]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 520621d)
crypto/rsa: don't use safe primes.
authorAdam Langley <agl@golang.org>
Mon, 8 Mar 2010 14:25:24 +0000 (09:25 -0500)
committerAdam Langley <agl@golang.org>
Mon, 8 Mar 2010 14:25:24 +0000 (09:25 -0500)
Previously we would require safe primes for our RSA key generation.
Since this took rather a long time, this removes the requirement that
the primes be safe.

OpenSSL doesn't use safe primes for RSA key generation either
(openssl-0.9.8l/crypto/rsa/rsa_gen.c:122)

Fixes #649.

R=rsc
CC=golang-dev
https://golang.org/cl/253041

src/pkg/crypto/rsa/rsa.go patch | blob | history
src/pkg/crypto/rsa/rsa_test.go patch | blob | history

diff --git a/src/pkg/crypto/rsa/rsa.go b/src/pkg/crypto/rsa/rsa.go
index a4a3cfd38fc58ff6f0a3998320ec2bf271f182c1..6352316290444ced909c504217c836f6450efa15 100644 (file)
--- a/src/pkg/crypto/rsa/rsa.go
+++ b/src/pkg/crypto/rsa/rsa.go
@@ -18,16 +18,15 @@ import (
 var bigZero = big.NewInt(0)
 var bigOne = big.NewInt(1)
 
-// randomSafePrime returns a number, p, of the given size, such that p and
-// (p-1)/2 are both prime with high probability.
-func randomSafePrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
+// randomPrime returns a number, p, of the given size, such that p is prime
+// with high probability.
+func randomPrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
        if bits < 1 {
                err = os.EINVAL
        }
 
        bytes := make([]byte, (bits+7)/8)
        p = new(big.Int)
-       p2 := new(big.Int)
 
        for {
                _, err = io.ReadFull(rand, bytes)
@@ -42,10 +41,7 @@ func randomSafePrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
 
                p.SetBytes(bytes)
                if big.ProbablyPrime(p, 20) {
-                       p2.Rsh(p, 1) // p2 = (p - 1)/2
-                       if big.ProbablyPrime(p2, 20) {
-                               return
-                       }
+                       return
                }
        }
 
@@ -157,12 +153,12 @@ func GenerateKey(rand io.Reader, bits int) (priv *PrivateKey, err os.Error) {
        totient := new(big.Int)
 
        for {
-               p, err := randomSafePrime(rand, bits/2)
+               p, err := randomPrime(rand, bits/2)
                if err != nil {
                        return nil, err
                }
 
-               q, err := randomSafePrime(rand, bits/2)
+               q, err := randomPrime(rand, bits/2)
                if err != nil {
                        return nil, err
                }
diff --git a/src/pkg/crypto/rsa/rsa_test.go b/src/pkg/crypto/rsa/rsa_test.go
index 21acf6ed67f4452e2910cc6e46e48edfe78d090b..172173900feddeff66badb71c39c005fae83c1ca 100644 (file)
--- a/src/pkg/crypto/rsa/rsa_test.go
+++ b/src/pkg/crypto/rsa/rsa_test.go
@@ -18,7 +18,7 @@ func TestKeyGeneration(t *testing.T) {
                t.Errorf("failed to open /dev/urandom")
        }
 
-       priv, err := GenerateKey(urandom, 32)
+       priv, err := GenerateKey(urandom, 1024)
        if err != nil {
                t.Errorf("failed to generate key")
        }
Go GOST TLS 1.3