mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 01:20:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Removes mode param from mbedtls_rsa_rsaes_pkcs1_v15_encrypt

Browse Source 
Removal of mode parameter from
mbedtls_rsa_rsaes_pkcs1_v15_encrypt. This commit
propagates the change to all relevant function calls
and tests.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2021-05-13 18:26:49 +01:00
parent 69a8c3809e
commit 53e4ac64b7
3 changed files with 26 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/mbedtls/rsa.h
View File

@ -605,25 +605,15 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
* \brief This function performs a PKCS#1 v1.5 encryption operation * \brief This function performs a PKCS#1 v1.5 encryption operation
* (RSAES-PKCS1-v1_5-ENCRYPT). * (RSAES-PKCS1-v1_5-ENCRYPT).
* *
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
* are likely to remove the \p mode argument and have it
* implicitly set to #MBEDTLS_RSA_PUBLIC.
*
* \note Alternative implementations of RSA need not support * \note Alternative implementations of RSA need not support
* mode being set to #MBEDTLS_RSA_PRIVATE and might instead * mode being set to #MBEDTLS_RSA_PRIVATE and might instead
* return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
* *
* \param ctx The initialized RSA context to use. * \param ctx The initialized RSA context to use.
* \param f_rng The RNG function to use. It is needed for padding generation * \param f_rng The RNG function to use. It is needed for padding generation.
* if \p mode is #MBEDTLS_RSA_PUBLIC. If \p mode is
* #MBEDTLS_RSA_PRIVATE (discouraged), it is used for
* blinding and should be provided; see mbedtls_rsa_private().
* \param p_rng The RNG context to be passed to \p f_rng. This may * \param p_rng The RNG context to be passed to \p f_rng. This may
* be \c NULL if \p f_rng is \c NULL or if \p f_rng * be \c NULL if \p f_rng is \c NULL or if \p f_rng
* doesn't need a context argument. * doesn't need a context argument.
* \param mode The mode of operation. This must be either
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes. * \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable * \param input The input data to encrypt. This must be a readable
* buffer of size \p ilen Bytes. It may be \c NULL if * buffer of size \p ilen Bytes. It may be \c NULL if
@ -638,7 +628,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );

26
library/rsa.c
View File

@ -1244,8 +1244,7 @@ exit:
*/ */
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng, size_t ilen,
int mode, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
@ -1254,14 +1253,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
unsigned char *p = output; unsigned char *p = output;
RSA_VALIDATE_RET( ctx != NULL ); RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( output != NULL ); RSA_VALIDATE_RET( output != NULL );
RSA_VALIDATE_RET( ilen == 0 || input != NULL ); RSA_VALIDATE_RET( ilen == 0 || input != NULL );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len; olen = ctx->len;
/* first comparison checks for overflow */ /* first comparison checks for overflow */
@ -1271,8 +1265,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
nb_pad = olen - 3 - ilen; nb_pad = olen - 3 - ilen;
*p++ = 0; *p++ = 0;
if( mode == MBEDTLS_RSA_PUBLIC )
{
if( f_rng == NULL ) if( f_rng == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1292,22 +1285,12 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
p++; p++;
} }
}
else
{
*p++ = MBEDTLS_RSA_SIGN;
while( nb_pad-- > 0 )
*p++ = 0xFF;
}
*p++ = 0; *p++ = 0;
if( ilen != 0 ) if( ilen != 0 )
memcpy( p, input, ilen ); memcpy( p, input, ilen );
return( ( mode == MBEDTLS_RSA_PUBLIC ) return( mbedtls_rsa_public( ctx, output, output ) );
? mbedtls_rsa_public( ctx, output, output )
: mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
} }
#endif /* MBEDTLS_PKCS1_V15 */ #endif /* MBEDTLS_PKCS1_V15 */
@ -1330,8 +1313,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
case MBEDTLS_RSA_PKCS_V15: case MBEDTLS_RSA_PKCS_V15:
return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng,
MBEDTLS_RSA_PUBLIC, ilen, ilen, input, output );
input, output );
#endif #endif
#if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_PKCS1_V21)

18
tests/suites/test_suite_rsa.function
View File

@ -116,22 +116,16 @@ void rsa_invalid_param( )
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
NULL, NULL, sizeof( buf ),
MBEDTLS_RSA_PUBLIC, buf, buf ) );
sizeof( buf ), buf,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
NULL, NULL, sizeof( buf ),
MBEDTLS_RSA_PUBLIC, NULL, buf ) );
sizeof( buf ), NULL,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
NULL, NULL, sizeof( buf ),
MBEDTLS_RSA_PUBLIC, buf, NULL ) );
sizeof( buf ), buf,
NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,