Use side-channel silent pkcs1 in rsa_decrypt_tr

Signed-off-by: Simo Sorce <simo@redhat.com>

diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index e4fbc5fef3a5eeb522618a0b367f7d04a2fcf6e6..dc47f8fb3d74235934f6d92fff38baee159d6aea 100644 (file)
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -37,9 +37,8 @@
 #endif
 
 #include "rsa.h"
-
-#include "bignum.h"
-#include "pkcs1.h"
+#include "rsa-internal.h"
+#include "gmp-glue.h"
 
 int
 rsa_decrypt_tr(const struct rsa_public_key *pub,
@@ -48,14 +47,22 @@ rsa_decrypt_tr(const struct rsa_public_key *pub,
               size_t *length, uint8_t *message,
               const mpz_t gibberish)
 {
-  mpz_t m;
+  TMP_GMP_DECL (m, mp_limb_t);
+  TMP_GMP_DECL (em, uint8_t);
   int res;
 
-  mpz_init_set(m, gibberish);
+  TMP_GMP_ALLOC (m, mpz_size(pub->n));
+  TMP_GMP_ALLOC (em, key->size);
+
+  res = rsa_sec_compute_root_tr (pub, key, random_ctx, random, m,
+                                 mpz_limbs_read(gibberish),
+                                 mpz_size(gibberish));
+
+  mpn_get_base256 (em, key->size, m, mpz_size(pub->n));
 
-  res = (rsa_compute_root_tr (pub, key, random_ctx, random, m, gibberish)
-        && pkcs1_decrypt (key->size, m, length, message));
+  res &= _pkcs1_sec_decrypt_variable (length, message, key->size, em);
 
-  mpz_clear(m);
+  TMP_GMP_FREE (em);
+  TMP_GMP_FREE (m);
   return res;
 }