Mark
> Hiya
>
> I don't really understand the math, but it seems to me that it finds
> prime candidates then tests them for primeness. Is there a way to make
> it test even more rigorously?
As much as I know RSA p and q are not strong primes.
In rsa_gen.c where p and q are generated you'll find the call
rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
Change the third parameter from 0 to 1 and you'll have
(something like) a strong prime. I just took a very short
look to BN_generate_prime() and I think the additioal
test is wheter (p-1)/2 has a large prime factor. (Same for q).
Doing that a 1024 bit RSA key generation may take up to
1 minute.
Regards Rene
--
-----------------------------------------------------------
Rene G. Eberhard
Mail : [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
