Remove mbedtls_rsa_check_crt

This is no longer needed after the decision to not exhaustively validate private key material.
This commit is contained in:
Hanno Becker 2017-10-02 12:25:52 +01:00
parent 98838b04af
commit c6fc878eda
5 changed files with 1 additions and 111 deletions

View file

@ -417,29 +417,6 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Check if CRT-parameters match core parameters
*
* \param ctx Complete RSA private key context
* \param DP Private exponent modulo P-1, or NULL
* \param DQ Private exponent modulo Q-1, or NULL
* \param QP Modular inverse of Q modulo P, or NULL
*
* \return 0 if successful, testifying that the non-NULL optional
* parameters provided are in accordance with the core
* RSA parameters. Non-zero error code otherwise.
*
* \note This function performs in-place computations on the
* parameters DP, DQ and QP. If modification cannot be
* tolerated, you should make copies with mbedtls_mpi_copy
* before calling this function.
*
*/
int mbedtls_rsa_check_crt( const mbedtls_rsa_context *ctx,
mbedtls_mpi *DP,
mbedtls_mpi *DQ,
mbedtls_mpi *QP );
/**
* \brief Export core parameters of an RSA key
*

View file

@ -751,8 +751,7 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
/* Check optional parameters */
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &DP ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &DQ ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &QP ) ) != 0 ||
( ret = mbedtls_rsa_check_crt( rsa, &DP, &DQ, &QP ) ) != 0 )
( ret = mbedtls_asn1_get_mpi( &p, end, &QP ) ) != 0 )
goto cleanup;
if( p != end )

View file

@ -706,52 +706,6 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx,
return( 0 );
}
/*
* Check if CRT parameters match RSA context.
* This has to be implemented even if CRT is not used,
* in order to be able to validate DER encoded RSA keys,
* which always contain CRT parameters.
*/
int mbedtls_rsa_check_crt( const mbedtls_rsa_context *ctx,
mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP )
{
int ret = 0;
/* Check if key is private or public */
const int is_priv =
mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
if( !is_priv )
{
/* Checking optional parameters only makes sense for private keys. */
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( ( DP != NULL && mbedtls_mpi_cmp_mpi( DP, &ctx->DP ) != 0 ) ||
( DQ != NULL && mbedtls_mpi_cmp_mpi( DQ, &ctx->DQ ) != 0 ) ||
( QP != NULL && mbedtls_mpi_cmp_mpi( QP, &ctx->QP ) != 0 ) )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
#else /* MBEDTLS_RSA_NO_CRT */
if( ( ret = mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D,
DP, DQ, QP ) ) != 0 )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
#endif
if( ret != 0 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
return( 0 );
}
int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
unsigned char *N, size_t N_len,
unsigned char *P, size_t P_len,
@ -2532,21 +2486,6 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx )
"910E4168387E3C30AA1E00C339A79508" \
"8452DD96A9A5EA5D9DCA68DA636032AF"
#define RSA_DP "C1ACF567564274FB07A0BBAD5D26E298" \
"3C94D22288ACD763FD8E5600ED4A702D" \
"F84198A5F06C2E72236AE490C93F07F8" \
"3CC559CD27BC2D1CA488811730BB5725"
#define RSA_DQ "4959CBF6F8FEF750AEE6977C155579C7" \
"D8AAEA56749EA28623272E4F7D0592AF" \
"7C1F1313CAC9471B5C523BFE592F517B" \
"407A1BD76C164B93DA2D32A383E58357"
#define RSA_QP "9AE7FBC99546432DF71896FC239EADAE" \
"F38D18D2B2F0E2DD275AA977E2BF4411" \
"F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \
"A74206CEC169D74BF5A8C50D6F48EA08"
#define PT_LEN 24
#define RSA_PT "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
"\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD"
@ -2619,15 +2558,6 @@ int mbedtls_rsa_self_test( int verbose )
return( 1 );
}
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_DP ) );
MBEDTLS_MPI_CHK( mbedtls_rsa_check_crt( &rsa, &K, NULL, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_DQ ) );
MBEDTLS_MPI_CHK( mbedtls_rsa_check_crt( &rsa, NULL, &K, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_QP ) );
MBEDTLS_MPI_CHK( mbedtls_rsa_check_crt( &rsa, NULL, NULL, &K ) );
if( verbose != 0 )
mbedtls_printf( "passed\n PKCS#1 encryption : " );

View file

@ -150,14 +150,6 @@ int main( int argc, char *argv[] )
goto exit;
}
/* Although we're not using them, verify CRT parameters */
if( ( return_val = mbedtls_rsa_check_crt( &rsa, &DP, &DQ, &QP ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_rsa_check_crt returned %d\n\n",
return_val );
goto exit;
}
/*
* Extract the RSA encrypted value from the text file
*/

View file

@ -130,14 +130,6 @@ int main( int argc, char *argv[] )
goto exit;
}
/* Although we're not using them, verify CRT parameters */
if( ( ret = mbedtls_rsa_check_crt( &rsa, &DP, &DQ, &QP ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_rsa_check_crt returned %d\n\n",
ret );
goto exit;
}
/*
* Compute the SHA-256 hash of the input file,
* then calculate the RSA signature of the hash.