opentitan icon indicating copy to clipboard operation
opentitan copied to clipboard
verified publisher icon lowRISC

[crypto/rsa] temporarily use constant-time modexp when e != 0x10001

Open RyanTorok opened this issue 1 year ago • 1 comments

Previously, RSA verify operations returned an invalid argument error when passed a value for the public exponent e other than 65537 (2^16 + 1), because we currently lack a variable-time implementation to perform the modexp operation for other exponents. This PR configures RSA to temporarily use the existing constant-time implementation for other exponents until a variable-time implementation is supported.

This PR allows us to run the NIST CAVP RSA test vectors, which all use e != 65537.

RyanTorok avatar Feb 20 '24 13:02 RyanTorok

Added issue #21581

RyanTorok avatar Feb 20 '24 14:02 RyanTorok

Successfully created backport PR for earlgrey_es_sival:

  • #21688

github-actions[bot] avatar Feb 26 '24 16:02 github-actions[bot]