Merge pull request #4515 from tom-daubney-arm/remove_rsa_mode_params_2
Remove rsa mode params part 2
This commit is contained in:
commit
b7abba28e3
9
ChangeLog.d/remove-rsa-mode-parameter.txt
Normal file
9
ChangeLog.d/remove-rsa-mode-parameter.txt
Normal file
@ -0,0 +1,9 @@
|
||||
Removals
|
||||
* The RSA module no longer supports private-key operations with the public
|
||||
key and vice versa.
|
||||
API changes
|
||||
* Remove the mode parameter from RSA operation functions. Signature and
|
||||
decryption functions now always use the private key and verification and
|
||||
encryption use the public key. Verification functions also no longer have
|
||||
RNG parameters.
|
||||
* The RNG is now mandatory for all private-key RSA operations.
|
29
docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
Normal file
29
docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
Normal file
@ -0,0 +1,29 @@
|
||||
Remove the mode parameter from RSA functions
|
||||
--------------------------------------------
|
||||
|
||||
This affects all users who use the RSA encryption, decryption, sign and
|
||||
verify APIs.
|
||||
|
||||
The RSA module no longer supports private-key operations with the public key or
|
||||
vice versa. As a consequence, RSA operation functions no longer have a mode
|
||||
parameter. If you were calling RSA operations with the normal mode (public key
|
||||
for verification or encryption, private key for signature or decryption), remove
|
||||
the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling
|
||||
RSA operations with the wrong mode, which rarely makes sense from a security
|
||||
perspective, this is no longer supported.
|
||||
|
||||
Remove the RNG parameter from RSA verify functions
|
||||
--------------------------------------------------
|
||||
|
||||
RSA verification functions also no longer take random generator arguments (this
|
||||
was only needed when using a private key). This affects all applications using
|
||||
the RSA verify functions.
|
||||
|
||||
RNG is now mandatory in all RSA private key operations
|
||||
------------------------------------------------------
|
||||
|
||||
The random generator is now mandatory for blinding in all RSA private-key
|
||||
operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`,
|
||||
`mbedtls_rsa_xxx_decrypt`) as well as for encryption
|
||||
(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer
|
||||
supported.
|
@ -234,7 +234,7 @@ typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen,
|
||||
size_t output_max_len );
|
||||
typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig );
|
||||
typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
|
||||
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
|
||||
|
@ -57,8 +57,6 @@
|
||||
/*
|
||||
* RSA constants
|
||||
*/
|
||||
#define MBEDTLS_RSA_PUBLIC 0 /**< Request private key operation. */
|
||||
#define MBEDTLS_RSA_PRIVATE 1 /**< Request public key operation. */
|
||||
|
||||
#define MBEDTLS_RSA_PKCS_V15 0 /**< Use PKCS#1 v1.5 encoding. */
|
||||
#define MBEDTLS_RSA_PKCS_V21 1 /**< Use PKCS#1 v2.1 encoding. */
|
||||
@ -423,7 +421,7 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
|
||||
*
|
||||
* \param ctx The initialized RSA context used to hold the key.
|
||||
* \param f_rng The RNG function to be used for key generation.
|
||||
* This must not be \c NULL.
|
||||
* This is mandatory and must not be \c NULL.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng.
|
||||
* This may be \c NULL if \p f_rng doesn't need a context.
|
||||
* \param nbits The size of the public key in bits.
|
||||
@ -544,11 +542,9 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
|
||||
* of a PRNG.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function, used for blinding. It is discouraged
|
||||
* and deprecated to pass \c NULL here, in which case
|
||||
* blinding will be omitted.
|
||||
* \param f_rng The RNG function, used for blinding. It is mandatory.
|
||||
* \param p_rng The RNG context to pass to \p f_rng. This may be \c NULL
|
||||
* if \p f_rng is \c NULL or if \p f_rng doesn't need a context.
|
||||
* if \p f_rng doesn't need a context.
|
||||
* \param input The input buffer. This must be a readable buffer
|
||||
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||
* for an 2048-bit RSA modulus.
|
||||
@ -571,29 +567,13 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
|
||||
* operation.
|
||||
*
|
||||
* It is the generic wrapper for performing a PKCS#1 encryption
|
||||
* operation using the \p mode from the context.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
* operation.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG to use. It is mandatory for PKCS#1 v2.1 padding
|
||||
* encoding, and for PKCS#1 v1.5 padding encoding when used
|
||||
* with \p mode set to #MBEDTLS_RSA_PUBLIC. For PKCS#1 v1.5
|
||||
* padding encoding and \p mode set to #MBEDTLS_RSA_PRIVATE,
|
||||
* it is used for blinding and should be provided in this
|
||||
* case; see mbedtls_rsa_private() for more.
