Refactored RSA to have random generator in every RSA operation
Primarily so that rsa_private() receives an RNG for blinding purposes.
diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c
index 0b168f4..4ecb613 100644
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@@ -33,16 +33,20 @@
#include "polarssl/config.h"
#include "polarssl/rsa.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_FS_IO)
+ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \
+ !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
((void) argc);
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_FS_IO not defined.\n");
+ "POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or "
+ "POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
@@ -52,8 +56,11 @@
int ret, c;
size_t i;
rsa_context rsa;
+ entropy_context entropy;
+ ctr_drbg_context ctr_drbg;
unsigned char result[1024];
unsigned char buf[512];
+ const char *pers = "rsa_decrypt";
((void) argv);
memset(result, 0, sizeof( result ) );
@@ -70,6 +77,18 @@
goto exit;
}
+ printf( "\n . Seeding the random number generator..." );
+ fflush( stdout );
+
+ entropy_init( &entropy );
+ if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
+ goto exit;
+ }
+
printf( "\n . Reading private key from rsa_priv.txt" );
fflush( stdout );
@@ -130,7 +149,8 @@
printf( "\n . Decrypting the encrypted data" );
fflush( stdout );
- if( ( ret = rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &i, buf, result,
+ if( ( ret = rsa_pkcs1_decrypt( &rsa, ctr_drbg_random, &ctr_drbg,
+ RSA_PRIVATE, &i, buf, result,
1024 ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_decrypt returned %d\n\n", ret );