yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Call cpu::cache_detected_features() in verify_rsa().

Browse Source 
`verify_rsa()` skips over the call done in `ring::signature::verify()`.
This commit is contained in:
Brian Smith 2018-11-28 14:29:30 -10:00
parent e2ba6cb73b
commit a51cd824f6
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/rsa/padding.rs
View File

@ -81,7 +81,7 @@ impl RSAVerification for PKCS1 {
&self, m_hash: &digest::Digest, m: &mut untrusted::Reader, mod_bits: bits::BitLength, &self, m_hash: &digest::Digest, m: &mut untrusted::Reader, mod_bits: bits::BitLength,
) -> Result<(), error::Unspecified> { ) -> Result<(), error::Unspecified> {
// `mod_bits.as_usize_bytes_rounded_up() <= // `mod_bits.as_usize_bytes_rounded_up() <=
// PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN` is ensured by `verify_rsa()`. // PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN` is ensured by `verify_rsa_()`.
let mut calculated = [0u8; PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN]; let mut calculated = [0u8; PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN];
let calculated = &mut calculated[..mod_bits.as_usize_bytes_rounded_up()]; let calculated = &mut calculated[..mod_bits.as_usize_bytes_rounded_up()];
pkcs1_encode(&self, m_hash, calculated); pkcs1_encode(&self, m_hash, calculated);

12
src/rsa/verification.rs
View File

@ -15,7 +15,7 @@
use super::{bigint, parse_public_key, RSAParameters, N, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN}; use super::{bigint, parse_public_key, RSAParameters, N, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN};
/// RSA PKCS#1 1.5 signatures. /// RSA PKCS#1 1.5 signatures.
use core; use core;
use crate::{bits, digest, error, private, signature}; use crate::{bits, cpu, digest, error, private, signature};
use untrusted; use untrusted;
#[derive(Debug)] #[derive(Debug)]
@ -87,7 +87,7 @@ impl signature::VerificationAlgorithm for RSAParameters {
&self, public_key: untrusted::Input, msg: untrusted::Input, signature: untrusted::Input, &self, public_key: untrusted::Input, msg: untrusted::Input, signature: untrusted::Input,
) -> Result<(), error::Unspecified> { ) -> Result<(), error::Unspecified> {
let public_key = parse_public_key(public_key)?; let public_key = parse_public_key(public_key)?;
verify_rsa(self, public_key, msg, signature) verify_rsa_(self, public_key, msg, signature)
} }
} }
@ -222,6 +222,14 @@ rsa_params!(
pub fn verify_rsa( pub fn verify_rsa(
params: &RSAParameters, (n, e): (untrusted::Input, untrusted::Input), msg: untrusted::Input, params: &RSAParameters, (n, e): (untrusted::Input, untrusted::Input), msg: untrusted::Input,
signature: untrusted::Input, signature: untrusted::Input,
) -> Result<(), error::Unspecified> {
cpu::cache_detected_features();
verify_rsa_(params, (n, e), msg, signature)
}
pub(crate) fn verify_rsa_(
params: &RSAParameters, (n, e): (untrusted::Input, untrusted::Input), msg: untrusted::Input,
signature: untrusted::Input,
) -> Result<(), error::Unspecified> { ) -> Result<(), error::Unspecified> {
let max_bits = bits::BitLength::from_usize_bytes(PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN)?; let max_bits = bits::BitLength::from_usize_bytes(PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN)?;