AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Removes mode param from mbedtls_rsa_rsaes_pkcs1_v15_encrypt

Browse Source 
Removal of mode parameter from
mbedtls_rsa_rsaes_pkcs1_v15_encrypt. This commit
propagates the change to all relevant function calls
and tests.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2021-05-13 18:26:49 +01:00
parent 69a8c3809e
commit 53e4ac64b7
3 changed files with 26 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/mbedtls/rsa.h
View File

@ -605,25 +605,15 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
* \brief This function performs a PKCS#1 v1.5 encryption operation
* (RSAES-PKCS1-v1_5-ENCRYPT).
*
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
* are likely to remove the \p mode argument and have it
* implicitly set to #MBEDTLS_RSA_PUBLIC.
*
* \note Alternative implementations of RSA need not support
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
*
* \param ctx The initialized RSA context to use.
* \param f_rng The RNG function to use. It is needed for padding generation
* if \p mode is #MBEDTLS_RSA_PUBLIC. If \p mode is
* #MBEDTLS_RSA_PRIVATE (discouraged), it is used for
* blinding and should be provided; see mbedtls_rsa_private().
* \param f_rng The RNG function to use. It is needed for padding generation.
* \param p_rng The RNG context to be passed to \p f_rng. This may
* be \c NULL if \p f_rng is \c NULL or if \p f_rng
* doesn't need a context argument.
* \param mode The mode of operation. This must be either
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable
* buffer of size \p ilen Bytes. It may be \c NULL if
@ -638,7 +628,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t ilen,
size_t ilen,
const unsigned char *input,
unsigned char *output );

54
library/rsa.c
View File

@ -1244,8 +1244,7 @@ exit:
*/
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t ilen,
void *p_rng, size_t ilen,
const unsigned char *input,
unsigned char *output )
{
@ -1254,14 +1253,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
unsigned char *p = output;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( output != NULL );
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len;
/* first comparison checks for overflow */
@ -1271,43 +1265,32 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
nb_pad = olen - 3 - ilen;
*p++ = 0;
if( mode == MBEDTLS_RSA_PUBLIC )
if( f_rng == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
*p++ = MBEDTLS_RSA_CRYPT;
while( nb_pad-- > 0 )
{
if( f_rng == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
int rng_dl = 100;
*p++ = MBEDTLS_RSA_CRYPT;
do {
ret = f_rng( p_rng, p, 1 );
} while( *p == 0 && --rng_dl && ret == 0 );
while( nb_pad-- > 0 )
{
int rng_dl = 100;
/* Check if RNG failed to generate data */
if( rng_dl == 0 || ret != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
do {
ret = f_rng( p_rng, p, 1 );
} while( *p == 0 && --rng_dl && ret == 0 );
/* Check if RNG failed to generate data */
if( rng_dl == 0 || ret != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
p++;
}
}
else
{
*p++ = MBEDTLS_RSA_SIGN;
while( nb_pad-- > 0 )
*p++ = 0xFF;
p++;
}
*p++ = 0;
if( ilen != 0 )
memcpy( p, input, ilen );
return( ( mode == MBEDTLS_RSA_PUBLIC )
? mbedtls_rsa_public( ctx, output, output )
: mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
return( mbedtls_rsa_public( ctx, output, output ) );
}
#endif /* MBEDTLS_PKCS1_V15 */
@ -1330,8 +1313,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
#if defined(MBEDTLS_PKCS1_V15)
case MBEDTLS_RSA_PKCS_V15:
return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng,
MBEDTLS_RSA_PUBLIC, ilen,
input, output );
ilen, input, output );
#endif
#if defined(MBEDTLS_PKCS1_V21)

18
tests/suites/test_suite_rsa.function
View File

@ -116,22 +116,16 @@ void rsa_invalid_param( )
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
NULL,
MBEDTLS_RSA_PUBLIC,
sizeof( buf ), buf,
buf ) );
NULL, sizeof( buf ),
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
NULL,
MBEDTLS_RSA_PUBLIC,
sizeof( buf ), NULL,
buf ) );
NULL, sizeof( buf ),
NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
NULL,
MBEDTLS_RSA_PUBLIC,
sizeof( buf ), buf,
NULL ) );
NULL, sizeof( buf ),
buf, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,