Refactored RSA to have random generator in every RSA operation

Primarily so that rsa_private() receives an RNG for blinding purposes.
2025-12-21 21:36:21 +01:00 · 2013-08-30 10:30:02 +02:00 · 2013-08-30 10:30:02 +02:00 · 548957dd49
commit 548957dd49
parent ca174fef80
11 changed files with 132 additions and 49 deletions
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@ -33,16 +33,20 @@
 #include "polarssl/config.h"

 #include "polarssl/rsa.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"

 #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) ||  \
-    !defined(POLARSSL_FS_IO)
+    !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
+    !defined(POLARSSL_CTR_DRBG_C)
 int main( int argc, char *argv[] )
 {
    ((void) argc);
    ((void) argv);

    printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
-           "POLARSSL_FS_IO not defined.\n");
+           "POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
+           "POLARSSL_CTR_DRBG_C not defined.\n");
    return( 0 );
 }
 #else
@ -52,8 +56,11 @@ int main( int argc, char *argv[] )
    int ret, c;
    size_t i;
    rsa_context rsa;
+    entropy_context entropy;
+    ctr_drbg_context ctr_drbg;
    unsigned char result[1024];
    unsigned char buf[512];
+    const char *pers = "rsa_decrypt";
    ((void) argv);

    memset(result, 0, sizeof( result ) );
@ -70,6 +77,18 @@ int main( int argc, char *argv[] )
        goto exit;
    }

+    printf( "\n  . Seeding the random number generator..." );
+    fflush( stdout );
+
+    entropy_init( &entropy );
+    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
+                               (const unsigned char *) pers,
+                               strlen( pers ) ) ) != 0 )
+    {
+        printf( " failed\n  ! ctr_drbg_init returned %d\n", ret );
+        goto exit;
+    }
+
    printf( "\n  . Reading private key from rsa_priv.txt" );
    fflush( stdout );

@ -130,7 +149,8 @@ int main( int argc, char *argv[] )
    printf( "\n  . Decrypting the encrypted data" );
    fflush( stdout );

-    if( ( ret = rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &i, buf, result,
+    if( ( ret = rsa_pkcs1_decrypt( &rsa, ctr_drbg_random, &ctr_drbg,
+                                   RSA_PRIVATE, &i, buf, result,
                                   1024 ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_decrypt returned %d\n\n", ret );