/* -*-c-*-
*
- * $Id: rsa-gen.c,v 1.4 2000/10/08 12:11:22 mdw Exp $
+ * $Id$
*
* RSA parameter generation
*
* (c) 1999 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Catacomb.
*
* it under the terms of the GNU Library General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
- *
+ *
* Catacomb is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Library General Public
* License along with Catacomb; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
-/*----- Revision history --------------------------------------------------*
- *
- * $Log: rsa-gen.c,v $
- * Revision 1.4 2000/10/08 12:11:22 mdw
- * Use @MP_EQ@ instead of @MP_CMP@.
- *
- * Revision 1.3 2000/07/01 11:22:22 mdw
- * Remove bad type name `rsa_param'.
- *
- * Revision 1.2 2000/06/17 12:05:15 mdw
- * Lots of changes:
- *
- * * Apply limits on %$\gcd(p - 1, q - 1)$% to reduce the space of
- * equivalent decryption exponents.
- *
- * * Force %$e = F_4 = 2^{16} + 1$% to avoid small-encryption-exponent
- * attacks.
- *
- * * Ensure that %$p > q$% and that %$p - q$% is large to deter
- * square-root-based factoring methods.
- *
- * * Use %$e d \equiv 1 \pmod{\lambda(n)}$%, where %$\lambda(n)$% is
- * %$\lcm(p - 1, q - 1)$%, as recommended in PKCS#1, rather than the
- * more usual %$\varphi(n) = (p - 1)(q - 1)$%.
- *
- * * Handle aborts from pgen_jump.
- *
- * Revision 1.1 1999/12/22 15:50:45 mdw
- * Initial RSA support.
- *
- */
-
/*----- Header files ------------------------------------------------------*/
#include <mLib/dstr.h>
goto again;
}
- if (phi->f & MP_NEG) {
+ if (MP_NEGP(phi)) {
mp *z = rp->p;
rp->p = rp->q;
rp->q = z;
/* --- Work out the modulus and the CRT coefficient --- */
rp->n = mp_mul(MP_NEW, rp->p, rp->q);
- rp->q_inv = MP_NEW; mp_gcd(0, 0, &rp->q_inv, rp->p, rp->q);
+ rp->q_inv = mp_modinv(MP_NEW, rp->q, rp->p);
/* --- Work out %$\varphi(n) = (p - 1)(q - 1)$% --- *
*