From fb81c0ec2efbe0ec73990e010ece6be9e9634cae Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 24 Aug 2017 06:55:11 +0100
Subject: [PATCH] Guard primality checks in RSA module by MBEDTLS_GENPRIME

Primality testing is guarded by the configuration flag MBEDTLS_GENPRIME and used in the new RSA helper functions. This
commit adds a corresponding preprocessor directive.
---
 library/rsa.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/rsa.c b/library/rsa.c
index 2976b71c2..72f661061 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -361,6 +361,7 @@ int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
      * Step 1: If PRNG provided, check that P and Q are prime
      */
 
+#if defined(MBEDTLS_GENPRIME)
     if( f_rng != NULL && P != NULL &&
         ( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 )
     {
@@ -372,6 +373,10 @@ int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
     {
         goto cleanup;
     }
+#else
+    ((void) f_rng);
+    ((void) p_rng);
+#endif /* MBEDTLS_GENPRIME */
 
     /*
      * Step 2: Check that N = PQ
@@ -571,6 +576,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx,
     }
     else if( d_missing )
     {
+#if defined(MBEDTLS_GENPRIME)
         /* If a PRNG is provided, check if P, Q are prime. */
         if( f_rng != NULL  &&
             ( ( ret = mbedtls_mpi_is_prime( &ctx->P, f_rng, p_rng ) ) != 0 ||
@@ -578,6 +584,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx,
         {
             return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
         }
+#endif /* MBEDTLS_GENPRIME */
 
         /* Compute N if missing. */
         if( !have_N &&