Swap C++ comments to C for style consistency in rsa.c
This commit is contained in:
parent
8ddc93f07a
commit
0203745e23
@ -471,8 +471,7 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
|
|||||||
|
|
||||||
hlen = mbedtls_md_get_size( md_ctx->md_info );
|
hlen = mbedtls_md_get_size( md_ctx->md_info );
|
||||||
|
|
||||||
// Generate and apply dbMask
|
/* Generate and apply dbMask */
|
||||||
//
|
|
||||||
p = dst;
|
p = dst;
|
||||||
|
|
||||||
while( dlen > 0 )
|
while( dlen > 0 )
|
||||||
@ -529,7 +528,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
olen = ctx->len;
|
olen = ctx->len;
|
||||||
hlen = mbedtls_md_get_size( md_info );
|
hlen = mbedtls_md_get_size( md_info );
|
||||||
|
|
||||||
// first comparison checks for overflow
|
/* first comparison checks for overflow */
|
||||||
if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
|
if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
|
||||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||||
|
|
||||||
@ -537,15 +536,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
*p++ = 0;
|
*p++ = 0;
|
||||||
|
|
||||||
// Generate a random octet string seed
|
/* Generate a random octet string seed */
|
||||||
//
|
|
||||||
if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
|
if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
|
||||||
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
||||||
|
|
||||||
p += hlen;
|
p += hlen;
|
||||||
|
|
||||||
// Construct DB
|
/* Construct DB */
|
||||||
//
|
|
||||||
mbedtls_md( md_info, label, label_len, p );
|
mbedtls_md( md_info, label, label_len, p );
|
||||||
p += hlen;
|
p += hlen;
|
||||||
p += olen - 2 * hlen - 2 - ilen;
|
p += olen - 2 * hlen - 2 - ilen;
|
||||||
@ -555,13 +552,11 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
mbedtls_md_init( &md_ctx );
|
mbedtls_md_init( &md_ctx );
|
||||||
mbedtls_md_setup( &md_ctx, md_info, 0 );
|
mbedtls_md_setup( &md_ctx, md_info, 0 );
|
||||||
|
|
||||||
// maskedDB: Apply dbMask to DB
|
/* maskedDB: Apply dbMask to DB */
|
||||||
//
|
|
||||||
mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
|
mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
|
||||||
&md_ctx );
|
&md_ctx );
|
||||||
|
|
||||||
// maskedSeed: Apply seedMask to seed
|
/* maskedSeed: Apply seedMask to seed */
|
||||||
//
|
|
||||||
mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
|
mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
|
||||||
&md_ctx );
|
&md_ctx );
|
||||||
|
|
||||||
@ -596,7 +591,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
olen = ctx->len;
|
olen = ctx->len;
|
||||||
|
|
||||||
// first comparison checks for overflow
|
/* first comparison checks for overflow */
|
||||||
if( ilen + 11 < ilen || olen < ilen + 11 )
|
if( ilen + 11 < ilen || olen < ilen + 11 )
|
||||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||||
|
|
||||||
@ -615,8 +610,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
ret = f_rng( p_rng, p, 1 );
|
ret = f_rng( p_rng, p, 1 );
|
||||||
} while( *p == 0 && --rng_dl && ret == 0 );
|
} while( *p == 0 && --rng_dl && ret == 0 );
|
||||||
|
|
||||||
// Check if RNG failed to generate data
|
/* Check if RNG failed to generate data */
|
||||||
//
|
|
||||||
if( rng_dl == 0 || ret != 0 )
|
if( rng_dl == 0 || ret != 0 )
|
||||||
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
||||||
|
|
||||||
@ -934,8 +928,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
if( md_alg != MBEDTLS_MD_NONE )
|
if( md_alg != MBEDTLS_MD_NONE )
|
||||||
{
|
{
|
||||||
// Gather length of hash to sign
|
/* Gather length of hash to sign */
|
||||||
//
|
|
||||||
md_info = mbedtls_md_info_from_type( md_alg );
|
md_info = mbedtls_md_info_from_type( md_alg );
|
||||||
if( md_info == NULL )
|
if( md_info == NULL )
|
||||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||||
@ -955,13 +948,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
memset( sig, 0, olen );
|
memset( sig, 0, olen );
|
||||||
|
|
||||||
// Generate salt of length slen
|
/* Generate salt of length slen */
|
||||||
//
|
|
||||||
if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
|
