Skip to content
代码片段 群组 项目
提交 02303e8b 编辑于 作者: Paul Bakker's avatar Paul Bakker
浏览文件

Moved md_init_ctx() calls around to minimize exit points

上级 40628bad
No related branches found
No related tags found
无相关合并请求
隐藏空白变更内容
行内 左右并排
显示
11 个添加10 个删除
library/rsa.c
+ 11
10
浏览文件 @ 02303e8b
...@@ -441,8 +441,6 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, ...@@ -441,8 +441,6 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
memset( output, 0, olen ); memset( output, 0, olen );
md_init_ctx( &md_ctx, md_info );
*p++ = 0; *p++ = 0;
// Generate a random octet string seed // Generate a random octet string seed
...@@ -460,6 +458,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, ...@@ -460,6 +458,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
*p++ = 1; *p++ = 1;
memcpy( p, input, ilen ); memcpy( p, input, ilen );
md_init_ctx( &md_ctx, md_info );
// maskedDB: Apply dbMask to DB // maskedDB: Apply dbMask to DB
// //
mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen, mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
...@@ -800,8 +800,6 @@ int rsa_pkcs1_sign( rsa_context *ctx, ...@@ -800,8 +800,6 @@ int rsa_pkcs1_sign( rsa_context *ctx,
memset( sig, 0, olen ); memset( sig, 0, olen );
md_init_ctx( &md_ctx, md_info );
msb = mpi_msb( &ctx->N ) - 1; msb = mpi_msb( &ctx->N ) - 1;
// Generate salt of length slen // Generate salt of length slen
...@@ -817,6 +815,8 @@ int rsa_pkcs1_sign( rsa_context *ctx, ...@@ -817,6 +815,8 @@ int rsa_pkcs1_sign( rsa_context *ctx,
memcpy( p, salt, slen ); memcpy( p, salt, slen );
p += slen; p += slen;
md_init_ctx( &md_ctx, md_info );
// Generate H = Hash( M' ) // Generate H = Hash( M' )
// //
md_starts( &md_ctx ); md_starts( &md_ctx );
...@@ -1016,8 +1016,6 @@ int rsa_pkcs1_verify( rsa_context *ctx, ...@@ -1016,8 +1016,6 @@ int rsa_pkcs1_verify( rsa_context *ctx,
memset( zeros, 0, 8 ); memset( zeros, 0, 8 );
md_init_ctx( &md_ctx, md_info );
// Note: EMSA-PSS verification is over the length of N - 1 bits // Note: EMSA-PSS verification is over the length of N - 1 bits
// //
msb = mpi_msb( &ctx->N ) - 1; msb = mpi_msb( &ctx->N ) - 1;
...@@ -1032,6 +1030,8 @@ int rsa_pkcs1_verify( rsa_context *ctx, ...@@ -1032,6 +1030,8 @@ int rsa_pkcs1_verify( rsa_context *ctx,
if( buf[0] >> ( 8 - siglen * 8 + msb ) ) if( buf[0] >> ( 8 - siglen * 8 + msb ) )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
md_init_ctx( &md_ctx, md_info );
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx ); mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );
buf[0] &= 0xFF >> ( siglen * 8 - msb ); buf[0] &= 0xFF >> ( siglen * 8 - msb );
...@@ -1039,11 +1039,12 @@ int rsa_pkcs1_verify( rsa_context *ctx, ...@@ -1039,11 +1039,12 @@ int rsa_pkcs1_verify( rsa_context *ctx,
while( *p == 0 && p < buf + siglen ) while( *p == 0 && p < buf + siglen )
p++; p++;
if( p == buf + siglen ) if( p == buf + siglen ||
return( POLARSSL_ERR_RSA_INVALID_PADDING ); *p++ != 0x01 )
{
if( *p++ != 0x01 ) md_free_ctx( &md_ctx );
return( POLARSSL_ERR_RSA_INVALID_PADDING ); return( POLARSSL_ERR_RSA_INVALID_PADDING );
}
slen -= p - buf; slen -= p - buf;
......
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册