From: Niels Möller Date: Sun, 13 Sep 2015 06:35:48 +0000 (+0200) Subject: Separate src and dst arguments for _rsa_blind and _rsa_unblind. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=459c9648f3f7cf8e77d321a1d30b623b3c206198;p=thirdparty%2Fnettle.git Separate src and dst arguments for _rsa_blind and _rsa_unblind. --- diff --git a/ChangeLog b/ChangeLog index 250e905d..5f0c17ac 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2015-09-13 Niels Möller + + * rsa-blind.c (_rsa_blind, _rsa_unblind): Separate source and + destination arguments. Updated callers. + 2015-09-07 Niels Möller * testsuite/rsa-sign-tr-test.c: Drop include of nettle-internal.h. diff --git a/rsa-blind.c b/rsa-blind.c index 7662f503..746ef863 100644 --- a/rsa-blind.c +++ b/rsa-blind.c @@ -39,18 +39,18 @@ #include "bignum.h" -/* Blinds the c, by computing c *= r^e (mod n), for a random r. Also +/* Blinds m, by computing c = m r^e (mod n), for a random r. Also returns the inverse (ri), for use by rsa_unblind. */ void _rsa_blind (const struct rsa_public_key *pub, void *random_ctx, nettle_random_func *random, - mpz_t c, mpz_t ri) + mpz_t c, mpz_t ri, const mpz_t m) { mpz_t r; mpz_init(r); - /* c = c*(r^e) + /* c = m*(r^e) * ri = r^(-1) */ do @@ -62,16 +62,17 @@ _rsa_blind (const struct rsa_public_key *pub, /* c = c*(r^e) mod n */ mpz_powm(r, r, pub->e, pub->n); - mpz_mul(c, c, r); + mpz_mul(c, m, r); mpz_fdiv_r(c, c, pub->n); mpz_clear(r); } -/* c *= ri mod n */ +/* m = c ri mod n */ void -_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri) +_rsa_unblind (const struct rsa_public_key *pub, + mpz_t m, const mpz_t ri, const mpz_t c) { - mpz_mul(c, c, ri); - mpz_fdiv_r(c, c, pub->n); + mpz_mul(m, c, ri); + mpz_fdiv_r(m, m, pub->n); } diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c index e28bee79..d28badd6 100644 --- a/rsa-decrypt-tr.c +++ b/rsa-decrypt-tr.c @@ -54,9 +54,9 @@ rsa_decrypt_tr(const struct rsa_public_key *pub, mpz_init_set(m, gibberish); mpz_init (ri); - _rsa_blind (pub, random_ctx, random, m, ri); + _rsa_blind (pub, random_ctx, random, m, ri, m); rsa_compute_root(key, m, m); - _rsa_unblind (pub, m, ri); + _rsa_unblind (pub, m, ri, m); mpz_clear (ri); res = pkcs1_decrypt (key->size, m, length, message); diff --git a/rsa-pkcs1-sign-tr.c b/rsa-pkcs1-sign-tr.c index f2b3e45d..896d4107 100644 --- a/rsa-pkcs1-sign-tr.c +++ b/rsa-pkcs1-sign-tr.c @@ -75,7 +75,7 @@ rsa_pkcs1_sign_tr(const struct rsa_public_key *pub, { mpz_init (ri); - _rsa_blind (pub, random_ctx, random, m, ri); + _rsa_blind (pub, random_ctx, random, m, ri, m); rsa_compute_root(key, s, m); if (rsa_verify_res(pub, s, m) == 0) @@ -86,7 +86,7 @@ rsa_pkcs1_sign_tr(const struct rsa_public_key *pub, else ret = 1; - _rsa_unblind (pub, s, ri); + _rsa_unblind (pub, s, ri, s); mpz_clear (ri); } else diff --git a/rsa.h b/rsa.h index 44d4af94..eeaeaaee 100644 --- a/rsa.h +++ b/rsa.h @@ -416,9 +416,10 @@ _rsa_check_size(mpz_t n); void _rsa_blind (const struct rsa_public_key *pub, void *random_ctx, nettle_random_func *random, - mpz_t c, mpz_t ri); + mpz_t c, mpz_t ri, const mpz_t m); void -_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri); +_rsa_unblind (const struct rsa_public_key *pub, + mpz_t m, const mpz_t ri, const mpz_t c); #ifdef __cplusplus }