From c2d4eefafed4aad95f501fa932ab67699db2c5a5 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Wed, 4 Apr 2018 11:53:36 -0400 Subject: Update side channel doc, and update RSA blinding test It needs to account for bits taking from the blinding RNG for exponent blinding. --- src/tests/test_rsa.cpp | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index 652d5cafd..88c086812 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -288,9 +288,16 @@ class RSA_Blinding_Tests final : public Test Botan::PK_Encryptor_EME encryptor(rsa, Test::rng(), "Raw"); // don't try this at home - // test blinding reinit interval - // Seed Fixed_Output_RNG only with enough bytes for the initial blinder initialization - Botan_Tests::Fixed_Output_RNG fixed_rng(Botan::unlock(Test::rng().random_vec(rsa.get_n().bytes()))); + /* + Test blinding reinit interval + + Seed Fixed_Output_RNG only with enough bytes for the initial + blinder initialization plus the exponent blinding bits which + is 2*64 bits per operation. + */ + const size_t rng_bytes = rsa.get_n().bytes() + (2*8*BOTAN_BLINDING_REINIT_INTERVAL); + + Botan_Tests::Fixed_Output_RNG fixed_rng(Botan::unlock(Test::rng().random_vec(rng_bytes))); Botan::PK_Decryptor_EME decryptor(rsa, fixed_rng, "Raw", "base"); for(size_t i = 1; i <= BOTAN_BLINDING_REINIT_INTERVAL ; ++i) -- cgit v1.2.3