aboutsummaryrefslogtreecommitdiff
path: root/src/libsec/port/gensafeprime.c
blob: 0a069b45854b310480a66a92b9be4228b0a7a528 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#include "os.h"
#include <mp.h>
#include <libsec.h>

/* find a prime p of length n and a generator alpha of Z^*_p */
/* Alg 4.86 Menezes et al () Handbook, p.164 */
void
gensafeprime(mpint *p, mpint *alpha, int n, int accuracy)
{
	mpint *q, *b;

	q = mpnew(n-1);
	while(1){
		genprime(q, n-1, accuracy);
		mpleft(q, 1, p);
		mpadd(p, mpone, p); /* p = 2*q+1 */
		if(probably_prime(p, accuracy))
			break;
	}
	/* now find a generator alpha of the multiplicative */
	/* group Z*_p of order p-1=2q */
	b = mpnew(0);
	while(1){
		mprand(n, genrandom, alpha);
		mpmod(alpha, p, alpha);
		mpmul(alpha, alpha, b);
		mpmod(b, p, b);
		if(mpcmp(b, mpone) == 0)
			continue;
		mpexp(alpha, q, p, b);
		if(mpcmp(b, mpone) != 0)
			break;
	}
	mpfree(b);
	mpfree(q);
}