pub/dh-kcdsa.c: Free the correct factor.

[catacomb] / pub / rsa-pub.c

diff --git a/pub/rsa-pub.c b/pub/rsa-pub.c
index 78793a9..5e13182 100644 (file)
--- a/pub/rsa-pub.c
+++ b/pub/rsa-pub.c
@@ -48,7 +48,7 @@
 
 void rsa_pubcreate(rsa_pubctx *rd, rsa_pub *rp)
 {
-  rd->rp = rp;
+  rd->rp = rp; mp_shrink(rp->e);
   mpmont_create(&rd->mm, rp->n);
 }
 
@@ -79,6 +79,31 @@ void rsa_pubdestroy(rsa_pubctx *rd)
 
 mp *rsa_pubop(rsa_pubctx *rd, mp *d, mp *p)
 {
+  mp *e = rd->rp->e;
+  unsigned i;
+
+  if (MP_EQ(e, MP_THREE)) {
+    MP_COPY(p);
+    d = mpmont_mul(&rd->mm, d, p, rd->mm.r2);
+    d = mp_sqr(d, d); d = mpmont_reduce(&rd->mm, d, d);
+    d = mpmont_mul(&rd->mm, d, d, p);
+    MP_DROP(p);
+    return (d);
+  }
+#if MPW_BITS > 16
+  if (MP_LEN(e) == 1 && e->v[0] == 65537)
+#else
+  if (0 && MP_LEN(e) == 2 && e->v[0] == 1 && e->v[1] == (1 << (16 - MPW_BITS)))
+#endif
+  {
+    MP_COPY(p);
+    d = mpmont_mul(&rd->mm, d, p, rd->mm.r2);
+    for (i = 0; i < 16; i++)
+      { d = mp_sqr(d, d); d = mpmont_reduce(&rd->mm, d, d); }
+    d = mpmont_mul(&rd->mm, d, d, p);
+    MP_DROP(p);
+    return (d);
+  }
   return (mpmont_exp(&rd->mm, d, p, rd->rp->e));
 }