projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Allow only one error return, to frustrate Manger's attack against OAEP.
[u/mdw/catacomb]
/
rsa-gen.c
diff --git
a/rsa-gen.c
b/rsa-gen.c
index
159357f
..
e3f5fda
100644
(file)
--- a/
rsa-gen.c
+++ b/
rsa-gen.c
@@
-1,6
+1,6
@@
/* -*-c-*-
*
/* -*-c-*-
*
- * $Id: rsa-gen.c,v 1.
2 2000/06/17 12:05:15
mdw Exp $
+ * $Id: rsa-gen.c,v 1.
4 2000/10/08 12:11:22
mdw Exp $
*
* RSA parameter generation
*
*
* RSA parameter generation
*
@@
-30,6
+30,12
@@
/*----- Revision history --------------------------------------------------*
*
* $Log: rsa-gen.c,v $
/*----- Revision history --------------------------------------------------*
*
* $Log: rsa-gen.c,v $
+ * Revision 1.4 2000/10/08 12:11:22 mdw
+ * Use @MP_EQ@ instead of @MP_CMP@.
+ *
+ * Revision 1.3 2000/07/01 11:22:22 mdw
+ * Remove bad type name `rsa_param'.
+ *
* Revision 1.2 2000/06/17 12:05:15 mdw
* Lots of changes:
*
* Revision 1.2 2000/06/17 12:05:15 mdw
* Lots of changes:
*
@@
-68,7
+74,7
@@
/* --- @rsa_gen@ --- *
*
/* --- @rsa_gen@ --- *
*
- * Arguments: @rsa_p
aram
*rp@ = pointer to block to be filled in
+ * Arguments: @rsa_p
riv
*rp@ = pointer to block to be filled in
* @unsigned nbits@ = required modulus size in bits
* @grand *r@ = random number source
* @unsigned n@ = number of attempts to make
* @unsigned nbits@ = required modulus size in bits
* @grand *r@ = random number source
* @unsigned n@ = number of attempts to make
@@
-82,7
+88,7
@@
* possible.
*/
* possible.
*/
-int rsa_gen(rsa_p
aram
*rp, unsigned nbits, grand *r, unsigned n,
+int rsa_gen(rsa_p
riv
*rp, unsigned nbits, grand *r, unsigned n,
pgen_proc *event, void *ectx)
{
pgen_gcdstepctx g;
pgen_proc *event, void *ectx)
{
pgen_gcdstepctx g;
@@
-180,7
+186,7
@@
again:
*/
mp_gcd(&g.g, 0, &rp->d, phi, rp->e);
*/
mp_gcd(&g.g, 0, &rp->d, phi, rp->e);
- if (
MP_CMP(g.g, !=
, MP_ONE) && MP_LEN(rp->d) * 4 > MP_LEN(rp->n) * 3)
+ if (
!MP_EQ(g.g
, MP_ONE) && MP_LEN(rp->d) * 4 > MP_LEN(rp->n) * 3)
goto fail_e;
/* --- Work out exponent residues --- */
goto fail_e;
/* --- Work out exponent residues --- */