summaryrefslogtreecommitdiff
path: root/rsa-pkcs1-sign-tr.c
diff options
context:
space:
mode:
Diffstat (limited to 'rsa-pkcs1-sign-tr.c')
-rw-r--r--rsa-pkcs1-sign-tr.c48
1 files changed, 4 insertions, 44 deletions
diff --git a/rsa-pkcs1-sign-tr.c b/rsa-pkcs1-sign-tr.c
index f2b3e45d..00094b56 100644
--- a/rsa-pkcs1-sign-tr.c
+++ b/rsa-pkcs1-sign-tr.c
@@ -38,26 +38,6 @@
#include "pkcs1.h"
-/* Checks for any errors done in the RSA computation. That avoids
- * attacks which rely on faults on hardware, or even software MPI
- * implementation. */
-static int
-rsa_verify_res(const struct rsa_public_key *pub,
- mpz_t s, mpz_t m)
-{
- mpz_t t;
- int res;
-
- mpz_init(t);
-
- mpz_powm(t, s, pub->e, pub->n);
-
- res = !mpz_cmp(m, t);
-
- mpz_clear(t);
- return res;
-}
-
/* Side-channel resistant version of rsa_pkcs1_sign() */
int
rsa_pkcs1_sign_tr(const struct rsa_public_key *pub,
@@ -66,34 +46,14 @@ rsa_pkcs1_sign_tr(const struct rsa_public_key *pub,
size_t length, const uint8_t *digest_info,
mpz_t s)
{
- mpz_t ri, m;
+ mpz_t m;
int ret;
mpz_init(m);
- if (pkcs1_rsa_digest_encode (m, key->size, length, digest_info))
- {
- mpz_init (ri);
-
- _rsa_blind (pub, random_ctx, random, m, ri);
- rsa_compute_root(key, s, m);
-
- if (rsa_verify_res(pub, s, m) == 0)
- {
- mpz_set_ui(s, 0);
- ret = 0;
- }
- else
- ret = 1;
-
- _rsa_unblind (pub, s, ri);
- mpz_clear (ri);
- }
- else
- {
- mpz_set_ui(s, 0);
- ret = 0;
- }
+ ret = (pkcs1_rsa_digest_encode (m, key->size, length, digest_info)
+ && rsa_compute_root_tr (pub, key, random_ctx, random,
+ s, m));
mpz_clear(m);
return ret;
}
View Lorry Controller Status