|
 |
873a72 |
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
|
|
|
873a72 |
index 8d2a2b8..754842a 100644
|
|
|
873a72 |
--- a/lib/nettle/int/rsa-keygen-fips186.c
|
|
|
873a72 |
+++ b/lib/nettle/int/rsa-keygen-fips186.c
|
|
|
873a72 |
@@ -256,7 +256,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
|
|
873a72 |
/* Desired size of modulo, in bits */
|
|
|
873a72 |
unsigned n_size)
|
|
|
873a72 |
{
|
|
|
873a72 |
- mpz_t t, r, p1, q1, phi;
|
|
|
873a72 |
+ mpz_t t, r, p1, q1, lcm;
|
|
|
873a72 |
int ret;
|
|
|
873a72 |
struct dss_params_validation_seeds cert;
|
|
|
873a72 |
unsigned l = n_size / 2;
|
|
|
873a72 |
@@ -281,7 +281,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
|
|
873a72 |
|
|
|
873a72 |
mpz_init(p1);
|
|
|
873a72 |
mpz_init(q1);
|
|
|
873a72 |
- mpz_init(phi);
|
|
|
873a72 |
+ mpz_init(lcm);
|
|
|
873a72 |
mpz_init(t);
|
|
|
873a72 |
mpz_init(r);
|
|
|
873a72 |
|
|
|
873a72 |
@@ -337,9 +337,13 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
|
|
873a72 |
|
|
|
873a72 |
mpz_sub_ui(p1, key->p, 1);
|
|
|
873a72 |
mpz_sub_ui(q1, key->q, 1);
|
|
|
873a72 |
- mpz_mul(phi, p1, q1);
|
|
|
873a72 |
|
|
|
873a72 |
- assert(mpz_invert(key->d, pub->e, phi) != 0);
|
|
|
873a72 |
+ mpz_lcm(lcm, p1, q1);
|
|
|
873a72 |
+
|
|
|
873a72 |
+ if (mpz_invert(key->d, pub->e, lcm) == 0) {
|
|
|
873a72 |
+ ret = 0;
|
|
|
873a72 |
+ goto cleanup;
|
|
|
873a72 |
+ }
|
|
|
873a72 |
|
|
|
873a72 |
/* Done! Almost, we must compute the auxillary private values. */
|
|
|
873a72 |
/* a = d % (p-1) */
|
|
|
873a72 |
@@ -357,7 +361,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
|
|
873a72 |
cleanup:
|
|
|
873a72 |
mpz_clear(p1);
|
|
|
873a72 |
mpz_clear(q1);
|
|
|
873a72 |
- mpz_clear(phi);
|
|
|
873a72 |
+ mpz_clear(lcm);
|
|
|
873a72 |
mpz_clear(t);
|
|
|
873a72 |
mpz_clear(r);
|
|
|
873a72 |
return ret;
|