New header file pkcs1-internal.h

9 files changed, 69 insertions, 20 deletions

diff --git a/ChangeLog b/ChangeLog
index fd487df1..74ab64a5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,15 @@
 2018-12-26  Niels Möller  <nisse@lysator.liu.se>
 
+	* pkcs1-internal.h: New header file, moved declarations of
+	_pkcs1_sec_decrypt and _pkcs1_sec_decrypt_variable here.
+	* rsa-internal.h: ... old location.
+	* Makefile.in (DISTFILES): Added pkcs1-internal.h.
+	* pkcs1-decrypt.c: Include new file.
+	* pkcs1-sec-decrypt.c: Likewise.
+	* rsa-decrypt-tr.c: Likewise.
+	* rsa-sec-decrypt.c: Likewise.
+	* testsuite/pkcs1-sec-decrypt-test.c: Likewise.
+
 	* tools/nettle-pbkdf2.c: Add #define _GNU_SOURCE, needed for
 	strdup with gcc -std=c89.
 	* testsuite/ed25519-test.c: Add #define _GNU_SOURCE, needed for
diff --git a/Makefile.in b/Makefile.in
index c7db0aed..35df8a14 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -234,7 +234,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \
 	memxor-internal.h nettle-internal.h nettle-write.h \
 	ctr-internal.h chacha-internal.h sha3-internal.h \
 	salsa20-internal.h umac-internal.h hogweed-internal.h \
-	rsa-internal.h dsa-internal.h eddsa-internal.h \
+	rsa-internal.h pkcs1-internal.h dsa-internal.h eddsa-internal.h \
 	gmp-glue.h ecc-internal.h fat-setup.h \
 	mini-gmp.h asm.m4 \
 	nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c
diff --git a/pkcs1-decrypt.c b/pkcs1-decrypt.c
index 1a02c706..40f6c3dd 100644
--- a/pkcs1-decrypt.c
+++ b/pkcs1-decrypt.c
@@ -38,10 +38,10 @@
 #include <string.h>
 
 #include "pkcs1.h"
+#include "pkcs1-internal.h"
 
 #include "bignum.h"
 #include "gmp-glue.h"
-#include "rsa-internal.h"
 
 int
 pkcs1_decrypt (size_t key_size,
diff --git a/pkcs1-internal.h b/pkcs1-internal.h
new file mode 100644
index 00000000..507cdfbb
--- /dev/null
+++ b/pkcs1-internal.h
@@ -0,0 +1,53 @@
+/* pkcs1-internal.h
+
+   Copyright (C) 2018 Niels Möller
+   Copyright (C) 2018 Red Hat, Inc.
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_PKCS1_INTERNAL_H_INCLUDED
+#define NETTLE_PKCS1_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _pkcs1_sec_decrypt _nettle_pkcs1_sec_decrypt
+#define _pkcs1_sec_decrypt_variable _nettle_pkcs1_sec_decrypt_variable
+
+/* additional resistance to memory access side-channel attacks.
+ * Note: message buffer is returned unchanged on error */
+int
+_pkcs1_sec_decrypt (size_t length, uint8_t *message,
+                    size_t padded_message_length,
+                    const volatile uint8_t *padded_message);
+
+int
+_pkcs1_sec_decrypt_variable(size_t *length, uint8_t *message,
+                            size_t padded_message_length,
+                            const volatile uint8_t *padded_message);
+
+#endif /* NETTLE_PKCS1_INTERNAL_H_INCLUDED */
diff --git a/pkcs1-sec-decrypt.c b/pkcs1-sec-decrypt.c
index 722044b0..4f13080e 100644
--- a/pkcs1-sec-decrypt.c
+++ b/pkcs1-sec-decrypt.c
@@ -43,8 +43,7 @@
 #include "memops.h"
 
 #include "gmp-glue.h"
-#include "rsa.h"
-#include "rsa-internal.h"
+#include "pkcs1-internal.h"
 
 /* Inputs are always cast to uint32_t values. But all values used in this
  * function should never exceed the maximum value of a uint32_t anyway.
diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index 1e6ad934..0224c0b7 100644
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -37,6 +37,7 @@
 #endif
 
 #include "rsa-internal.h"
+#include "pkcs1-internal.h"
 #include "gmp-glue.h"
 
 int
diff --git a/rsa-internal.h b/rsa-internal.h
index 264c0a6a..b828e451 100644
--- a/rsa-internal.h
+++ b/rsa-internal.h
@@ -44,8 +44,6 @@
 #define _rsa_sec_compute_root_itch _nettle_rsa_sec_compute_root_itch
 #define _rsa_sec_compute_root _nettle_rsa_sec_compute_root
 #define _rsa_sec_compute_root_tr _nettle_rsa_sec_compute_root_tr
-#define _pkcs1_sec_decrypt _nettle_pkcs1_sec_decrypt
-#define _pkcs1_sec_decrypt_variable _nettle_pkcs1_sec_decrypt_variable
 
 /* Internal functions. */
 int
@@ -87,16 +85,4 @@ _rsa_sec_compute_root_tr(const struct rsa_public_key *pub,
 			 void *random_ctx, nettle_random_func *random,
 			 mp_limb_t *x, const mp_limb_t *m, size_t mn);
 
-/* additional resistance to memory access side-channel attacks.
- * Note: message buffer is returned unchanged on error */
-int
-_pkcs1_sec_decrypt (size_t length, uint8_t *message,
-                    size_t padded_message_length,
-                    const volatile uint8_t *padded_message);
-
-int
-_pkcs1_sec_decrypt_variable(size_t *length, uint8_t *message,
-                            size_t padded_message_length,
-                            const volatile uint8_t *padded_message);
-
 #endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */
diff --git a/rsa-sec-decrypt.c b/rsa-sec-decrypt.c
index e6a4b267..6866e7c8 100644
--- a/rsa-sec-decrypt.c
+++ b/rsa-sec-decrypt.c
@@ -39,6 +39,7 @@
 #endif
 
 #include "rsa.h"
+#include "pkcs1-internal.h"
 #include "rsa-internal.h"
 
 #include "gmp-glue.h"
diff --git a/testsuite/pkcs1-sec-decrypt-test.c b/testsuite/pkcs1-sec-decrypt-test.c
index 9c7b06d5..c7fcdcb6 100644
--- a/testsuite/pkcs1-sec-decrypt-test.c
+++ b/testsuite/pkcs1-sec-decrypt-test.c
@@ -1,7 +1,6 @@
 #include "testutils.h"
 
-#include "rsa.h"
-#include "rsa-internal.h"
+#include "pkcs1-internal.h"
 
 #if HAVE_VALGRIND_MEMCHECK_H
 # include <valgrind/memcheck.h>