|
||||
* \param f_rng The RNG to use. It is used for padding generation
|
||||
* and it is mandatory.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. May be
|
||||
* \c NULL if \p f_rng is \c NULL or if \p f_rng doesn't
|
||||
* need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* \c NULL if \p f_rng doesn't need a context argument.
|
||||
* \param ilen The length of the plaintext in Bytes.
|
||||
* \param input The input data to encrypt. This must be a readable
|
||||
* buffer of size \p ilen Bytes. It may be \c NULL if
|
||||
@ -608,7 +588,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
size_t ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
@ -616,25 +596,11 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
||||
* \brief This function performs a PKCS#1 v1.5 encryption operation
|
||||
* (RSAES-PKCS1-v1_5-ENCRYPT).
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function to use. It is needed for padding generation
|
||||
* if \p mode is #MBEDTLS_RSA_PUBLIC. If \p mode is
|
||||
* #MBEDTLS_RSA_PRIVATE (discouraged), it is used for
|
||||
* blinding and should be provided; see mbedtls_rsa_private().
|
||||
* \param f_rng The RNG function to use. It is mandatory and used for
|
||||
* padding generation.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may
|
||||
* be \c NULL if \p f_rng is \c NULL or if \p f_rng
|
||||
* doesn't need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* be \c NULL if \p f_rng doesn't need a context argument.
|
||||
* \param ilen The length of the plaintext in Bytes.
|
||||
* \param input The input data to encrypt. This must be a readable
|
||||
* buffer of size \p ilen Bytes. It may be \c NULL if
|
||||
@ -649,7 +615,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
size_t ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
@ -660,22 +626,11 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
* \note The output buffer must be as large as the size
|
||||
* of ctx->N. For example, 128 Bytes if RSA-1024 is used.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initnialized RSA context to use.
|
||||
* \param f_rng The RNG function to use. This is needed for padding
|
||||
* generation and must be provided.
|
||||
* generation and is mandatory.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may
|
||||
* be \c NULL if \p f_rng doesn't need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* \param label The buffer holding the custom label to use.
|
||||
* This must be a readable buffer of length \p label_len
|
||||
* Bytes. It may be \c NULL if \p label_len is \c 0.
|
||||
@ -694,7 +649,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
const unsigned char *label, size_t label_len,
|
||||
size_t ilen,
|
||||
const unsigned char *input,
|
||||
@ -715,10 +669,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
||||
* the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. This is used for blinding and should
|
||||
* be provided; see mbedtls_rsa_private() for more.
|
||||
* \param f_rng The RNG function. This is used for blinding and is
|
||||
* mandatory; see mbedtls_rsa_private() for more.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \c NULL if \p f_rng doesn't need a context.
|
||||
* \param olen The address at which to store the length of
|
||||
* the plaintext. This must not be \c NULL.
|
||||
* \param input The ciphertext buffer. This must be a readable buffer
|
||||
@ -751,10 +705,10 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
|
||||
* the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. This is used for blinding and should
|
||||
* be provided; see mbedtls_rsa_private() for more.
|
||||
* \param f_rng The RNG function. This is used for blinding and is
|
||||
* mandatory; see mbedtls_rsa_private() for more.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \c NULL if \p f_rng doesn't need a context.
|
||||
* \param olen The address at which to store the length of
|
||||
* the plaintext. This must not be \c NULL.
|
||||
* \param input The ciphertext buffer. This must be a readable buffer
|
||||
@ -789,10 +743,10 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
|
||||
* #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. This is used for blinding and should
|
||||
* be provided; see mbedtls_rsa_private() for more.
|
||||
* \param f_rng The RNG function. This is used for blinding and is
|
||||
* mandatory.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \c NULL if \p f_rng doesn't need a context.
|
||||
* \param label The buffer holding the custom label to use.
|
||||
* This must be a readable buffer of length \p label_len
|
||||
* Bytes. It may be \c NULL if \p label_len is \c 0.
|
||||
@ -823,7 +777,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
||||
* a message digest using PKCS#1.
|
||||
*
|
||||
* It is the generic wrapper for performing a PKCS#1
|
||||
* signature using the \p mode from the context.
|
||||
* signature.
|
||||
*
|
||||
* \note The \p sig buffer must be as large as the size
|
||||
* of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
|
||||
@ -832,25 +786,11 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
||||
* mbedtls_rsa_rsassa_pss_sign() for details on
|
||||
* \p md_alg and \p hash_id.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PRIVATE.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PUBLIC and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function to use. If the padding mode is PKCS#1 v2.1,
|
||||
* this must be provided. If the padding mode is PKCS#1 v1.5 and
|
||||
* \p mode is #MBEDTLS_RSA_PRIVATE, it is used for blinding
|
||||
* and should be provided; see mbedtls_rsa_private() for more
|
||||
* more. It is ignored otherwise.
|
||||
* \param f_rng The RNG function to use. This is mandatory and
|
||||
* must not be \c NULL.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
|
||||
* if \p f_rng is \c NULL or doesn't need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
|
||||
* if \p f_rng doesn't need a context argument.
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -871,7 +811,6 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -881,24 +820,11 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
* \brief This function performs a PKCS#1 v1.5 signature
|
||||
* operation (RSASSA-PKCS1-v1_5-SIGN).
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PRIVATE.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PUBLIC and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE,
|
||||
* this is used for blinding and should be provided; see
|
||||
* mbedtls_rsa_private() for more. If \p mode is
|
||||
* #MBEDTLS_RSA_PUBLIC, it is ignored.
|
||||
* \param f_rng The RNG function. This is used for blinding and is
|
||||
* mandatory; see mbedtls_rsa_private() for more.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
|
||||
* if \p f_rng is \c NULL or doesn't need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
|
||||
* if \p f_rng doesn't need a context argument.
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -919,7 +845,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -944,7 +869,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
* #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. It must not be \c NULL.
|
||||
* \param f_rng The RNG function. It is mandatory and must not be \c NULL.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
|
||||
* if \p f_rng doesn't need a context argument.
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
@ -999,21 +924,10 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
|
||||
* the key size in bytes), this function returns
|
||||
* #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PRIVATE.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PUBLIC and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA context to use.
|
||||
* \param f_rng The RNG function. It must not be \c NULL.
|
||||
* \param f_rng The RNG function. It is mandatory and must not be \c NULL.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
|
||||
* if \p f_rng doesn't need a context argument.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -1034,7 +948,6 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -1045,29 +958,13 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
* the message digest.
|
||||
*
|
||||
* This is the generic wrapper for performing a PKCS#1
|
||||
* verification using the mode from the context.
|
||||
* verification.
|
||||
*
|
||||
* \note For PKCS#1 v2.1 encoding, see comments on
|
||||
* mbedtls_rsa_rsassa_pss_verify() about \p md_alg and
|
||||
* \p hash_id.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA public key context to use.
|
||||
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
|
||||
* this is used for blinding and should be provided; see
|
||||
* mbedtls_rsa_private() for more. Otherwise, it is ignored.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -1085,9 +982,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
*/
|
||||
int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -1097,23 +991,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
|
||||
* \brief This function performs a PKCS#1 v1.5 verification
|
||||
* operation (RSASSA-PKCS1-v1_5-VERIFY).
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA public key context to use.
|
||||
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
|
||||
* this is used for blinding and should be provided; see
|
||||
* mbedtls_rsa_private() for more. Otherwise, it is ignored.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -1131,9 +1009,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -1154,23 +1029,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
* same. If \p hash_id in the RSA context is unset,
|
||||
* the \p md_alg from the function call is used.
|
||||
*
|
||||
* \deprecated It is deprecated and discouraged to call this function
|
||||
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
|
||||
* are likely to remove the \p mode argument and have it
|
||||
* implicitly set to #MBEDTLS_RSA_PUBLIC.
|
||||
*
|
||||
* \note Alternative implementations of RSA need not support
|
||||
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead
|
||||
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
|
||||
*
|
||||
* \param ctx The initialized RSA public key context to use.
|
||||
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
|
||||
* this is used for blinding and should be provided; see
|
||||
* mbedtls_rsa_private() for more. Otherwise, it is ignored.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -1188,9 +1047,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -1209,13 +1065,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
* \note The \p hash_id in the RSA context is ignored.
|
||||
*
|
||||
* \param ctx The initialized RSA public key context to use.
|
||||
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
|
||||
* this is used for blinding and should be provided; see
|
||||
* mbedtls_rsa_private() for more. Otherwise, it is ignored.
|
||||
* \param p_rng The RNG context to be passed to \p f_rng. This may be
|
||||
* \c NULL if \p f_rng is \c NULL or doesn't need a context.
|
||||
* \param mode The mode of operation. This must be either
|
||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
|
||||
* \param md_alg The message-digest algorithm used to hash the original data.
