Release 2.3.2.

[catacomb] / pub / rsa-gen.c

diff --git a/pub/rsa-gen.c b/pub/rsa-gen.c
index c12be18..3b5334b 100644 (file)
--- a/pub/rsa-gen.c
+++ b/pub/rsa-gen.c
@@ -84,17 +84,11 @@ int rsa_gen(rsa_priv *rp, unsigned nbits, grand *r, unsigned n,
 
   {
     mp *q;
-    mp *t = MP_NEW, *u = MP_NEW;
     rabin rb;
 
     if ((q = strongprime_setup("q", MP_NEWSEC, &g.jp, nbits / 2,
                               r, n, event, ectx)) == 0)
       goto fail_q;
-    t = mp_lsl(t, MP_ONE, nbits - 1);
-    mp_div(&t, &u, t, rp->p);
-    if (!MP_ZEROP(u)) t = mp_add(t, t, MP_ONE);
-    if (MP_CMP(q, <, t)) q = mp_leastcongruent(q, t, q, g.jp.m);
-    mp_drop(t);
 
     g.r = mp_lsr(MP_NEW, rp->p, 1);
     g.g = MP_NEW;
@@ -158,6 +152,8 @@ int rsa_gen(rsa_priv *rp, unsigned nbits, grand *r, unsigned n,
   mp_gcd(&g.g, 0, &rp->d, phi, rp->e);
   if (!MP_EQ(g.g, MP_ONE) && MP_LEN(rp->d) * 4 > MP_LEN(rp->n) * 3)
     goto fail_e;
+  if (mp_bits(rp->n) != nbits)
+    goto fail_e;
 
   /* --- Work out exponent residues --- */