yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-28 23:36:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

RSA blinding: check highly unlikely cases

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-10-04 15:18:38 +02:00 committed by Paul Bakker
parent 971f8b84bb
commit 4d89c7e184
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
library/rsa.c
View file

@ -267,7 +267,7 @@ cleanup:
static int rsa_prepare_blinding( rsa_context *ctx, static int rsa_prepare_blinding( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
int ret; int ret, count = 0;
if( ctx->Vf.p != NULL ) if( ctx->Vf.p != NULL )
{ {
@ -280,8 +280,14 @@ static int rsa_prepare_blinding( rsa_context *ctx,
return( 0 ); return( 0 );
} }
/* Unblinding value: Vf = random number */ /* Unblinding value: Vf = random number, invertible mod N */
MPI_CHK( mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); do {
if( count++ > 10 )
return( POLARSSL_ERR_RSA_RNG_FAILED );
MPI_CHK( mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) );
MPI_CHK( mpi_gcd( &ctx->Vi, &ctx->Vf, &ctx->N ) );
} while( mpi_cmp_int( &ctx->Vi, 1 ) != 0 );
/* Blinding value: Vi = Vf^(-e) mod N */ /* Blinding value: Vi = Vf^(-e) mod N */
MPI_CHK( mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) ); MPI_CHK( mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) );