|
||||
* Use #MBEDTLS_MD_NONE for signing raw data.
|
||||
* \param hashlen The length of the message digest.
|
||||
@ -1236,9 +1085,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
|
@ -367,11 +367,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
||||
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
|
||||
|
||||
ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
|
||||
NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
md_alg, (unsigned int) hash_len, hash,
|
||||
pss_opts->mgf1_hash_id,
|
||||
pss_opts->expected_salt_len,
|
||||
sig );
|
||||
md_alg, (unsigned int) hash_len, hash,
|
||||
pss_opts->mgf1_hash_id,
|
||||
pss_opts->expected_salt_len,
|
||||
sig );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
|
@ -90,9 +90,9 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||
if( sig_len < rsa_len )
|
||||
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
|
||||
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
|
||||
MBEDTLS_RSA_PUBLIC, md_alg,
|
||||
(unsigned int) hash_len, hash, sig ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, md_alg,
|
||||
(unsigned int) hash_len,
|
||||
hash, sig ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/* The buffer contains a valid signature followed by extra data.
|
||||
@ -120,8 +120,9 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||
|
||||
*sig_len = mbedtls_rsa_get_len( rsa );
|
||||
|
||||
return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
|
||||
md_alg, (unsigned int) hash_len, hash, sig ) );
|
||||
return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng,
|
||||
md_alg, (unsigned int) hash_len,
|
||||
hash, sig ) );
|
||||
}
|
||||
|
||||
static int rsa_decrypt_wrap( void *ctx,
|
||||
@ -149,7 +150,7 @@ static int rsa_encrypt_wrap( void *ctx,
|
||||
if( *olen > osize )
|
||||
return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
|
||||
|
||||
return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
|
||||
return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng,
|
||||
ilen, input, output ) );
|
||||
}
|
||||
|
||||
@ -770,7 +771,7 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||
if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
|
||||
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng,
|
||||
md_alg, (unsigned int) hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
|
@ -2918,7 +2918,6 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
|
||||
mbedtls_rsa_pkcs1_encrypt( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
input_length,
|
||||
input,
|
||||
output ) );
|
||||
@ -2933,7 +2932,6 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
salt, salt_length,
|
||||
input_length,
|
||||
input,
|
||||
|
@ -419,7 +419,6 @@ static psa_status_t rsa_sign_hash(
|
||||
ret = mbedtls_rsa_pkcs1_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
@ -434,7 +433,6 @@ static psa_status_t rsa_sign_hash(
|
||||
ret = mbedtls_rsa_rsassa_pss_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
@ -492,9 +490,6 @@ static psa_status_t rsa_verify_hash(
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
|
||||
MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_pkcs1_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
@ -507,9 +502,6 @@ static psa_status_t rsa_verify_hash(
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
|
||||
ret = mbedtls_rsa_rsassa_pss_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
|
171
library/rsa.c
171
library/rsa.c
@ -1156,7 +1156,6 @@ exit:
|
||||
int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
const unsigned char *label, size_t label_len,
|
||||
size_t ilen,
|
||||
const unsigned char *input,
|
||||
@ -1170,15 +1169,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
||||
mbedtls_md_context_t md_ctx;
|
||||
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( output != NULL );
|
||||
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
if( f_rng == NULL )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
@ -1232,9 +1226,7 @@ exit:
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
return( ( mode == MBEDTLS_RSA_PUBLIC )
|
||||
? mbedtls_rsa_public( ctx, output, output )
|
||||
: mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
|
||||
return( mbedtls_rsa_public( ctx, output, output ) );
|
||||
}
|
||||
#endif /* MBEDTLS_PKCS1_V21 */
|
||||
|
||||
@ -1244,8 +1236,7 @@ exit:
|
||||
*/
|
||||
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
void *p_rng, size_t ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
@ -1254,14 +1245,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
unsigned char *p = output;
|
||||
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( output != NULL );
|
||||
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
olen = ctx->len;
|
||||
|
||||
/* first comparison checks for overflow */
|
||||
@ -1271,43 +1257,32 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
nb_pad = olen - 3 - ilen;
|
||||
|
||||
*p++ = 0;
|
||||
if( mode == MBEDTLS_RSA_PUBLIC )
|
||||
|
||||
if( f_rng == NULL )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
*p++ = MBEDTLS_RSA_CRYPT;
|
||||
|
||||
while( nb_pad-- > 0 )
|
||||
{
|
||||
if( f_rng == NULL )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
