diff options
Diffstat (limited to 'cipher/rsa.c')
-rw-r--r-- | cipher/rsa.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/cipher/rsa.c b/cipher/rsa.c index 9a8d235b..25e9d102 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -700,7 +700,12 @@ stronger_key_check ( RSA_secret_key *skey ) * * m = c^d mod n * - * Or faster: + * Or faster using Garner's Algorithm. Note that u is *not* the + * coefficient from RFC 3447 (PKCS#1), but the multiplicative inverse of + * p, mod q, from RFC 4880 (OpenPGP). + * + * (precomputed:) + * u = p ^ -1 mod q * * m1 = c ^ (d mod (p-1)) mod p * m2 = c ^ (d mod (q-1)) mod q @@ -738,7 +743,7 @@ secret (gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey ) if ( mpi_has_sign ( h ) ) mpi_add ( h, h, skey->q ); mpi_mulm( h, skey->u, h, skey->q ); - /* m = m2 + h * p */ + /* m = m1 + h * p */ mpi_mul ( h, h, skey->p ); mpi_add ( output, m1, h ); |