Subversion Repositories planix.SVN

Rev

Rev 33 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 - 1 
#include "os.h"
2 
#include <mp.h>
3 
#include <libsec.h>
4 
 
5 
RSApriv*
6 
rsagen(int nlen, int elen, int rounds)
7 
{
8 
	mpint *p, *q, *e, *d, *phi, *n, *t1, *t2, *kp, *kq, *c2;
9 
	RSApriv *rsa;
10 
 
11 
	p = mpnew(nlen/2);
12 
	q = mpnew(nlen/2);
13 
	n = mpnew(nlen);
14 
	e = mpnew(elen);
15 
	d = mpnew(0);
16 
	phi = mpnew(nlen);
17 
 
18 
	// create the prime factors and euclid's function
19 
	genprime(p, nlen/2, rounds);
20 
	genprime(q, nlen - mpsignif(p) + 1, rounds);
21 
	mpmul(p, q, n);
22 
	mpsub(p, mpone, e);
23 
	mpsub(q, mpone, d);
24 
	mpmul(e, d, phi);
25 
 
26 
	// find an e relatively prime to phi
27 
	t1 = mpnew(0);
28 
	t2 = mpnew(0);
33 7u83 29 
	if(elen == 0)
30 
		itomp(65537, e);
31 
	else {
32 
		mprand(elen, genrandom, e);
33 
		if(mpcmp(e,mptwo) <= 0)
34 
			itomp(3, e);
35 
	}
2 - 36 
	// See Menezes et al. p.291 "8.8 Note (selecting primes)" for discussion
37 
	// of the merits of various choices of primes and exponents.  e=3 is a
38 
	// common and recommended exponent, but doesn't necessarily work here
39 
	// because we chose strong rather than safe primes.
40 
	for(;;){
41 
		mpextendedgcd(e, phi, t1, d, t2);
42 
		if(mpcmp(t1, mpone) == 0)
43 
			break;
44 
		mpadd(mpone, e, e);
45 
	}
33 7u83 46 
	if(d->sign < 0)
47 
		mpadd(phi, d, d);
2 - 48 
	mpfree(t1);
49 
	mpfree(t2);
50 
 
51 
	// compute chinese remainder coefficient
52 
	c2 = mpnew(0);
53 
	mpinvert(p, q, c2);
54 
 
55 
	// for crt a**k mod p == (a**(k mod p-1)) mod p
56 
	kq = mpnew(0);
57 
	kp = mpnew(0);
58 
	mpsub(p, mpone, phi);
59 
	mpmod(d, phi, kp);
60 
	mpsub(q, mpone, phi);
61 
	mpmod(d, phi, kq);
62 
 
63 
	rsa = rsaprivalloc();
64 
	rsa->pub.ek = e;
65 
	rsa->pub.n = n;
66 
	rsa->dk = d;
67 
	rsa->kp = kp;
68 
	rsa->kq = kq;
69 
	rsa->p = p;
70 
	rsa->q = q;
71 
	rsa->c2 = c2;
72 
 
73 
	mpfree(phi);
74 
 
75 
	return rsa;
76 
}