diff options
| author | David Shaw <[email protected]> | 2006-06-28 22:29:25 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2006-06-28 22:29:25 +0000 |
| commit | 04376627a67d7af83e839ce11ee4f93433bc5af5 (patch) | |
| tree | c70b520e2ce9dfd3799003ab3a386d100b28367e /cipher/rsa.c | |
| parent | i18n fix (diff) | |
| download | gnupg-04376627a67d7af83e839ce11ee4f93433bc5af5.tar.gz gnupg-04376627a67d7af83e839ce11ee4f93433bc5af5.zip | |
* rsa.c (generate): Use e=65537 for new RSA keys.
Diffstat (limited to '')
| -rw-r--r-- | cipher/rsa.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/cipher/rsa.c b/cipher/rsa.c index 8b23326f2..0b00e215e 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -136,25 +136,21 @@ generate( RSA_secret_key *sk, unsigned nbits ) mpi_gcd(g, t1, t2); mpi_fdiv_q(f, phi, g); - /* find an public exponent. - We use 41 as this is quite fast and more secure than the - commonly used 17. Benchmarking the RSA verify function - with a 1024 bit key yields (2001-11-08): + /* Find an public exponent. + Benchmarking the RSA verify function with a 1024 bit key yields + (2001-11-08): e=17 0.54 ms e=41 0.75 ms e=257 0.95 ms e=65537 1.80 ms + + This code used 41 until 2006-06-28 when it was changed to use + 65537 as the new best practice. See FIPS-186-3. */ e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - mpi_set_ui( e, 41); - if( !mpi_gcd(t1, e, phi) ) { - mpi_set_ui( e, 257); - if( !mpi_gcd(t1, e, phi) ) { - mpi_set_ui( e, 65537); - while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */ - mpi_add_ui( e, e, 2); - } - } + mpi_set_ui( e, 65537); + while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */ + mpi_add_ui( e, e, 2); /* calculate the secret key d = e^1 mod phi */ d = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); |