oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hcrypto: trim number of trials in prime number generation

Browse Source 
Reduce the number of trials when generating RSA keys by calling
mp_prime_rabin_miller_trials() with the number of desired bits.

See libtom/libtommath#482.
This commit is contained in:
Luke Howard
2020-04-12 20:39:16 +10:00
parent 7eb397834e
commit dfb1e6fcf8
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/hcrypto/rsa-ltm.c
View File

@@ -534,9 +534,11 @@ ltm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
/* generate p and q so that p != q and bits(pq) ~ bits */
counter = 0;
do {
int trials = mp_prime_rabin_miller_trials(bitsp);
BN_GENCB_call(cb, 2, counter++);
CHECK(random_num(&p, bitsp), 0);
CHECK(mp_prime_next_prime(&p,128,0), MP_OKAY);
CHECK(mp_prime_next_prime(&p, trials, 0), MP_OKAY);
mp_sub_d(&p, 1, &t1);
mp_gcd(&t1, &el, &t2);
@@ -546,9 +548,11 @@ ltm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
counter = 0;
do {
int trials = mp_prime_rabin_miller_trials(bits - bitsp);
BN_GENCB_call(cb, 2, counter++);
CHECK(random_num(&q, bits - bitsp), 0);
CHECK(mp_prime_next_prime(&q,128,0), MP_OKAY);
CHECK(mp_prime_next_prime(&q, trials, 0), MP_OKAY);
if (mp_cmp(&p, &q) == 0) /* don't let p and q be the same */
continue;