int rng_dl = 100;
|
||||
|
||||
*p++ = MBEDTLS_RSA_CRYPT;
|
||||
do {
|
||||
ret = f_rng( p_rng, p, 1 );
|
||||
} while( *p == 0 && --rng_dl && ret == 0 );
|
||||
|
||||
while( nb_pad-- > 0 )
|
||||
{
|
||||
int rng_dl = 100;
|
||||
/* Check if RNG failed to generate data */
|
||||
if( rng_dl == 0 || ret != 0 )
|
||||
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
|
||||
|
||||
do {
|
||||
ret = f_rng( p_rng, p, 1 );
|
||||
} while( *p == 0 && --rng_dl && ret == 0 );
|
||||
|
||||
/* Check if RNG failed to generate data */
|
||||
if( rng_dl == 0 || ret != 0 )
|
||||
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) );
|
||||
|
||||
p++;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
*p++ = MBEDTLS_RSA_SIGN;
|
||||
|
||||
while( nb_pad-- > 0 )
|
||||
*p++ = 0xFF;
|
||||
p++;
|
||||
}
|
||||
|
||||
*p++ = 0;
|
||||
if( ilen != 0 )
|
||||
memcpy( p, input, ilen );
|
||||
|
||||
return( ( mode == MBEDTLS_RSA_PUBLIC )
|
||||
? mbedtls_rsa_public( ctx, output, output )
|
||||
: mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
|
||||
return( mbedtls_rsa_public( ctx, output, output ) );
|
||||
}
|
||||
#endif /* MBEDTLS_PKCS1_V15 */
|
||||
|
||||
@ -1317,13 +1292,11 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
size_t ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( output != NULL );
|
||||
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||
|
||||
@ -1331,14 +1304,14 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
||||
{
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
case MBEDTLS_RSA_PKCS_V15:
|
||||
return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen,
|
||||
input, output );
|
||||
return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng,
|
||||
ilen, input, output );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
case MBEDTLS_RSA_PKCS_V21:
|
||||
return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0,
|
||||
ilen, input, output );
|
||||
return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, NULL, 0,
|
||||
ilen, input, output );
|
||||
#endif
|
||||
|
||||
default:
|
||||
@ -1771,7 +1744,6 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
|
||||
static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -1787,14 +1759,12 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_md_context_t md_ctx;
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
hash != NULL );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
||||
if( ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
if( f_rng == NULL )
|
||||
@ -1895,9 +1865,7 @@ exit:
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
return( ( mode == MBEDTLS_RSA_PUBLIC )
|
||||
? mbedtls_rsa_public( ctx, sig, sig )
|
||||
: mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) );
|
||||
return mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1913,7 +1881,7 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
|
||||
int saltlen,
|
||||
unsigned char *sig )
|
||||
{
|
||||
return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg,
|
||||
return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg,
|
||||
hashlen, hash, saltlen, sig );
|
||||
}
|
||||
|
||||
@ -1924,13 +1892,12 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
|
||||
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
{
|
||||
return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg,
|
||||
return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg,
|
||||
hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig );
|
||||
}
|
||||
#endif /* MBEDTLS_PKCS1_V21 */
|
||||
@ -2076,7 +2043,6 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
|
||||
int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -2086,14 +2052,12 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
unsigned char *sig_try = NULL, *verif = NULL;
|
||||
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
hash != NULL );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||
if( ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
@ -2104,16 +2068,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
ctx->len, sig ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
* Call respective RSA primitive
|
||||
*/
|
||||
|
||||
if( mode == MBEDTLS_RSA_PUBLIC )
|
||||
{
|
||||
/* Skip verification on a public key operation */
|
||||
return( mbedtls_rsa_public( ctx, sig, sig ) );
|
||||
}
|
||||
|
||||
/* Private key operation
|
||||
*
|
||||
* In order to prevent Lenstra's attack, make the signature in a
|
||||
@ -2156,15 +2110,12 @@ cleanup:
|
||||
int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
{
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
hash != NULL );
|
||||
@ -2174,14 +2125,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
{
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
case MBEDTLS_RSA_PKCS_V15:
|
||||
return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg,
|
||||
hashlen, hash, sig );
|
||||
return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng,
|
||||
md_alg, hashlen, hash, sig );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
case MBEDTLS_RSA_PKCS_V21:
|
||||
return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg,
|
||||
hashlen, hash, sig );
