Move/remove param validation in mbedtls_rsa_rsaes_pkcs1_v15_encrypt

Hanno Becker · Hanno Becker · commit b86e684ed4b6 · 2018-12-18T14:46:04.000Z
- The validity of the input and output parameters is checked by
  parameter validation.
- A PRNG is required in public mode only (even though it's also
  recommended in private mode), so move the check to the
  corresponding branch.
diff --git a/library/rsa.c b/library/rsa.c
@@ -1223,10 +1223,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
     if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
-    // We don't check p_rng because it won't be dereferenced here
-    if( f_rng == NULL || input == NULL || output == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
     olen = ctx->len;
 
     /* first comparison checks for overflow */
@@ -1238,6 +1234,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
     *p++ = 0;
     if( mode == MBEDTLS_RSA_PUBLIC )
     {
+        if( f_rng == NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
         *p++ = MBEDTLS_RSA_CRYPT;
 
         while( nb_pad-- > 0 )
