/* -*-c-*-
*
- * $Id: rsa-recover.c,v 1.3 2000/06/22 19:03:14 mdw Exp $
+ * $Id: rsa-recover.c,v 1.7 2004/04/08 01:36:15 mdw Exp $
*
* Recover RSA parameters
*
* (c) 1999 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Catacomb.
*
* it under the terms of the GNU Library General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
- *
+ *
* Catacomb is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Library General Public
* License along with Catacomb; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
-/*----- Revision history --------------------------------------------------*
- *
- * $Log: rsa-recover.c,v $
- * Revision 1.3 2000/06/22 19:03:14 mdw
- * Use the new @mp_odd@ function.
- *
- * Revision 1.2 2000/06/17 12:07:19 mdw
- * Fix a bug in argument validation. Force %$p > q$% in output. Use
- * %$\lambda(n) = \lcm(p - 1, q - 1)$% rather than the more traditional
- * %$\phi(n) = (p - 1)(q - 1)$% when computing the decryption exponent.
- *
- * Revision 1.1 1999/12/22 15:50:45 mdw
- * Initial RSA support.
- *
- */
-
/*----- Header files ------------------------------------------------------*/
#include "mp.h"
/* --- @rsa_recover@ --- *
*
- * Arguments: @rsa_param *rp@ = pointer to parameter block
+ * Arguments: @rsa_priv *rp@ = pointer to parameter block
*
* Returns: Zero if all went well, nonzero if the parameters make no
* sense.
* Use: Derives the full set of RSA parameters given a minimal set.
*/
-int rsa_recover(rsa_param *rp)
+int rsa_recover(rsa_priv *rp)
{
/* --- If there is no modulus, calculate it --- */
mp_div(&rp->q, &r, rp->n, rp->p);
else
mp_div(&rp->p, &r, rp->n, rp->q);
- if (MP_CMP(r, !=, MP_ZERO)) {
+ if (!MP_EQ(r, MP_ZERO)) {
mp_drop(r);
return (-1);
}
*/
aw = primetab[i++];
- z = mpmont_expr(&mm, z, &a, t);
- if (MP_CMP(z, ==, mm.r) || MP_CMP(z, ==, m1))
+ z = mpmont_mul(&mm, z, &a, mm.r2);
+ z = mpmont_expr(&mm, z, z, t);
+ if (MP_EQ(z, mm.r) || MP_EQ(z, m1))
continue;
/* --- Now square until something interesting happens --- *
for (;;) {
mp *zz = mp_sqr(MP_NEW, z);
zz = mpmont_reduce(&mm, zz, zz);
- if (MP_CMP(zz, ==, mm.r)) {
+ if (MP_EQ(zz, mm.r)) {
mp_drop(zz);
goto done;
- } else if (MP_CMP(zz, ==, m1)) {
+ } else if (MP_EQ(zz, m1)) {
mp_drop(zz);
goto again;
}
}
mp_drop(phi);
- if (MP_CMP(g, !=, MP_ONE)) {
+ if (!MP_EQ(g, MP_ONE)) {
mp_drop(g);
return (-1);
}
projects / u / mdw / catacomb / blobdiff