Merge branch 'release-3.4-fixes' into master

author: Niels Möller <nisse@lysator.liu.se> 2018-12-26 11:30:21 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2018-12-26 11:30:21 +0100
commit: fc30c4d8276db2802d844be0c6c2cc67ff2d43cf (patch)
tree: 24ce9f3a3cb7225ec63d6631df8e432ced079cf7 /rsa-internal.h
parent: 16d8133bec6d196ce3c5d02349a6475efaccf6c0 (diff)
parent: 350d87626235a20ec299ea851ef0b81218f1a5ec (diff)
download: nettle-fc30c4d8276db2802d844be0c6c2cc67ff2d43cf.tar.gz
1 files changed, 34 insertions, 1 deletions
diff --git a/rsa-internal.h b/rsa-internal.h
index 5c97eaa1..264c0a6a 100644
--- a/rsa-internal.h
+++ b/rsa-internal.h
@@ -34,13 +34,18 @@
 #ifndef NETTLE_RSA_INTERNAL_H_INCLUDED
 #define NETTLE_RSA_INTERNAL_H_INCLUDED
 
-#include "nettle-types.h"
+#include "rsa.h"
 
 #define _rsa_verify _nettle_rsa_verify
 #define _rsa_verify_recover _nettle_rsa_verify_recover
 #define _rsa_check_size _nettle_rsa_check_size
 #define _rsa_blind _nettle_rsa_blind
 #define _rsa_unblind _nettle_rsa_unblind
+#define _rsa_sec_compute_root_itch _nettle_rsa_sec_compute_root_itch
+#define _rsa_sec_compute_root _nettle_rsa_sec_compute_root
+#define _rsa_sec_compute_root_tr _nettle_rsa_sec_compute_root_tr
+#define _pkcs1_sec_decrypt _nettle_pkcs1_sec_decrypt
+#define _pkcs1_sec_decrypt_variable _nettle_pkcs1_sec_decrypt_variable
 
 /* Internal functions. */
 int
@@ -66,4 +71,32 @@ void
 _rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri)
   _NETTLE_ATTRIBUTE_DEPRECATED;
 
+/* side-channel silent root computation */
+mp_size_t
+_rsa_sec_compute_root_itch(const struct rsa_private_key *key);
+void
+_rsa_sec_compute_root(const struct rsa_private_key *key,
+                      mp_limb_t *rp, const mp_limb_t *mp,
+                      mp_limb_t *scratch);
+
+/* Safe side-channel silent variant, using RSA blinding, and checking the
+ * result after CRT. */
+int
+_rsa_sec_compute_root_tr(const struct rsa_public_key *pub,
+			 const struct rsa_private_key *key,
+			 void *random_ctx, nettle_random_func *random,
+			 mp_limb_t *x, const mp_limb_t *m, size_t mn);
+
+/* additional resistance to memory access side-channel attacks.
+ * Note: message buffer is returned unchanged on error */
+int
+_pkcs1_sec_decrypt (size_t length, uint8_t *message,
+                    size_t padded_message_length,
+                    const volatile uint8_t *padded_message);
+
+int
+_pkcs1_sec_decrypt_variable(size_t *length, uint8_t *message,
+                            size_t padded_message_length,
+                            const volatile uint8_t *padded_message);
+
 #endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */
author	Niels Möller <nisse@lysator.liu.se>	2018-12-26 11:30:21 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2018-12-26 11:30:21 +0100
commit	fc30c4d8276db2802d844be0c6c2cc67ff2d43cf (patch)
tree	24ce9f3a3cb7225ec63d6631df8e432ced079cf7 /rsa-internal.h
parent	16d8133bec6d196ce3c5d02349a6475efaccf6c0 (diff)
parent	350d87626235a20ec299ea851ef0b81218f1a5ec (diff)
download	nettle-fc30c4d8276db2802d844be0c6c2cc67ff2d43cf.tar.gz