Add check for presence of relevant parameters in mbedtls_rsa_private

If CRT is used, check for the presence N, P, Q, D, E, DP, DQ and QP. If CRT is
not used, check for N, P, Q, D, E only.
This commit is contained in:
Hanno Becker 2017-08-25 11:03:34 +01:00
parent 603b8c62c4
commit 45037ceac5

View file

@ -1202,14 +1202,28 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
mbedtls_mpi *DQ = &ctx->DQ; mbedtls_mpi *DQ = &ctx->DQ;
#endif #endif
/* Make sure we have private key info, prevent possible misuse */ /* Sanity-check that all relevant fields are at least set,
if( ctx->P.p == NULL || ctx->Q.p == NULL || ctx->D.p == NULL ) * but don't perform a full keycheck. */
if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->Q, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->D, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->E, 0 ) == 0 )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->QP, 0 ) == 0 )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
#endif /* MBEDTLS_RSA_NO_CRT */
mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 );
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &R );
if( f_rng != NULL ) if( f_rng != NULL )
{ {
#if defined(MBEDTLS_RSA_NO_CRT) #if defined(MBEDTLS_RSA_NO_CRT)