Mercurial > dropbear

comparison libtomcrypt/src/pk/rsa/rsa_make_key.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 #include "tomcrypt.h" 9 #include "tomcrypt.h"
12 10
13 /** 11 /**
14 @file rsa_make_key.c 12 @file rsa_make_key.c
15 RSA key generation, Tom St Denis 13 RSA key generation, Tom St Denis
16 */ 14 */
17 15
18 #ifdef LTC_MRSA 16 #ifdef LTC_MRSA
19 17
20 /** 18 /**
21 Create an RSA key 19 Create an RSA key
22 @param prng An active PRNG state 20 @param prng An active PRNG state
23 @param wprng The index of the PRNG desired 21 @param wprng The index of the PRNG desired
24 @param size The size of the modulus (key size) desired (octets) 22 @param size The size of the modulus (key size) desired (octets)
25 @param e The "e" value (public key). e==65537 is a good choice 23 @param e The "e" value (public key). e==65537 is a good choice
31 void *p, *q, *tmp1, *tmp2, *tmp3; 29 void *p, *q, *tmp1, *tmp2, *tmp3;
32 int err; 30 int err;
33 31
34 LTC_ARGCHK(ltc_mp.name != NULL); 32 LTC_ARGCHK(ltc_mp.name != NULL);
35 LTC_ARGCHK(key != NULL); 33 LTC_ARGCHK(key != NULL);
36 34 LTC_ARGCHK(size > 0);
37 if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) {
38 return CRYPT_INVALID_KEYSIZE;
39 }
40 35
41 if ((e < 3) || ((e & 1) == 0)) { 36 if ((e < 3) || ((e & 1) == 0)) {
42 return CRYPT_INVALID_ARG; 37 return CRYPT_INVALID_ARG;
43 } 38 }
44 39
49 if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != CRYPT_OK) { 44 if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != CRYPT_OK) {
50 return err; 45 return err;
51 } 46 }
52 47
53 /* make primes p and q (optimization provided by Wayne Scott) */ 48 /* make primes p and q (optimization provided by Wayne Scott) */
54 if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) { goto errkey; } /* tmp3 = e */ 49 if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) { goto cleanup; } /* tmp3 = e */
55 50
56 /* make prime "p" */ 51 /* make prime "p" */
57 do { 52 do {
58 if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK) { goto errkey; } 53 if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; }
59 if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ 54 if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = p-1 */
60 if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(p-1, e) */ 55 if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(p-1, e) */
61 } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */ 56 } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */
62 57
63 /* make prime "q" */ 58 /* make prime "q" */
64 do { 59 do {
65 if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK) { goto errkey; } 60 if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; }
66 if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ 61 if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = q-1 */
67 if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(q-1, e) */ 62 if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(q-1, e) */
68 } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */ 63 } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */
69 64
70 /* tmp1 = lcm(p-1, q-1) */ 65 /* tmp1 = lcm(p-1, q-1) */
71 if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ 66 if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = p-1 */
72 /* tmp1 = q-1 (previous do/while loop) */ 67 /* tmp1 = q-1 (previous do/while loop) */
73 if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = lcm(p-1, q-1) */ 68 if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */
74 69
75 /* make key */ 70 /* make key */
76 if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { 71 if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
77 goto errkey; 72 goto errkey;
78 } 73 }
97 92
98 /* return ok and free temps */ 93 /* return ok and free temps */
99 err = CRYPT_OK; 94 err = CRYPT_OK;
100 goto cleanup; 95 goto cleanup;
101 errkey: 96 errkey:
102 mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); 97 rsa_free(key);
103 cleanup: 98 cleanup:
104 mp_clear_multi(tmp3, tmp2, tmp1, p, q, NULL); 99 mp_clear_multi(tmp3, tmp2, tmp1, q, p, NULL);
105 return err; 100 return err;
106 } 101 }
107 102
108 #endif 103 #endif
109 104
110 /* $Source$ */ 105 /* ref: $Format:%D$ */
111 /* $Revision$ */ 106 /* git commit: $Format:%H$ */
112 /* $Date$ */ 107 /* commit time: $Format:%ai$ */