|
||||
return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg,
|
||||
hashlen, hash, sig );
|
||||
#endif
|
||||
|
||||
default:
|
||||
@ -2194,9 +2145,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -2217,24 +2165,17 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
hash != NULL );
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
siglen = ctx->len;
|
||||
|
||||
if( siglen < 16 || siglen > sizeof( buf ) )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
ret = ( mode == MBEDTLS_RSA_PUBLIC )
|
||||
? mbedtls_rsa_public( ctx, sig, buf )
|
||||
: mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf );
|
||||
ret = mbedtls_rsa_public( ctx, sig, buf );
|
||||
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
@ -2344,9 +2285,6 @@ exit:
|
||||
* Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -2354,8 +2292,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
{
|
||||
mbedtls_md_type_t mgf1_hash_id;
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
@ -2365,10 +2301,11 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
? (mbedtls_md_type_t) ctx->hash_id
|
||||
: md_alg;
|
||||
|
||||
return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode,
|
||||
md_alg, hashlen, hash,
|
||||
mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY,
|
||||
sig ) );
|
||||
return( mbedtls_rsa_rsassa_pss_verify_ext( ctx,
|
||||
md_alg, hashlen, hash,
|
||||
mgf1_hash_id,
|
||||
MBEDTLS_RSA_SALT_LEN_ANY,
|
||||
sig ) );
|
||||
|
||||
}
|
||||
#endif /* MBEDTLS_PKCS1_V21 */
|
||||
@ -2378,9 +2315,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
|
||||
* Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function
|
||||
*/
|
||||
int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
@ -2391,8 +2325,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
unsigned char *encoded = NULL, *encoded_expected = NULL;
|
||||
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
@ -2400,9 +2332,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
|
||||
sig_len = ctx->len;
|
||||
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* Prepare expected PKCS1 v1.5 encoding of hash.
|
||||
*/
|
||||
@ -2422,9 +2351,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
|
||||
* Apply RSA primitive to get what should be PKCS1 encoded hash.
|
||||
*/
|
||||
|
||||
ret = ( mode == MBEDTLS_RSA_PUBLIC )
|
||||
? mbedtls_rsa_public( ctx, sig, encoded )
|
||||
: mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded );
|
||||
ret = mbedtls_rsa_public( ctx, sig, encoded );
|
||||
if( ret != 0 )
|
||||
goto cleanup;
|
||||
|
||||
@ -2461,17 +2388,12 @@ cleanup:
|
||||
* Do an RSA operation and check the message digest
|
||||
*/
|
||||
int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
mbedtls_md_type_t md_alg,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
const unsigned char *sig )
|
||||
{
|
||||
RSA_VALIDATE_RET( ctx != NULL );
|
||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||
mode == MBEDTLS_RSA_PUBLIC );
|
||||
RSA_VALIDATE_RET( sig != NULL );
|
||||
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
|
||||
hashlen == 0 ) ||
|
||||
@ -2481,14 +2403,14 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
|
||||
{
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
case MBEDTLS_RSA_PKCS_V15:
|
||||
return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg,
|
||||
hashlen, hash, sig );
|
||||
return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, md_alg,
|
||||
hashlen, hash, sig );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
case MBEDTLS_RSA_PKCS_V21:
|
||||
return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg,
|
||||
hashlen, hash, sig );
|
||||
return mbedtls_rsa_rsassa_pss_verify( ctx, md_alg,
|
||||
hashlen, hash, sig );
|
||||
#endif
|
||||
|
||||
default:
|
||||
@ -2691,7 +2613,7 @@ int mbedtls_rsa_self_test( int verbose )
|
||||
|
||||
memcpy( rsa_plaintext, RSA_PT, PT_LEN );
|
||||
|
||||
if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL,
|
||||
PT_LEN, rsa_plaintext,
|
||||
rsa_ciphertext ) != 0 )
|
||||
{
|
||||
@ -2741,7 +2663,7 @@ int mbedtls_rsa_self_test( int verbose )
|
||||
}
|
||||
|
||||
if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL,
|
||||
MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0,
|
||||
MBEDTLS_MD_SHA1, 0,
|
||||
sha1sum, rsa_ciphertext ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
@ -2754,8 +2676,7 @@ int mbedtls_rsa_self_test( int verbose )
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "passed\n PKCS#1 sig. verify: " );
|
||||
|
||||
if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL,
|
||||
MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0,
|
||||
if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA1, 0,
|
||||
sha1sum, rsa_ciphertext ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
|
@ -220,8 +220,8 @@ int main( void )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256,
|
||||
0, hash, p ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
@ -229,7 +229,7 @@ int main( void )
|
||||
buf[n ] = (unsigned char)( rsa.len >> 8 );
|
||||
buf[n + 1] = (unsigned char)( rsa.len );
|
||||
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256,
|
||||
