From 8d38b6af38e76d7e59ac39b8245657c29cb6398e Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Mon, 12 Nov 2018 17:06:31 -0500
Subject: [PATCH] Use side-channel silent pkcs1 in rsa_decrypt_tr

Signed-off-by: Simo Sorce <simo@redhat.com>
---
 rsa-decrypt-tr.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index e4fbc5fe..dc47f8fb 100644
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -37,9 +37,8 @@
 #endif
 
 #include "rsa.h"
-
-#include "bignum.h"
-#include "pkcs1.h"
+#include "rsa-internal.h"
+#include "gmp-glue.h"
 
 int
 rsa_decrypt_tr(const struct rsa_public_key *pub,
@@ -48,14 +47,22 @@ rsa_decrypt_tr(const struct rsa_public_key *pub,
 	       size_t *length, uint8_t *message,
 	       const mpz_t gibberish)
 {
-  mpz_t m;
+  TMP_GMP_DECL (m, mp_limb_t);
+  TMP_GMP_DECL (em, uint8_t);
   int res;
 
-  mpz_init_set(m, gibberish);
+  TMP_GMP_ALLOC (m, mpz_size(pub->n));
+  TMP_GMP_ALLOC (em, key->size);
+
+  res = rsa_sec_compute_root_tr (pub, key, random_ctx, random, m,
+                                 mpz_limbs_read(gibberish),
+                                 mpz_size(gibberish));
+
+  mpn_get_base256 (em, key->size, m, mpz_size(pub->n));
 
-  res = (rsa_compute_root_tr (pub, key, random_ctx, random, m, gibberish)
-	 && pkcs1_decrypt (key->size, m, length, message));
+  res &= _pkcs1_sec_decrypt_variable (length, message, key->size, em);
 
-  mpz_clear(m);
+  TMP_GMP_FREE (em);
+  TMP_GMP_FREE (m);
   return res;
 }
-- 
GitLab