Use a little larger starting point for e exponent.

[silc.git] / lib / silccrypt / rsa.c

diff --git a/lib/silccrypt/rsa.c b/lib/silccrypt/rsa.c
index ec47e6ddd3e0fdbe7295410fa20ed94d056f40eb..4b7db8ff3c0df3c4c741861a82e0f10ed59ca165 100644 (file)
--- a/lib/silccrypt/rsa.c
+++ b/lib/silccrypt/rsa.c
@@ -61,6 +61,16 @@
      The `tmplen' in encrypt, decrypt, sign and verify PKCS API functions
      is now calculated by (key->bits + 7) / 8.  It is the length of one block.
 
+   o Sat Mar 16 18:27:19 EET 2002  Pekka
+
+     Use the SilcRng sent as argument to SILC_PKCS_API_INIT in prime 
+     generation.
+
+   o Sat Sep 26 19:59:48 EEST 2002  Pekka
+
+     Fixed double free in public key setting.  Use a bit larger e as
+     starting point in key generation.
+
 */
 
 #include "silcincludes.h"
@@ -75,7 +85,7 @@
 
 SILC_PKCS_API_INIT(rsa)
 {
-  uint32 prime_bits = keylen / 2;
+  SilcUInt32 prime_bits = keylen / 2;
   SilcMPInt p, q;
   bool found = FALSE;
 
@@ -87,10 +97,10 @@ SILC_PKCS_API_INIT(rsa)
   /* Find p and q */
   while (!found) {
     printf("Finding p: ");
-    silc_math_gen_prime(&p, prime_bits, TRUE);
+    silc_math_gen_prime(&p, prime_bits, TRUE, rng);
     
     printf("\nFinding q: ");
-    silc_math_gen_prime(&q, prime_bits, TRUE);
+    silc_math_gen_prime(&q, prime_bits, TRUE, rng);
 
     if ((silc_mp_cmp(&p, &q)) == 0)
       printf("\nFound equal primes, not good, retrying...\n");
@@ -132,7 +142,7 @@ SILC_PKCS_API_GET_PUBLIC_KEY(rsa)
 {
   RsaKey *key = (RsaKey *)context;
   unsigned char *e, *n, *ret;
-  uint32 e_len, n_len;
+  SilcUInt32 e_len, n_len;
   unsigned char tmp[4];
 
   e = silc_mp_mp2bin(&key->e, 0, &e_len);
@@ -171,7 +181,7 @@ SILC_PKCS_API_GET_PRIVATE_KEY(rsa)
 {
   RsaKey *key = (RsaKey *)context;
   unsigned char *e, *n, *d, *ret;
-  uint32 e_len, n_len, d_len;
+  SilcUInt32 e_len, n_len, d_len;
   unsigned char tmp[4];
 
   e = silc_mp_mp2bin(&key->e, 0, &e_len);
@@ -218,11 +228,11 @@ SILC_PKCS_API_SET_PUBLIC_KEY(rsa)
 {
   RsaKey *key = (RsaKey *)context;
   unsigned char tmp[4];
-  uint32 e_len, n_len;
+  SilcUInt32 e_len, n_len;
 
   if (key->pub_set) {
     silc_mp_uninit(&key->e);
-    silc_mp_uninit(&key->e);
+    silc_mp_uninit(&key->n);
     key->pub_set = FALSE;
   }
 
@@ -263,7 +273,7 @@ SILC_PKCS_API_SET_PRIVATE_KEY(rsa)
 {
   RsaKey *key = (RsaKey *)context;
   unsigned char tmp[4];
-  uint32 e_len, n_len, d_len;
+  SilcUInt32 e_len, n_len, d_len;
 
   if (key->prv_set) {
     silc_mp_uninit(&key->d);
@@ -479,7 +489,7 @@ SILC_PKCS_API_VERIFY(rsa)
    to compute the modulus n has to be generated before calling this. They
    are then sent as argument for the function. */
 
-void rsa_generate_keys(RsaKey *key, uint32 bits, 
+void rsa_generate_keys(RsaKey *key, SilcUInt32 bits, 
                       SilcMPInt *p, SilcMPInt *q)
 {
   SilcMPInt phi, hlp;
@@ -511,7 +521,7 @@ void rsa_generate_keys(RsaKey *key, uint32 bits,
   /* Set e, the public exponent. We try to use same public exponent
      for all keys. Also, to make encryption faster we use small 
      number. */
-  silc_mp_set_ui(&key->e, 127);
+  silc_mp_set_ui(&key->e, 65533);
  retry_e:
   /* See if e is relatively prime to phi. gcd == greates common divisor,
      if gcd equals 1 they are relatively prime. */
@@ -521,7 +531,7 @@ void rsa_generate_keys(RsaKey *key, uint32 bits,
     goto retry_e;
   }
   
-  /* Find d, the private exponent. */
+  /* Find d, the private exponent, e ^ -1 mod lcm(phi). */
   silc_mp_gcd(&div, &pm1, &qm1);
   silc_mp_div(&lcm, &phi, &div);
   silc_mp_modinv(&key->d, &key->e, &lcm);