Don't require P,Q in rsa_private in case of non-blinded non-CRT

For non-CRT, P and Q are only used for the purpose of blinding the exponent.
This commit is contained in:
Hanno Becker 2017-11-27 15:33:18 +00:00
parent 2412061a5a
commit 63073aa3d3

View File

@ -437,8 +437,8 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) == 0 || if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->D, 0 ) == 0 || mbedtls_mpi_cmp_int( &ctx->D, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->E, 0 ) == 0 || mbedtls_mpi_cmp_int( &ctx->E, 0 ) == 0 ||
mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 || ( f_rng != NULL && mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) ||
mbedtls_mpi_cmp_int( &ctx->Q, 0 ) == 0 ) ( f_rng != NULL && mbedtls_mpi_cmp_int( &ctx->Q, 0 ) == 0 ) )
{ {
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
} }