enforce RSA_PRIME1 > RSA_PRIME2 (p > q) in PGP
authorMartin Willi <martin@strongswan.org>
Mon, 17 Aug 2009 13:30:20 +0000 (15:30 +0200)
committerMartin Willi <martin@strongswan.org>
Wed, 26 Aug 2009 09:23:51 +0000 (11:23 +0200)
src/libstrongswan/credentials/builder.h
src/libstrongswan/plugins/pgp/pgp_builder.c

index 1854740..ed3862c 100644 (file)
@@ -96,9 +96,9 @@ enum builder_part_t {
        BUILD_RSA_PUB_EXP,
        /** private exponent (d) of a RSA key, chunk_t */
        BUILD_RSA_PRIV_EXP,
-       /** prime 1 (p) of a RSA key, chunk_t */
+       /** prime 1 (p) of a RSA key (p < q), chunk_t */
        BUILD_RSA_PRIME1,
-       /** prime 2 (q) of a RSA key, chunk_t */
+       /** prime 2 (q) of a RSA key (p < q), chunk_t */
        BUILD_RSA_PRIME2,
        /** exponent 1 (exp1) of a RSA key, chunk_t */
        BUILD_RSA_EXP1,
index 8a6fc76..e3b370e 100644 (file)
@@ -202,10 +202,11 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
                        return NULL;
                }
        }
+       /* PGP has uses p < q, but we use p > q */
        return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, 
                                                BUILD_RSA_MODULUS, mpi[0], BUILD_RSA_PUB_EXP, mpi[1],
-                                               BUILD_RSA_PRIV_EXP, mpi[2], BUILD_RSA_PRIME1, mpi[3],
-                                               BUILD_RSA_PRIME2, mpi[4], BUILD_RSA_COEFF, mpi[5],
+                                               BUILD_RSA_PRIV_EXP, mpi[2], BUILD_RSA_PRIME2, mpi[3],
+                                               BUILD_RSA_PRIME1, mpi[4], BUILD_RSA_COEFF, mpi[5],
                                                BUILD_END);
 }