From a43231c5a53622c19a314e7966e43cc60bb5aed1 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 28 Feb 2013 17:33:49 +0100 Subject: [PATCH] Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt() --- ChangeLog | 2 ++ include/polarssl/rsa.h | 12 ++++++++++-- library/rsa.c | 12 ++++++++---- 3 files changed, 20 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 605019bb0..ba3afd44f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,8 @@ Changes * Internally split up rsa_pkcs1_encrypt(), rsa_pkcs1_decrypt(), rsa_pkcs1_sign() and rsa_pkcs1_verify() to separate PKCS#1 v1.5 and PKCS#1 v2.1 functions + * Added support for custom labels when using rsa_rsaes_oaep_encrypt() + or rsa_rsaes_oaep_decrypt() Security * Removed further timing differences during SSL message decryption in diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 9eda4b37e..f9a022026 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -309,6 +309,8 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding) * \param p_rng RNG parameter * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length * \param ilen contains the plaintext length * \param input buffer holding the data to be encrypted * \param output buffer that will hold the ciphertext @@ -321,7 +323,9 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, int rsa_rsaes_oaep_encrypt( rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t ilen, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, const unsigned char *input, unsigned char *output ); @@ -376,6 +380,8 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, * * \param ctx RSA context * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length * \param olen will contain the plaintext length * \param input buffer holding the encrypted data * \param output buffer that will hold the plaintext @@ -388,7 +394,9 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, * an error is thrown. */ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, - int mode, size_t *olen, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ); diff --git a/library/rsa.c b/library/rsa.c index d41928fae..cc14d8e00 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -368,7 +368,9 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t ilen, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, const unsigned char *input, unsigned char *output ) { @@ -406,7 +408,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, // Construct DB // - md( md_info, p, 0, p ); + md( md_info, label, label_len, p ); p += hlen; p += olen - 2 * hlen - 2 - ilen; *p++ = 1; @@ -525,7 +527,9 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function */ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, - int mode, size_t *olen, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ) @@ -569,7 +573,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, // Generate lHash // - md( md_info, lhash, 0, lhash ); + md( md_info, label, label_len, lhash ); // seed: Apply seedMask to maskedSeed //