diff options
author | Barry Mead <barrymead@cox.net> | 2010-02-16 19:07:07 -0700 |
---|---|---|
committer | Barry Mead <barrymead@cox.net> | 2010-02-16 19:07:07 -0700 |
commit | fb13b1d20fba03aa63787d1858e2fd1c25abf4ab (patch) | |
tree | e3b4ea9d7228c4a6bf35cd31561f4d89ffbf9ec4 | |
parent | edf743f57753a044850e92b7f4e347a4853d7f30 (diff) | |
download | rsa-git-fb13b1d20fba03aa63787d1858e2fd1c25abf4ab.tar.gz |
Better phi_n security without bad time penalty
-rw-r--r-- | rsa/__init__.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/rsa/__init__.py b/rsa/__init__.py index f6f1e74..ad1e192 100644 --- a/rsa/__init__.py +++ b/rsa/__init__.py @@ -314,10 +314,12 @@ def find_p_q(nbits): """Returns a tuple of two different primes of nbits bits""" pbits = nbits + (nbits/16) #Make sure that p and q aren't too close qbits = nbits - (nbits/16) #or the factoring programs can factor n - p = getprime(pbits) while True: + p = getprime(pbits) q = getprime(qbits) - if not q == p: break + phi_n = (p-1)*(q-1) + #Make sure p and q are different and phi_n is not divisible by 256 + if not (q == p or phi_n & 255 == 0): break return (p, q) def extended_gcd(a, b): |