New function mbedtls_rsa_get_bitlen

Add a new function mbedtls_rsa_get_bitlen which returns the RSA key size, i.e. the bit size of the modulus. In the pk module, call mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the wrong result for key sizes that are not a multiple of 8. This commit adds one non-regression test in the pk suite. More tests are needed for RSA key sizes that are a multiple of 8. This commit does not address RSA alternative implementations, which only provide an interface that return the modulus size in bytes.
2018-01-28 18:13:03 +01:00 · 2018-01-28 18:13:03 +01:00 · 1d26709dbd
commit 1d26709dbd
parent 4a6aaa4c51
6 changed files with 80 additions and 18 deletions
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type )
 static size_t rsa_get_bitlen( const void *ctx )
 {
    const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
-    return( 8 * mbedtls_rsa_get_len( rsa ) );
+    return( mbedtls_rsa_get_bitlen( rsa ) );
 }

 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
--- a/library/rsa.c
+++ b/library/rsa.c
@ -480,12 +480,19 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id
 /*
 * Get length in bytes of RSA modulus
 */
-
 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
 {
    return( ctx->len );
 }

+/*
+ * Get length in bits of RSA modulus
+ */
+size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx )
+{
+    return( mbedtls_mpi_bitlen( &ctx->N ) );
+}
+

 #if defined(MBEDTLS_GENPRIME)