1
0
mirror of https://github.com/golang/go synced 2024-11-21 19:54:41 -07:00

crypto/rsa: don't use safe primes.

Previously we would require safe primes for our RSA key generation.
Since this took rather a long time, this removes the requirement that
the primes be safe.

OpenSSL doesn't use safe primes for RSA key generation either
(openssl-0.9.8l/crypto/rsa/rsa_gen.c:122)

Fixes #649.

R=rsc
CC=golang-dev
https://golang.org/cl/253041
This commit is contained in:
Adam Langley 2010-03-08 09:25:24 -05:00
parent 520621d24c
commit df53544f4f
2 changed files with 7 additions and 11 deletions

View File

@ -18,16 +18,15 @@ import (
var bigZero = big.NewInt(0)
var bigOne = big.NewInt(1)
// randomSafePrime returns a number, p, of the given size, such that p and
// (p-1)/2 are both prime with high probability.
func randomSafePrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
// randomPrime returns a number, p, of the given size, such that p is prime
// with high probability.
func randomPrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
if bits < 1 {
err = os.EINVAL
}
bytes := make([]byte, (bits+7)/8)
p = new(big.Int)
p2 := new(big.Int)
for {
_, err = io.ReadFull(rand, bytes)
@ -42,10 +41,7 @@ func randomSafePrime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
p.SetBytes(bytes)
if big.ProbablyPrime(p, 20) {
p2.Rsh(p, 1) // p2 = (p - 1)/2
if big.ProbablyPrime(p2, 20) {
return
}
return
}
}
@ -157,12 +153,12 @@ func GenerateKey(rand io.Reader, bits int) (priv *PrivateKey, err os.Error) {
totient := new(big.Int)
for {
p, err := randomSafePrime(rand, bits/2)
p, err := randomPrime(rand, bits/2)
if err != nil {
return nil, err
}
q, err := randomSafePrime(rand, bits/2)
q, err := randomPrime(rand, bits/2)
if err != nil {
return nil, err
}

View File

@ -18,7 +18,7 @@ func TestKeyGeneration(t *testing.T) {
t.Errorf("failed to open /dev/urandom")
}
priv, err := GenerateKey(urandom, 32)
priv, err := GenerateKey(urandom, 1024)
if err != nil {
t.Errorf("failed to generate key")
}