use a CPRG when using decrypt RSA.

2012-12-05 08:16:32 +00:00 · 2012-12-05 08:16:32 +00:00 · bd2883683b
commit bd2883683b
parent 7a03dc1834
2 changed files with 7 additions and 3 deletions
--- a/core/Network/TLS/Crypto.hs
+++ b/core/Network/TLS/Crypto.hs
@ -106,8 +106,8 @@ kxEncrypt g (PubRSA pk) b = case RSA.encrypt g pk b of
                                Left e        -> (Left $ RSAError e, g)
                                Right (v, g') -> (Right v, g')

-kxDecrypt :: PrivateKey -> ByteString -> Either KxError ByteString
-kxDecrypt (PrivRSA pk) b  = generalizeRSAError $ RSA.decrypt pk b
+kxDecrypt :: CPRG g => g -> PrivateKey -> ByteString -> (Either KxError ByteString, g)
+kxDecrypt g (PrivRSA pk) b = (generalizeRSAError $ RSA.decrypt pk b, g)

 -- Verify that the signature matches the given message, using the
 -- public key.
--- a/core/Network/TLS/Receiving.hs
+++ b/core/Network/TLS/Receiving.hs
@ -93,9 +93,13 @@ processHandshake hs = do

 decryptRSA :: ByteString -> TLSSt (Either KxError ByteString)
 decryptRSA econtent = do
+        st  <- get
        ver <- stVersion <$> get
        rsapriv <- fromJust "rsa private key" . hstRSAPrivateKey . fromJust "handshake" . stHandshake <$> get
-        return $ kxDecrypt rsapriv (if ver < TLS10 then econtent else B.drop 2 econtent)
+        let cipher = if ver < TLS10 then econtent else B.drop 2 econtent
+        let (mmsg,rng') = withTLSRNG (stRandomGen st) (\g -> kxDecrypt g rsapriv cipher)
+        put (st { stRandomGen = rng' })
+        return mmsg

 verifyRSA :: (ByteString -> ByteString, ByteString) -> ByteString -> ByteString -> TLSSt (Either KxError Bool)
 verifyRSA hsh econtent sign = do