diff options
author | Jack Lloyd <[email protected]> | 2020-11-01 07:29:25 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2020-11-01 07:38:26 -0500 |
commit | e34c062f3c9baa9f79eebbf71ec02568ccef37d5 (patch) | |
tree | d498c155b94726abc0b5bd00c7ee867b36073127 /src/lib/pubkey/rsa | |
parent | cc14490a8500f490d52c78e1b9aedbd6fb4726b1 (diff) |
Modify Testsuite_RNG slightly to avoid rotations
[Since I want to make rotate.h internal in 3.0]
During modification of Testsuite_RNG some hard to debug test failures
occurred. It turned out to be because on occasion, with a sufficiently
bad test RNG, you can end up with p == q during RSA key generation.
Check for this.
Also add a smoke test checking that the test RNG is producing roughly
uniform output.
Diffstat (limited to 'src/lib/pubkey/rsa')
-rw-r--r-- | src/lib/pubkey/rsa/rsa.cpp | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp index bce6fae0f..96f405892 100644 --- a/src/lib/pubkey/rsa/rsa.cpp +++ b/src/lib/pubkey/rsa/rsa.cpp @@ -291,6 +291,10 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng, // TODO could generate primes in thread pool p = generate_rsa_prime(rng, rng, p_bits, e); q = generate_rsa_prime(rng, rng, q_bits, e); + + if(p == q) + throw Internal_Error("RNG failure during RSA key generation"); + n = p * q; } while(n.bits() != bits); @@ -323,6 +327,9 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const if(get_p() * get_q() != get_n()) return false; + if(get_p() == get_q()) + return false; + if(get_d1() != ct_modulo(get_d(), get_p() - 1)) return false; if(get_d2() != ct_modulo(get_d(), get_q() - 1)) |