| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- /*
- * This file is part of the UCB release of Plan 9. It is subject to the license
- * terms in the LICENSE file found in the top-level directory of this
- * distribution and at http://akaros.cs.berkeley.edu/files/Plan9License. No
- * part of the UCB release of Plan 9, including this file, may be copied,
- * modified, propagated, or distributed except according to the terms contained
- * in the LICENSE file.
- */
- #include "os.h"
- #include <mp.h>
- #include <libsec.h>
- RSApriv*
- rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q)
- {
- mpint *c2, *kq, *kp, *x;
- RSApriv *rsa;
- // make sure we're not being hoodwinked
- if(!probably_prime(p, 10) || !probably_prime(q, 10)){
- werrstr("rsafill: p or q not prime");
- return nil;
- }
- x = mpnew(0);
- mpmul(p, q, x);
- if(mpcmp(n, x) != 0){
- werrstr("rsafill: n != p*q");
- mpfree(x);
- return nil;
- }
- c2 = mpnew(0);
- mpsub(p, mpone, c2);
- mpsub(q, mpone, x);
- mpmul(c2, x, x);
- mpmul(e, d, c2);
- mpmod(c2, x, x);
- if(mpcmp(x, mpone) != 0){
- werrstr("rsafill: e*d != 1 mod (p-1)*(q-1)");
- mpfree(x);
- mpfree(c2);
- return nil;
- }
- // compute chinese remainder coefficient
- mpinvert(p, q, c2);
- // for crt a**k mod p == (a**(k mod p-1)) mod p
- kq = mpnew(0);
- kp = mpnew(0);
- mpsub(p, mpone, x);
- mpmod(d, x, kp);
- mpsub(q, mpone, x);
- mpmod(d, x, kq);
- rsa = rsaprivalloc();
- rsa->pub.ek = mpcopy(e);
- rsa->pub.n = mpcopy(n);
- rsa->dk = mpcopy(d);
- rsa->kp = kp;
- rsa->kq = kq;
- rsa->p = mpcopy(p);
- rsa->q = mpcopy(q);
- rsa->c2 = c2;
- mpfree(x);
- return rsa;
- }
|
