ca8b8e7c31
Starting with commit 49e94e3, the do/while loop in `rsa_prepare_blinding()` was changed to a `do...while(0)`, which prevents retry from being effective and leaves dead code. Restore the while condition to retry, and lift the calls to finish the computation out of the while loop by by observing that they are performed only when `mbedtls_mpi_inv_mod()` returns zero. Signed-off-by: Peter Kolbus <peter.kolbus@garmin.com>
6 lines
329 B
Text
6 lines
329 B
Text
Bugfix
|
|
* Fix rsa_prepare_blinding() to retry when the blinding value is not
|
|
invertible (mod N), instead of returning MBEDTLS_ERR_RSA_RNG_FAILED. This
|
|
addresses a regression but is rare in practice (approx. 1 in 2/sqrt(N)).
|
|
Found by Synopsys Coverity, fix contributed by Peter Kolbus (Garmin).
|
|
Fixes #3647.
|