void rsa_pubcreate(rsa_pubctx *rd, rsa_pub *rp)
{
- rd->rp = rp;
+ rd->rp = rp; mp_shrink(rp->e);
mpmont_create(&rd->mm, rp->n);
}
mp *rsa_pubop(rsa_pubctx *rd, mp *d, mp *p)
{
+ mp *e = rd->rp->e;
+ unsigned i;
+
+ if (MP_EQ(e, MP_THREE)) {
+ MP_COPY(p);
+ d = mpmont_mul(&rd->mm, d, p, rd->mm.r2);
+ d = mp_sqr(d, d); d = mpmont_reduce(&rd->mm, d, d);
+ d = mpmont_mul(&rd->mm, d, d, p);
+ MP_DROP(p);
+ return (d);
+ }
+#if MPW_BITS > 16
+ if (MP_LEN(e) == 1 && e->v[0] == 65537)
+#else
+ if (0 && MP_LEN(e) == 2 && e->v[0] == 1 && e->v[1] == (1 << (16 - MPW_BITS)))
+#endif
+ {
+ MP_COPY(p);
+ d = mpmont_mul(&rd->mm, d, p, rd->mm.r2);
+ for (i = 0; i < 16; i++)
+ { d = mp_sqr(d, d); d = mpmont_reduce(&rd->mm, d, d); }
+ d = mpmont_mul(&rd->mm, d, d, p);
+ MP_DROP(p);
+ return (d);
+ }
return (mpmont_exp(&rd->mm, d, p, rd->rp->e));
}