0, hash, buf + n + 2 ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret );
|
||||
|
@ -143,8 +143,7 @@ int main( int argc, char *argv[] )
|
||||
fflush( stdout );
|
||||
|
||||
ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random,
|
||||
&ctr_drbg, MBEDTLS_RSA_PUBLIC,
|
||||
strlen( argv[1] ), input, buf );
|
||||
&ctr_drbg, strlen( argv[1] ), input, buf );
|
||||
if( ret != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n",
|
||||
|
@ -146,7 +146,7 @@ int main( int argc, char *argv[] )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
|
||||
if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256,
|
||||
20, hash, buf ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret );
|
||||
|
@ -140,8 +140,8 @@ int main( int argc, char *argv[] )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 )
|
||||
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256,
|
||||
20, hash, buf ) ) != 0 )
|
||||
{
|
||||
mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret );
|
||||
goto exit;
|
||||
|
@ -70,13 +70,13 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
|
||||
}
|
||||
int mbedtls_rsa_sign_func( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig )
|
||||
{
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx,
|
||||
mbedtls_test_rnd_std_rand, NULL, mode,
|
||||
mbedtls_test_rnd_std_rand, NULL,
|
||||
md_alg, hashlen, hash, sig ) );
|
||||
}
|
||||
size_t mbedtls_rsa_key_len_func( void *ctx )
|
||||
|
@ -36,8 +36,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
|
||||
message_str->x = NULL;
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
|
||||
&mbedtls_test_rnd_buffer_rand,
|
||||
&info, MBEDTLS_RSA_PUBLIC,
|
||||
message_str->len, message_str->x,
|
||||
&info, message_str->len,
|
||||
message_str->x,
|
||||
output ) == result );
|
||||
|
||||
if( result == 0 )
|
||||
@ -293,8 +293,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
|
||||
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
|
||||
&info, MBEDTLS_RSA_PRIVATE, digest,
|
||||
0, hash_result, output ) == result );
|
||||
&info, digest, 0, hash_result,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
|
||||
@ -334,7 +334,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
|
||||
if( mbedtls_md_info_from_type( digest ) != NULL )
|
||||
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
||||
|
@ -35,8 +35,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E,
|
||||
message_str->x = NULL;
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
|
||||
&mbedtls_test_rnd_buffer_rand,
|
||||
&info, MBEDTLS_RSA_PUBLIC,
|
||||
message_str->len, message_str->x,
|
||||
&info, message_str->len,
|
||||
message_str->x,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
@ -148,8 +148,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q,
|
||||
if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY)
|
||||
{
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
|
||||
&info, MBEDTLS_RSA_PRIVATE, digest, 0,
|
||||
hash_result, output ) == result );
|
||||
&info, digest, 0,hash_result,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len );
|
||||
@ -199,7 +199,7 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E,
|
||||
if( mbedtls_md_info_from_type( digest ) != NULL )
|
||||
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
||||
@ -244,14 +244,13 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E,
|
||||
hash_len = message_str->len;
|
||||
}
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
msg_digest_id, hash_len, hash_result,
|
||||
result_str->x ) == result_simple );
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, msg_digest_id,
|
||||
hash_len, hash_result,
|
||||
result_str->x ) == result_simple );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
||||
msg_digest_id, hash_len, hash_result,
|
||||
mgf_hash, salt_len,
|
||||
result_str->x ) == result_full );
|
||||
TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, msg_digest_id, hash_len,
|
||||
hash_result, mgf_hash, salt_len,
|
||||
result_str->x ) == result_full );
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
||||
|
@ -23,8 +23,6 @@ void rsa_invalid_param( )
|
||||
mbedtls_rsa_context ctx;
|
||||
const int valid_padding = MBEDTLS_RSA_PKCS_V21;
|
||||
const int invalid_padding = 42;
|
||||
const int valid_mode = MBEDTLS_RSA_PRIVATE;
|
||||
const int invalid_mode = 42;
|
||||
unsigned char buf[42] = { 0 };
|
||||
size_t olen;
|
||||
|
||||
@ -103,77 +101,47 @@ void rsa_invalid_param( )
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
NULL, sizeof( buf ),
|
||||
buf, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
||||
NULL,
|
||||
invalid_mode,
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
NULL, sizeof( buf ),
|
||||
NULL, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
NULL, sizeof( buf ),
|
||||
buf, NULL ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
buf, sizeof( buf ),
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
buf, sizeof( buf ),
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
NULL, sizeof( buf ),
|
||||
sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
buf, sizeof( buf ),
|
||||
sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
buf, sizeof( buf ),
|
||||
sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
@ -235,81 +203,54 @@ void rsa_invalid_param( )
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
buf ) );
|
||||
@ -337,119 +278,76 @@ void rsa_invalid_param( )
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_pkcs1_verify( NULL,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx,
|
||||
0, sizeof( buf ), NULL,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx,
|
||||
0, sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_pkcs1_verify( &ctx,
|
||||
MBEDTLS_MD_SHA1, 0, NULL,
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
||||
NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ), buf,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
|
||||
0, sizeof( buf ),
|
||||
NULL, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
|
||||
0, sizeof( buf ), buf,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
||||
NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify( NULL,
|
||||
0, sizeof( buf ),
|
||||
buf, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ),
|
||||
buf, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx,
|
||||
0, sizeof( buf ),
|
||||
NULL, buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx,
|
||||
0, sizeof( buf ),
|
||||
buf, NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify( &ctx,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
buf ) );
|
||||
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( NULL,
|
||||
0, sizeof( buf ),
|
||||
buf,
|
||||
0, 0,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
||||
invalid_mode,
|
||||
0, sizeof( buf ),
|
||||
buf,
|
||||
0, 0,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
|
||||
0, sizeof( buf ),
|
||||
NULL, 0, 0,
|
||||
buf ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
|
||||
0, sizeof( buf ),
|
||||
buf, 0, 0,
|
||||
NULL ) );
|
||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
||||
valid_mode,
|
||||
mbedtls_rsa_rsassa_pss_verify_ext( &ctx,
|
||||
MBEDTLS_MD_SHA1,
|
||||
0, NULL,
|
||||
0, 0,
|
||||
@ -524,8 +422,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
|
||||
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info, MBEDTLS_RSA_PRIVATE, digest,
|
||||
0, hash_result, output ) == result );
|
||||
&rnd_info, digest, 0, hash_result,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
|
||||
@ -565,7 +463,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
|
||||
if( mbedtls_md_info_from_type( digest ) != NULL )
|
||||
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
||||
@ -605,42 +503,14 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
|
||||
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info, MBEDTLS_RSA_PRIVATE,
|
||||
MBEDTLS_MD_NONE, hash_result->len,
|
||||
&rnd_info, MBEDTLS_MD_NONE,
|
||||
hash_result->len,
|
||||
hash_result->x, output ) == 0 );
|
||||
|
||||
|
||||
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
||||
ctx.len, result_str->len ) == 0 );
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
/* For PKCS#1 v1.5, there is an alternative way to generate signatures */
|
||||
if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
|
||||
{
|
||||
int res;
|
||||
memset( output, 0x00, sizeof( output) );
|
||||
|
||||
res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
|
||||
&mbedtls_test_rnd_pseudo_rand, &rnd_info,
|
||||
MBEDTLS_RSA_PRIVATE, hash_result->len,
|
||||
hash_result->x, output );
|
||||
|
||||
#if !defined(MBEDTLS_RSA_ALT)
|
||||
TEST_ASSERT( res == 0 );
|
||||
#else
|
||||
TEST_ASSERT( ( res == 0 ) ||
|
||||
( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
|
||||
#endif
|
||||
|
||||
if( res == 0 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
||||
ctx.len,
|
||||
result_str->len ) == 0 );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_PKCS1_V15 */
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
||||
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
||||
@ -672,7 +542,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result,
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
||||
@ -708,8 +578,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info, MBEDTLS_RSA_PUBLIC,
|
||||
message_str->len, message_str->x,
|
||||
&rnd_info, message_str->len,
|
||||
message_str->x,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
@ -748,8 +618,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
|
||||
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
|
||||
NULL, MBEDTLS_RSA_PUBLIC,
|
||||
message_str->len, message_str->x,
|
||||
NULL, message_str->len,
|
||||
message_str->x,
|
||||
output ) == result );
|
||||
if( result == 0 )
|
||||
{
|
||||
|
@ -16,11 +16,11 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
|
||||
}
|
||||
int mbedtls_rsa_sign_func( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
mbedtls_md_type_t md_alg, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig )
|
||||
{
|
||||
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode,
|
||||
md_alg, hashlen, hash, sig ) );
|
||||
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
|
||||
md_alg, hashlen, hash, sig ) );
|
||||
}
|
||||
size_t mbedtls_rsa_key_len_func( void *ctx )
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user