Merge pull request #4515 from tom-daubney-arm/remove_rsa_mode_params_2

Remove rsa mode params part 2

docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md

@@ -0,0 +1,29 @@
+Remove the mode parameter from RSA functions
+--------------------------------------------
+
+This affects all users who use the RSA encryption, decryption, sign and
+verify APIs.
+
+The RSA module no longer supports private-key operations with the public key or
+vice versa. As a consequence, RSA operation functions no longer have a mode
+parameter. If you were calling RSA operations with the normal mode (public key
+for verification or encryption, private key for signature or decryption), remove
+the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling
+RSA operations with the wrong mode, which rarely makes sense from a security
+perspective, this is no longer supported.
+
+Remove the RNG parameter from RSA verify functions
+--------------------------------------------------
+
+RSA verification functions also no longer take random generator arguments (this
+was only needed when using a private key). This affects all applications using
+the RSA verify functions.
+
+RNG is now mandatory in all RSA private key operations
+------------------------------------------------------
+
+The random generator is now mandatory for blinding in all RSA private-key
+operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`,
+`mbedtls_rsa_xxx_decrypt`) as well as for encryption
+(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer
+supported.