diff options
author | Simo Sorce <simo@redhat.com> | 2018-11-08 11:59:48 -0500 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2018-11-24 10:44:29 +0100 |
commit | 4c5a4472898279b7f776958143323043a1eb816d (patch) | |
tree | 1b9e4a73735f6f674a4c388f5a6083b9515c7460 /rsa.h | |
parent | f7350548a397d74bdac16b9e2742990687ab0113 (diff) | |
download | nettle-4c5a4472898279b7f776958143323043a1eb816d.tar.gz |
Use side-channel silent root for rsa signatures
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'rsa.h')
-rw-r--r-- | rsa.h | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -90,6 +90,7 @@ extern "C" { #define rsa_decrypt_tr nettle_rsa_decrypt_tr #define rsa_compute_root nettle_rsa_compute_root #define rsa_compute_root_tr nettle_rsa_compute_root_tr +#define rsa_sec_compute_root_tr _nettle_rsa_sec_compute_root_tr #define rsa_generate_keypair nettle_rsa_generate_keypair #define rsa_keypair_to_sexp nettle_rsa_keypair_to_sexp #define rsa_keypair_from_sexp_alist nettle_rsa_keypair_from_sexp_alist @@ -436,6 +437,14 @@ rsa_compute_root_tr(const struct rsa_public_key *pub, void *random_ctx, nettle_random_func *random, mpz_t x, const mpz_t m); +/* Safe side-channel silent variant, using RSA blinding, and checking the + * result after CRT. */ +int +rsa_sec_compute_root_tr(const struct rsa_public_key *pub, + const struct rsa_private_key *key, + void *random_ctx, nettle_random_func *random, + mp_limb_t *x, const mp_limb_t *m, size_t mn); + /* Key generation */ /* Note that the key structs must be initialized first. */ |