Overview

File openssl-fips_RSA_compute_d_with_lcm.patch of Package openssl.4105

Index: openssl-1.0.1i/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.0.1i.orig/crypto/rsa/rsa_gen.c	2014-10-15 14:42:10.879787012 +0200
+++ openssl-1.0.1i/crypto/rsa/rsa_gen.c	2014-10-23 18:11:04.378422531 +0200
@@ -172,6 +172,7 @@ static int FIPS_rsa_builtin_keygen(RSA *
 	BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
 	BIGNUM local_r0, local_d, local_p;
 	BIGNUM *pr0, *d, *p;
+	BIGNUM *gcd_p1_q1 = NULL, *lcm_p1_q1 = NULL;
 	BN_CTX *ctx = NULL;
 	int ok = -1;
 	int i;
@@ -198,6 +199,8 @@ static int FIPS_rsa_builtin_keygen(RSA *
 	r1 = BN_CTX_get(ctx);
 	r2 = BN_CTX_get(ctx);
 	r3 = BN_CTX_get(ctx);
+	gcd_p1_q1 = BN_CTX_get(ctx);
+	lcm_p1_q1 = BN_CTX_get(ctx);
 
 	if (r3 == NULL) goto err;
 
@@ -332,7 +335,11 @@ static int FIPS_rsa_builtin_keygen(RSA *
 		}
 	else
 	  pr0 = r0;
-	if (!BN_mod_inverse(rsa->d,rsa->e,pr0,ctx)) goto err;	/* d */
+
+	/* calculate lcm(p-1,q-1) = (p-1)*(q-1) / gcd(p-1,q-1) */
+	if (!BN_gcd(gcd_p1_q1,r1,r2,ctx)) goto err;	/* gcd(p-1,q-1) */
+	if (!BN_div(lcm_p1_q1,NULL,pr0,gcd_p1_q1,ctx)) goto err;
+	if (!BN_mod_inverse(rsa->d,rsa->e,lcm_p1_q1,ctx)) goto err;	/* d */
 
 	/* set up d for correct BN_FLG_CONSTTIME flag */
 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
openSUSE Build Service is sponsored by
Places