Mbed-TLS · PLAJ-se · Mar 6, 2026
diff --git a/ChangeLog.d/rsassa-pss-parsing.txt b/ChangeLog.d/rsassa-pss-parsing.txt
@@ -0,0 +1,2 @@
+Changes
+    * Certificates and CSRs containing rsassaPss keys can now be parsed
diff --git a/framework b/framework
diff --git a/library/oid.c b/library/oid.c
@@ -509,6 +509,10 @@ static const oid_pk_alg_t oid_pk_alg[] =
         OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_RSA,           "rsaEncryption",    "RSA"),
         MBEDTLS_PK_RSA,
     },
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_RSASSA_PSS,          "rsassaPss",        "RSA"),
+        MBEDTLS_PK_RSASSA_PSS,
+    },
     {
         OID_DESCRIPTOR(MBEDTLS_OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey",   "Generic EC key"),
         MBEDTLS_PK_ECKEY,

diff --git a/library/pk.c b/library/pk.c
@@ -112,6 +112,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)
     switch (pk_type) {
 #if defined(MBEDTLS_RSA_C)
         case MBEDTLS_PK_RSA:
+        case MBEDTLS_PK_RSASSA_PSS:
             return &mbedtls_rsa_info;
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)

diff --git a/library/pkparse.c b/library/pkparse.c
@@ -553,11 +553,14 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
     }
 
 #if defined(MBEDTLS_RSA_C)
-    if (pk_alg == MBEDTLS_PK_RSA) {
+    if (pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS) {
         ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), *p, (size_t) (end - *p));
         if (ret == 0) {
             /* On success all the input has been consumed by the parsing function. */
             *p += end - *p;
+            if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+                ret = mbedtls_rsa_set_padding(mbedtls_pk_rsa(*pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE);
+            }
         } else if ((ret <= MBEDTLS_ERR_ASN1_OUT_OF_DATA) &&
                    (ret >= MBEDTLS_ERR_ASN1_BUF_TOO_SMALL)) {
             /* In case of ASN1 error codes add MBEDTLS_ERR_PK_INVALID_PUBKEY. */

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
@@ -194,6 +194,10 @@ X509 CRT information Parsing IPv4 and IPv6 IP names
 depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C
 x509_cert_info:"../framework/data_files/server5-tricky-ip-san.crt.der":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS Tricky IP SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS Tricky IP SAN\nissued  on        \: 2023-06-05 11\:30\:36\nexpires on        \: 2033-06-02 11\:30\:36\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    iPAddress \: 97.98.99.100\n    iPAddress \: 6162\:6364\:2E65\:7861\:6D70\:6C65\:2E63\:6F6D\n"
 
+X509 CRT information Parsing rsassaPss key
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V21
+x509_cert_info:"../framework/data_files/parse_input/rsassaPss.crt":"cert. version     \: 3\nserial number     \: 1C\:25\:76\:52\:CB\:53\:23\:0B\:E9\:3E\:29\:71\:CA\:04\:84\:62\:9D\:58\:35\:A4\nissuer name       \: CN=rsapss key\nsubject name      \: CN=rsapss key\nissued  on        \: 2026-01-23 09\:58\:47\nexpires on        \: 2026-02-22 09\:58\:47\nsigned using      \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x20)\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
+
 X509 SAN parsing otherName
 depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256
 x509_parse_san:"../framework/data_files/parse_input/server5-othername.crt.der":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n":0
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		Changes
		* Certificates and CSRs containing rsassaPss keys can now be parsed
+22 −0		data_files/parse_input/rsassaPss.crt
+3 −3		psasim/src/aut_psa_key_agreement.c
+7 −4		psasim/src/psa_sim_serialise.pl
+0 −9		scripts/assemble_changelog.py
+8 −0		scripts/check_names.py
+1 −1		scripts/generate_test_code.py
+13 −3		scripts/mbedtls_framework/c_wrapper_generator.py
+22 −2		scripts/mbedtls_framework/config_macros.py
+182 −0		scripts/mbedtls_framework/generate_files_helper.py
+13 −7		scripts/mbedtls_framework/test_case.py
+30 −5		scripts/mbedtls_framework/test_data_generation.py
+1 −1		tests/include/test/arguments.h
+1 −0		tests/include/test/asn1_helpers.h
+2 −0		tests/include/test/bignum_codepath_check.h
+1 −1		tests/include/test/bignum_helpers.h
+1 −1		tests/include/test/constant_flow.h
+1 −1		tests/include/test/fake_external_rng_for_test.h
+14 −6		tests/include/test/helpers.h
+16 −1		tests/include/test/macros.h
+2 −1		tests/include/test/memory.h
+2 −0		tests/include/test/pk_helpers.h
+1 −0		tests/include/test/psa_crypto_helpers.h
+1 −0		tests/include/test/psa_exercise_key.h
+2 −0		tests/include/test/psa_helpers.h
+2 −0		tests/include/test/psa_memory_poisoning_wrappers.h
+1 −1		tests/include/test/random.h
+34 −0		tests/include/test/test_common.h
+1 −7		tests/include/test/threading_helpers.h
+12 −10		tests/programs/metatest.c
+26 −0		tests/src/helpers.c
+1 −1		tests/src/pk_helpers.c
+206 −0		util/generate_mldsa_tests.py
+5 −0		util/requirements.txt
+18 −0		util/scripts_path.py