aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/rsa/rsa.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/pubkey/rsa/rsa.cpp')
-rw-r--r--src/lib/pubkey/rsa/rsa.cpp11
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp
index 69d7052dc..fdc5b63d0 100644
--- a/src/lib/pubkey/rsa/rsa.cpp
+++ b/src/lib/pubkey/rsa/rsa.cpp
@@ -141,14 +141,19 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng,
m_e = exp;
+ const size_t p_bits = (bits + 1) / 2;
+ const size_t q_bits = bits - p_bits;
+
do
{
- m_p = random_prime(rng, (bits + 1) / 2, m_e);
- m_q = random_prime(rng, bits - m_p.bits(), m_e);
+ m_p = generate_rsa_prime(rng, rng, p_bits, m_e);
+ m_q = generate_rsa_prime(rng, rng, q_bits, m_e);
m_n = m_p * m_q;
} while(m_n.bits() != bits);
+ // FIXME: lcm calls gcd which is not const time
const BigInt phi_n = lcm(m_p - 1, m_q - 1);
+ // FIXME: this uses binary ext gcd because phi_n is even
m_d = inverse_mod(m_e, phi_n);
m_d1 = m_d % (m_p - 1);
m_d2 = m_d % (m_q - 1);
@@ -356,7 +361,7 @@ class RSA_Public_Operation
const size_t powm_window = 1;
- auto powm_m_n = monty_precompute(m_monty_n, m, powm_window);
+ auto powm_m_n = monty_precompute(m_monty_n, m, powm_window, false);
return monty_execute_vartime(*powm_m_n, m_e);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 16:13:30 +0000