cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Adapt rsa_check_privkey to deal with NO_CRT option

Browse Source
This commit is contained in:
Hanno Becker 2017-08-23 06:59:48 +01:00
parent bee3aaeb50
commit 6345dd33b9
1 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
library/rsa.c
View File

@ -1025,9 +1025,10 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
if( !ctx->P.p || !ctx->Q.p || !ctx->D.p )
return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
mbedtls_mpi_init( &PQ ); mbedtls_mpi_init( &DE ); mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &I ); mbedtls_mpi_init( &G ); mbedtls_mpi_init( &G2 );
mbedtls_mpi_init( &L1 ); mbedtls_mpi_init( &L2 ); mbedtls_mpi_init( &DP ); mbedtls_mpi_init( &DQ );
mbedtls_mpi_init( &PQ ); mbedtls_mpi_init( &DE ); mbedtls_mpi_init( &P1 );
mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &I );
mbedtls_mpi_init( &G ); mbedtls_mpi_init( &G2 ); mbedtls_mpi_init( &L1 );
mbedtls_mpi_init( &L2 ); mbedtls_mpi_init( &DP ); mbedtls_mpi_init( &DQ );
mbedtls_mpi_init( &QP );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) );
@ -1041,16 +1042,21 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &L1, &L2, &H, &G2 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &I, &DE, &L1 ) );
#if !defined(MBEDTLS_RSA_NO_CRT)
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &DP, &ctx->D, &P1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &DQ, &ctx->D, &Q1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &QP, &ctx->Q, &ctx->P ) );
#endif
/*
* Check for a valid PKCS1v2 private key
*/
if( mbedtls_mpi_cmp_mpi( &PQ, &ctx->N ) != 0 ||
#if !defined(MBEDTLS_RSA_NO_CRT)
mbedtls_mpi_cmp_mpi( &DP, &ctx->DP ) != 0 ||
mbedtls_mpi_cmp_mpi( &DQ, &ctx->DQ ) != 0 ||
mbedtls_mpi_cmp_mpi( &QP, &ctx->QP ) != 0 ||
#endif
mbedtls_mpi_cmp_int( &L2, 0 ) != 0 ||
mbedtls_mpi_cmp_int( &I, 1 ) != 0 ||
mbedtls_mpi_cmp_int( &G, 1 ) != 0 )
@ -1059,9 +1065,10 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
}
cleanup:
mbedtls_mpi_free( &PQ ); mbedtls_mpi_free( &DE ); mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 );
mbedtls_mpi_free( &H ); mbedtls_mpi_free( &I ); mbedtls_mpi_free( &G ); mbedtls_mpi_free( &G2 );
mbedtls_mpi_free( &L1 ); mbedtls_mpi_free( &L2 ); mbedtls_mpi_free( &DP ); mbedtls_mpi_free( &DQ );
mbedtls_mpi_free( &PQ ); mbedtls_mpi_free( &DE ); mbedtls_mpi_free( &P1 );
mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &H ); mbedtls_mpi_free( &I );
mbedtls_mpi_free( &G ); mbedtls_mpi_free( &G2 ); mbedtls_mpi_free( &L1 );
mbedtls_mpi_free( &L2 ); mbedtls_mpi_free( &DP ); mbedtls_mpi_free( &DQ );
mbedtls_mpi_free( &QP );
if( ret == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED )