Try to prevent some misuse of RSA functions

fixes #331
2015-10-30 10:56:25 +01:00 · 2015-10-30 10:56:25 +01:00 · fb84d38b45
commit fb84d38b45
parent f7a4688257
2 changed files with 6 additions and 2 deletions
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@ -321,7 +321,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
 /**
 * \brief           Make signature, including padding if relevant.
 *
- * \param ctx       PK context to use
+ * \param ctx       PK context to use - must hold a private key
 * \param md_alg    Hash algorithm used (see notes)
 * \param hash      Hash of the message to sign
 * \param hash_len  Hash length or 0 (see notes)
@ -350,7 +350,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
 /**
 * \brief           Decrypt message (including padding if relevant).
 *
- * \param ctx       PK context to use
+ * \param ctx       PK context to use - must hold a private key
 * \param input     Input to decrypt
 * \param ilen      Input size
 * \param output    Decrypted output
--- a/library/rsa.c
+++ b/library/rsa.c
@ -359,6 +359,10 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
    size_t olen;
    mbedtls_mpi T, T1, T2;

+    /* Make sure we have private key info, prevent possible misuse */
+    if( ctx->P.p == NULL || ctx->Q.p == NULL || ctx->D.p == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
    mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 );

 #if defined(MBEDTLS_THREADING_C)