diff options
Diffstat (limited to 'lib/nettle/pk.c')
-rw-r--r-- | lib/nettle/pk.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 1a30607a67..0c91aac493 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -3306,6 +3306,37 @@ fail: return ret; } +static int calc_rsa_priv(gnutls_pk_params_st * params) +{ + bigint_t lcm, p1, q1; + int ret; + + params->params[RSA_PRIV] = NULL; + + ret = _gnutls_mpi_init_multi(¶ms->params[RSA_PRIV], &lcm, &p1, &q1, NULL); + if (ret < 0) + return gnutls_assert_val(ret); + + /* lcm(p - 1, q - 1) */ + mpz_sub_ui(p1, params->params[RSA_PRIME1], 1); + mpz_sub_ui(q1, params->params[RSA_PRIME2], 1); + mpz_lcm(lcm, p1, q1); + + zrelease_mpi_key(&p1); + zrelease_mpi_key(&q1); + + /* d = e^{-1} (mod lcm) */ + ret = mpz_invert(params->params[RSA_PRIV], params->params[RSA_PUB], lcm); + + zrelease_mpi_key(&lcm); + + if (ret == 0) { + zrelease_mpi_key(¶ms->params[RSA_PRIV]); + return GNUTLS_E_INVALID_REQUEST; + } + + return 0; +} static int wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo, @@ -3320,6 +3351,13 @@ wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo, if (algo == GNUTLS_PK_RSA) { struct rsa_private_key priv; + if (params->params[RSA_PRIV] == NULL) { + ret = calc_rsa_priv(params); + if (ret < 0) + return gnutls_assert_val(ret); + params->params_nr++; + } + /* do not trust the generated values. Some old private keys * generated by us have mess on the values. Those were very * old but it seemed some of the shipped example private |