Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID

RSA: provide interface to retrieve padding mode and hash_id
2023-03-20 18:34:53 +00:00 · 2023-03-20 18:34:53 +00:00 · 3543806026
commit 3543806026
parent 97fd217748 b46ccf235c
5 changed files with 73 additions and 1 deletions
--- a/ChangeLog.d/rsa-padding-accessor.txt
+++ b/ChangeLog.d/rsa-padding-accessor.txt
@ -0,0 +1,4 @@
+Features
+   * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg()
+     to read non-public fields for padding mode and hash id from
+     an mbedtls_rsa_context, as requested in #6917.
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@ -181,6 +181,28 @@ void mbedtls_rsa_init(mbedtls_rsa_context *ctx);
 int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
                            mbedtls_md_type_t hash_id);

+/**
+ * \brief          This function retrieves padding mode of initialized
+ *                 RSA context.
+ *
+ * \param ctx      The initialized RSA context.
+ *
+ * \return         RSA padding mode.
+ *
+ */
+int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx);
+
+/**
+ * \brief          This function retrieves hash identifier of mbedtls_md_type_t
+ *                 type.
+ *
+ * \param ctx      The initialized RSA context.
+ *
+ * \return         Hash identifier of mbedtls_md_type_t type.
+ *
+ */
+int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx);
+
 /**
 * \brief          This function imports a set of core parameters into an
 *                 RSA context.
--- a/library/rsa.c
+++ b/library/rsa.c
@ -502,10 +502,25 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
    return 0;
 }

+/*
+ * Get padding mode of initialized RSA context
+ */
+int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx)
+{
+    return ctx->padding;
+}
+
+/*
+ * Get hash identifier of mbedtls_md_type_t type
+ */
+int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx)
+{
+    return ctx->hash_id;
+}
+
 /*
 * Get length in bytes of RSA modulus
 */
-
 size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
 {
    return ctx->len;
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@ -28,10 +28,17 @@ void pkcs1_rsaes_v15_encrypt(int mod, char *input_N,

    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
    mbedtls_rsa_init(&ctx);
+
+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), MBEDTLS_MD_NONE);
+
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V15, hash) == 0);
    memset(output, 0x00, sizeof(output));

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
@ -77,6 +84,9 @@ void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V15, hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    memset(output, 0x00, sizeof(output));
    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));

@ -281,6 +291,9 @@ void pkcs1_rsassa_v15_sign(int mod, char *input_P,

    memset(output, 0x00, sizeof(output));

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
@ -322,6 +335,9 @@ void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V15, hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@ -29,6 +29,9 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E,
                                        MBEDTLS_RSA_PKCS_V21, hash) == 0);
    memset(output, 0x00, sizeof(output));

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
@ -73,6 +76,9 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V21, hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    memset(output, 0x00, sizeof(output));
    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));

@ -134,6 +140,9 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V21, hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    memset(output, 0x00, sizeof(output));

    TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0);
@ -187,6 +196,9 @@ void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V21, hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash);
+
    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);

@ -220,6 +232,9 @@ void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E,
    TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
                                        MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0);

+    TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21);
+    TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), ctx_hash);
+
    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);