diff options
author | lloyd <[email protected]> | 2010-03-09 00:51:10 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-03-09 00:51:10 +0000 |
commit | b98f0aa4ac768fb045e439915a8115434e5a91de (patch) | |
tree | 0e30625378dafb2d3822b296964998d937d2c09b /src/pubkey | |
parent | 8b21f20f0e479247b692d2795864ca2c190775c7 (diff) |
Add back RSA consistency checking (decrypt only)
Diffstat (limited to 'src/pubkey')
-rw-r--r-- | src/pubkey/rsa/rsa.cpp | 9 | ||||
-rw-r--r-- | src/pubkey/rsa/rsa.h | 2 |
2 files changed, 8 insertions, 3 deletions
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp index 2ac001a31..5047fdf7a 100644 --- a/src/pubkey/rsa/rsa.cpp +++ b/src/pubkey/rsa/rsa.cpp @@ -1,6 +1,6 @@ /* * RSA -* (C) 1999-2008 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -75,12 +75,13 @@ RSA_Private_Operation::RSA_Private_Operation(const RSA_PrivateKey& rsa) : n(rsa.get_n()), q(rsa.get_q()), c(rsa.get_c()), + powermod_e_n(rsa.get_e(), rsa.get_n()), powermod_d1_p(rsa.get_d1(), rsa.get_p()), powermod_d2_q(rsa.get_d2(), rsa.get_q()), mod_p(rsa.get_p()) { BigInt k = Blinder::choose_nonce(rsa.get_d(), n); - blinder = Blinder(power_mod(k, rsa.get_e(), n), inverse_mod(k, n), n); + blinder = Blinder(powermod_e_n(k), inverse_mod(k, n), n); } BigInt RSA_Private_Operation::private_op(const BigInt& m) const @@ -113,6 +114,10 @@ RSA_Private_Operation::decrypt(const byte msg[], u32bit msg_len) const { BigInt m(msg, msg_len); BigInt x = blinder.unblind(private_op(blinder.blind(m))); + + if(m != powermod_e_n(x)) + throw Internal_Error("RSA private op failed consistency check"); + return BigInt::encode(x); } diff --git a/src/pubkey/rsa/rsa.h b/src/pubkey/rsa/rsa.h index 3482ff288..36f9277ef 100644 --- a/src/pubkey/rsa/rsa.h +++ b/src/pubkey/rsa/rsa.h @@ -106,7 +106,7 @@ class BOTAN_DLL RSA_Private_Operation : public PK_Ops::Signature, const BigInt& n; const BigInt& q; const BigInt& c; - Fixed_Exponent_Power_Mod powermod_d1_p, powermod_d2_q; + Fixed_Exponent_Power_Mod powermod_e_n, powermod_d1_p, powermod_d2_q; Modular_Reducer mod_p; Blinder blinder; }; |