In RSA and RW signers, add the message contents to the RNG state

2 files changed, 9 insertions, 5 deletions

diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index 48243c9f9..6719a9960 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -90,15 +90,17 @@ BigInt RSA_Private_Operation::private_op(const BigInt& m) const
 
 secure_vector<byte>
 RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
-                            RandomNumberGenerator&)
+                            RandomNumberGenerator& rng)
    {
+   rng.add_entropy(msg, msg_len);
+
    /* We don't check signatures against powermod_e_n here because
       PK_Signer checks verification consistency for all signature
       algorithms.
    */
 
-   BigInt m(msg, msg_len);
-   BigInt x = blinder.unblind(private_op(blinder.blind(m)));
+   const BigInt m(msg, msg_len);
+   const BigInt x = blinder.unblind(private_op(blinder.blind(m)));
    return BigInt::encode_1363(x, n.bytes());
    }
 
@@ -108,8 +110,8 @@ RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
 secure_vector<byte>
 RSA_Private_Operation::decrypt(const byte msg[], size_t msg_len)
    {
-   BigInt m(msg, msg_len);
-   BigInt x = blinder.unblind(private_op(blinder.blind(m)));
+   const BigInt m(msg, msg_len);
+   const BigInt x = blinder.unblind(private_op(blinder.blind(m)));
 
    BOTAN_ASSERT(m == powermod_e_n(x),
                 "RSA decrypt passed consistency check");
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index 11a394fad..64fcc37cc 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -75,6 +75,8 @@ secure_vector<byte>
 RW_Signature_Operation::sign(const byte msg[], size_t msg_len,
                              RandomNumberGenerator& rng)
    {
+   rng.add_entropy(msg, msg_len);
+
    if(!blinder.initialized())
       {
       BigInt k(rng, std::min<size_t>(160, n.bits() - 1));