if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
|
||||||
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
|
||||||
|
|
||||||
// Note: EMSA-PSS encoding is over the length of N - 1 bits
|
/* Note: EMSA-PSS encoding is over the length of N - 1 bits */
|
||||||
//
|
|
||||||
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
|
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
|
||||||
p += olen - hlen * 2 - 2;
|
p += olen - hlen * 2 - 2;
|
||||||
*p++ = 0x01;
|
*p++ = 0x01;
|
||||||
@ -971,21 +962,18 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
|||||||
mbedtls_md_init( &md_ctx );
|
mbedtls_md_init( &md_ctx );
|
||||||
mbedtls_md_setup( &md_ctx, md_info, 0 );
|
mbedtls_md_setup( &md_ctx, md_info, 0 );
|
||||||
|
|
||||||
// Generate H = Hash( M' )
|
/* Generate H = Hash( M' ) */
|
||||||
//
|
|
||||||
mbedtls_md_starts( &md_ctx );
|
mbedtls_md_starts( &md_ctx );
|
||||||
mbedtls_md_update( &md_ctx, p, 8 );
|
mbedtls_md_update( &md_ctx, p, 8 );
|
||||||
mbedtls_md_update( &md_ctx, hash, hashlen );
|
mbedtls_md_update( &md_ctx, hash, hashlen );
|
||||||
mbedtls_md_update( &md_ctx, salt, slen );
|
mbedtls_md_update( &md_ctx, salt, slen );
|
||||||
mbedtls_md_finish( &md_ctx, p );
|
mbedtls_md_finish( &md_ctx, p );
|
||||||
|
|
||||||
// Compensate for boundary condition when applying mask
|
/* Compensate for boundary condition when applying mask */
|
||||||
//
|
|
||||||
if( msb % 8 == 0 )
|
if( msb % 8 == 0 )
|
||||||
offset = 1;
|
offset = 1;
|
||||||
|
|
||||||
// maskedDB: Apply dbMask to DB
|
/* maskedDB: Apply dbMask to DB */
|
||||||
//
|
|
||||||
mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx );
|
mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx );
|
||||||
|
|
||||||
mbedtls_md_free( &md_ctx );
|
mbedtls_md_free( &md_ctx );
|
||||||
@ -1209,8 +1197,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
if( md_alg != MBEDTLS_MD_NONE )
|
if( md_alg != MBEDTLS_MD_NONE )
|
||||||
{
|
{
|
||||||
// Gather length of hash to sign
|
/* Gather length of hash to sign */
|
||||||
//
|
|
||||||
md_info = mbedtls_md_info_from_type( md_alg );
|
md_info = mbedtls_md_info_from_type( md_alg );
|
||||||
if( md_info == NULL )
|
if( md_info == NULL )
|
||||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||||
@ -1227,12 +1214,12 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
memset( zeros, 0, 8 );
|
memset( zeros, 0, 8 );
|
||||||
|
|
||||||
// Note: EMSA-PSS verification is over the length of N - 1 bits
|
/*
|
||||||
//
|
* Note: EMSA-PSS verification is over the length of N - 1 bits
|
||||||
|
*/
|
||||||
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
|
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
|
||||||
|
|
||||||
// Compensate for boundary condition when applying mask
|
/* Compensate for boundary condition when applying mask */
|
||||||
//
|
|
||||||
if( msb % 8 == 0 )
|
if( msb % 8 == 0 )
|
||||||
{
|
{
|
||||||
p++;
|
p++;
|
||||||
@ -1268,8 +1255,9 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
|||||||
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
|
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate H = Hash( M' )
|
/*
|
||||||
//
|
* Generate H = Hash( M' )
|
||||||
|
*/
|
||||||
mbedtls_md_starts( &md_ctx );
|
mbedtls_md_starts( &md_ctx );
|
||||||
mbedtls_md_update( &md_ctx, zeros, 8 );
|
mbedtls_md_update( &md_ctx, zeros, 8 );
|
||||||
mbedtls_md_update( &md_ctx, hash, hashlen );
|
mbedtls_md_update( &md_ctx, hash, hashlen );
|
||||||
@ -1374,8 +1362,9 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
|||||||
|
|
||||||
end = p + len;
|
end = p + len;
|
||||||
|
|
||||||
// Parse the ASN.1 structure inside the PKCS#1 v1.5 structure
|
/*
|
||||||
//
|
* Parse the ASN.1 structure inside the PKCS#1 v1.5 structure
|
||||||
|
*/
|
||||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len,
|
if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len,
|
||||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
||||||
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
|
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
|
||||||
|
Loading…
Reference in New Issue
Block a user