diff options
author | Niels Möller <nisse@lysator.liu.se> | 2021-06-08 21:32:38 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2021-06-08 21:32:38 +0200 |
commit | c80961c646b0962ab152619ac0a7c6a21850a380 (patch) | |
tree | 5630616bfb4ceb3704e329aa6a8afdf37b10f546 /rsa.h | |
parent | cd6059aebdd3059fbcf674dddb850b821c13b6c2 (diff) | |
download | nettle-c80961c646b0962ab152619ac0a7c6a21850a380.tar.gz |
Add input check to rsa_decrypt family of functions.
(cherry picked from commit 0ad0b5df315665250dfdaa4a1e087f4799edaefe)
Diffstat (limited to 'rsa.h')
-rw-r--r-- | rsa.h | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -428,13 +428,14 @@ rsa_sec_decrypt(const struct rsa_public_key *pub, size_t length, uint8_t *message, const mpz_t gibberish); -/* Compute x, the e:th root of m. Calling it with x == m is allowed. */ +/* Compute x, the e:th root of m. Calling it with x == m is allowed. + It is required that 0 <= m < n. */ void rsa_compute_root(const struct rsa_private_key *key, mpz_t x, const mpz_t m); /* Safer variant, using RSA blinding, and checking the result after - CRT. */ + CRT. It is required that 0 <= m < n. */ int rsa_compute_root_tr(const struct rsa_public_key *pub, const struct rsa_private_key *key, |