On Mon, Mar 24, 2003 at 05:14:26PM +0000, Jim Darby wrote: > A bijou problemette in rsa.cpp. When doing the blinding when computing the RSA > Private Inverse function (InvertibleRSAFunction::CalculateInverse) there is no > check to ensure the random number used for blinding (r) has gcd (r,n) == 1. A > a result of this there is a chance that the method will throw a > ``computational error during private key operation'' exception when it need > not.
I'll fix this for people using small numbers for testing. > Sort of on the subject, asking Crypto++ to generate RSA keys has a possibility > of creating invalid ones. Going back to my 16-bit keys (I know this is an > extreme example, but it makes the probabilities higher) it can choose p = 233 > and q = 211 (using e = 3 as before). With these values it is impossible to > calculate d as there is no d such that ed = 1 mod phi. The algorithm for generating small primes is not checking for e being relatively prime to p-1. This isn't a problem for real keysizes because the algorithm for generating large primes (> 2^16) does check, but I'll get it fixed.
