diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index e5e78fba1..458bb512a 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -321,7 +321,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, /** * \brief Make signature, including padding if relevant. * - * \param ctx PK context to use + * \param ctx PK context to use - must hold a private key * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign * \param hash_len Hash length or 0 (see notes) @@ -350,7 +350,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, /** * \brief Decrypt message (including padding if relevant). * - * \param ctx PK context to use + * \param ctx PK context to use - must hold a private key * \param input Input to decrypt * \param ilen Input size * \param output Decrypted output diff --git a/library/rsa.c b/library/rsa.c index 3883d0921..1f907b764 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -359,6 +359,10 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, size_t olen; mbedtls_mpi T, T1, T2; + /* Make sure we have private key info, prevent possible misuse */ + if( ctx->P.p == NULL || ctx->Q.p == NULL || ctx->D.p == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); #if defined(MBEDTLS_THREADING_C)