedtls_rsa_get_len( rsa );
        return( mbedtls_to_psa_error( ret ) );
    }
    else
@@ -2189,7 +2189,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
        mbedtls_rsa_context *rsa = slot->data.rsa;
        int ret;

-        if( input_length != rsa->len )
+        if( input_length != mbedtls_rsa_get_len( rsa ) )
            return( PSA_ERROR_INVALID_ARGUMENT );

 #if defined(MBEDTLS_PKCS1_V15)