generate_key: define a structure type for RSA extra parameters

include/psa/crypto.h

@@ -2407,6 +2407,15 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 psa_status_t psa_generate_random(uint8_t *output,
                                  size_t output_size);
 
+/** Extra parameters for RSA key generation.
+ *
+ * You may pass a pointer to a structure of this type as the `extra`
+ * parameter to psa_generate_key().
+ */
+typedef struct {
+    uint32_t e; /**! Public exponent value. Default: 65537. */
+} psa_generate_key_extra_rsa;
+
 /**
  * \brief Generate a key or key pair.
  *
@@ -2432,7 +2441,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  *
  * Type | Parameter type | Meaning | Parameters used if `extra == NULL`
  * ---- | -------------- | ------- | ---------------------------------------
- * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537
+ * `PSA_KEY_TYPE_RSA_KEYPAIR` | #psa_generate_key_extra_rsa | Public exponent | 65537
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_NOT_SUPPORTED

library/psa_crypto.c

@@ -3012,12 +3012,16 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
             return( PSA_ERROR_NOT_SUPPORTED );
         if( extra != NULL )
         {
-            const unsigned *p = extra;
+            const psa_generate_key_extra_rsa *p = extra;
             if( extra_size != sizeof( *p ) )
                 return( PSA_ERROR_INVALID_ARGUMENT );
-            if( *p > INT_MAX )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            exponent = *p;
+#if INT_MAX < 0xffffffff
+            /* Check that the uint32_t value passed by the caller fits
+             * in the range supported by this implementation. */
+            if( p->e > INT_MAX )
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+            exponent = p->e;
         }
         rsa = mbedtls_calloc( 1, sizeof( *rsa ) );
         if( rsa == NULL )