Avoid potential side channel when generating RSA primes

Add a new function dedicated to generating RSA primes.

Don't test for p.bits() > bits until the very end - rarely happens,
and speeds up prime generation quite noticably.

Add Miller-Rabin error probabilities for 1/2**128, which again
speeds up RSA keygen and DL param gen quite a bit.

0 files changed, 0 insertions, 0 deletions