Clarify guarantees made by rsa_deduce_moduli/private/crt

This commit is contained in:
Hanno Becker 2017-10-02 12:24:50 +01:00
parent bdefff1dde
commit 1b831fe1c5

View file

@ -99,6 +99,10 @@ extern "C" {
* factorization of N.
* - A non-zero error code otherwise.
*
* \note It is neither checked that P, Q are prime nor that
* D, E are modular inverses wrt. P-1 and Q-1. For that,
* use the helper function \c mbedtls_rsa_validate_params.
*
*/
int mbedtls_rsa_deduce_moduli( mbedtls_mpi const *N, mbedtls_mpi const *D,
mbedtls_mpi const *E, int (*f_rng)(void *, unsigned char *, size_t),
@ -117,13 +121,13 @@ int mbedtls_rsa_deduce_moduli( mbedtls_mpi const *N, mbedtls_mpi const *D,
* \param E RSA public exponent
* \param D Pointer to MPI holding the private exponent on success.
*
* \note This function does not check whether P and Q are primes.
*
* \return
* - 0 if successful. In this case, D is set to a simultaneous
* modular inverse of E modulo both P-1 and Q-1.
* - A non-zero error code otherwise.
*
* \note This function does not check whether P and Q are primes.
*
*/
int mbedtls_rsa_deduce_private( mbedtls_mpi const *P, mbedtls_mpi const *Q,
mbedtls_mpi const *E, mbedtls_mpi *D );
@ -145,6 +149,9 @@ int mbedtls_rsa_deduce_private( mbedtls_mpi const *P, mbedtls_mpi const *Q,
*
* \return 0 on success, non-zero error code otherwise.
*
* \note This function does not check whether P, Q are
* prime and whether D is a valid private exponent.
*
*/
int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
const mbedtls_mpi *D, mbedtls_mpi *DP,