shadps4-emu/ext-cryptopp
1
0
Fork 0
mirror of https://github.com/shadps4-emu/ext-cryptopp.git synced 2024-11-23 01:49:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Ensure RSA m_u is not 0 for small moduli (GH #1136, PR #1137)

Browse Source
This commit is contained in:
Jeffrey Walton 2022-08-05 08:53:28 -04:00 committed by GitHub
parent 58dd9dc7c2
commit 42bd192d8e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
rsa.cpp
View File

@ -126,19 +126,24 @@ void InvertibleRSAFunction::GenerateRandom(RandomNumberGenerator &rng, const Nam
if (m_e < 3 || m_e.IsEven()) if (m_e < 3 || m_e.IsEven())
throw InvalidArgument("InvertibleRSAFunction: invalid public exponent"); throw InvalidArgument("InvertibleRSAFunction: invalid public exponent");
RSAPrimeSelector selector(m_e); // Do this in a loop for small moduli. For small moduli, u' == 0 when p == q.
AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize) // https://github.com/weidai11/cryptopp/issues/1136
(Name::PointerToPrimeSelector(), selector.GetSelectorPointer()); do
m_p.GenerateRandom(rng, primeParam); {
m_q.GenerateRandom(rng, primeParam); RSAPrimeSelector selector(m_e);
AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
(Name::PointerToPrimeSelector(), selector.GetSelectorPointer());
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
m_d = m_e.InverseMod(LCM(m_p-1, m_q-1)); m_d = m_e.InverseMod(LCM(m_p-1, m_q-1));
CRYPTOPP_ASSERT(m_d.IsPositive()); CRYPTOPP_ASSERT(m_d.IsPositive());
m_dp = m_d % (m_p-1); m_dp = m_d % (m_p-1);
m_dq = m_d % (m_q-1); m_dq = m_d % (m_q-1);
m_n = m_p * m_q; m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p); m_u = m_q.InverseMod(m_p);
} while (m_u.IsZero());
if (FIPS_140_2_ComplianceEnabled()) if (FIPS_140_2_ComplianceEnabled())
{ {