diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 8f535a5ef..a42489eca 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -1027,14 +1027,6 @@ extern "C" { #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 #endif -/* Temporary internal migration helpers */ -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) -#define MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY -#endif - /* Temporary internal migration helpers */ #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index eb3ace5c1..b7d87fe07 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -60,25 +60,25 @@ #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \ - !(defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \ - !(defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_OAEP) && \ - !(defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PSS) && \ - !(defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #endif diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 3fe2c3e0d..4781151a1 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -97,7 +97,7 @@ int mbedtls_pk_error_from_psa(psa_status_t status) } #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) int mbedtls_pk_error_from_psa_rsa(psa_status_t status) { switch (status) { @@ -134,7 +134,7 @@ int mbedtls_pk_error_from_psa_rsa(psa_status_t status) return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } } -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY */ +#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ #endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1725,7 +1725,7 @@ static int rsa_opaque_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_RSASSA_PSS; } -#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) static int rsa_opaque_decrypt(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, @@ -1747,7 +1747,7 @@ static int rsa_opaque_decrypt(mbedtls_pk_context *pk, return 0; } -#endif /* MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ static int rsa_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, @@ -1817,11 +1817,11 @@ const mbedtls_pk_info_t mbedtls_rsa_opaque_info = { .rs_alloc_func = NULL, .rs_free_func = NULL, #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ -#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) .decrypt_func = rsa_opaque_decrypt, -#else /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ +#else /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ .decrypt_func = NULL, -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ .encrypt_func = NULL, .check_pair_func = NULL, .ctx_alloc_func = NULL, diff --git a/library/pk_wrap.h b/library/pk_wrap.h index 6f755ed97..b1e02180a 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -150,9 +150,9 @@ int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY */ +#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_RSA_C) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a2a67556d..381b6fc69 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -7346,7 +7346,7 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation( return status; } } else -#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { return PSA_ERROR_NOT_SUPPORTED; @@ -7358,7 +7358,7 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation( return PSA_ERROR_NOT_SUPPORTED; } } else -#endif /* defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) */ +#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) */ #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { diff --git a/library/psa_util.c b/library/psa_util.c index ef623168f..e07598b89 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -85,7 +85,7 @@ const mbedtls_error_pair_t psa_to_ssl_errors[] = #endif #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY) + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) const mbedtls_error_pair_t psa_to_pk_rsa_errors[] = { { PSA_SUCCESS, 0 },