diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2010-05-26 16:20:17 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2010-05-26 16:20:17 +0200 |
| commit | 734dbdfa5510229b3acee29449c2938efccb6bd6 (patch) | |
| tree | 4e69b9173edb29a49b00e93d6cc4349bbfb6eb18 /bignum-random-prime.c | |
| parent | e9c0dfa1f2495f8af09ae1a9f4d55bca678daf55 (diff) | |
| download | nettle-734dbdfa5510229b3acee29449c2938efccb6bd6.tar.gz | |
* bignum-random-prime.c (_nettle_generate_pocklington_prime): Also
return the used r. Updated caller.
Rev: nettle/bignum-random-prime.c:1.5
Rev: nettle/bignum.h:1.6
Diffstat (limited to 'bignum-random-prime.c')
| -rw-r--r-- | bignum-random-prime.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/bignum-random-prime.c b/bignum-random-prime.c index 1fa7ee4a..dd772bdd 100644 --- a/bignum-random-prime.c +++ b/bignum-random-prime.c @@ -257,18 +257,17 @@ miller_rabin_pocklington(mpz_t n, mpz_t nm1, mpz_t nm1dq, mpz_t a) p0 must be of size >= ceil(bits/2) + 1. The extra factor q can be omitted. */ void -_nettle_generate_pocklington_prime (mpz_t p, unsigned bits, +_nettle_generate_pocklington_prime (mpz_t p, unsigned bits, mpz_t r, void *ctx, nettle_random_func random, const mpz_t p0, const mpz_t q, const mpz_t p0q) { - mpz_t i, r, pm1,a; + mpz_t i, pm1,a; assert (2*mpz_sizeinbase (p0, 2) > bits + 1); mpz_init (i); - mpz_init (r); mpz_init (pm1); mpz_init (a); @@ -304,13 +303,23 @@ _nettle_generate_pocklington_prime (mpz_t p, unsigned bits, mpz_set_ui (a, buf[0] + 2); if (q) - mpz_mul (r, r, q); - - if (miller_rabin_pocklington(p, pm1, r, a)) + { + mpz_t e; + int is_prime; + + mpz_init (e); + + mpz_mul (e, r, q); + is_prime = miller_rabin_pocklington(p, pm1, e, a); + mpz_clear (e); + + if (is_prime) + break; + } + else if (miller_rabin_pocklington(p, pm1, r, a)) break; } mpz_clear (i); - mpz_clear (r); mpz_clear (pm1); mpz_clear (a); } @@ -362,18 +371,20 @@ nettle_random_prime(mpz_t p, unsigned bits, } else { - mpz_t q; + mpz_t q, r; mpz_init (q); + mpz_init (r); /* Bit size ceil(k/2) + 1, slightly larger than used in Alg. 4.62 in Handbook of Applied Cryptography (which seems to be incorrect for odd k). */ nettle_random_prime (q, (bits+3)/2, ctx, random); - _nettle_generate_pocklington_prime (p, bits, ctx, random, + _nettle_generate_pocklington_prime (p, bits, r, ctx, random, q, NULL, q); mpz_clear (q); + mpz_clear (r); } } |