/// <summary>
/// Creates a new RSA secret key and returns it as a
/// 2 dimensional array of biginteger. return[0] holds
/// the public values of the key and return[1] all the
/// secret values.
/// </summary>
/// <remarks>
/// Creates a new RSA secret key and returns it as a
/// 2 dimensional array of biginteger. return[0] holds
/// the public values of the key and return[1] all the
/// secret values.<br></br>
/// The order of the public components is n, e.
/// The order of the secret components is d, p,
/// q and u.
/// </remarks>
/// <param name="nbits">The size of the key in bits.</param>
/// <returns>A new RSA secret key as a
/// 2 dimensional array of biginteger. return[0] holds
/// the public values of the key and return[1] all the
/// secret values.<br></br>
/// The order of the public components is n, e.
/// The order of the secret components is d, p,
/// q and u.</returns>
/// <exception cref="System.ArgumentException">Throws an
/// Argumentexception if the keysize is not between 768
/// and 4096 bits.</exception>
public override BigInteger[][] Generate(int nbits)
{
BigInteger p, q; /* the two primes */
BigInteger d; /* the private key */
BigInteger u;
BigInteger t1, t2;
BigInteger n = new BigInteger(); /* the public key */
BigInteger e; /* the exponent */
BigInteger phi; /* helper: (p-1)(q-1) */
BigInteger g;
BigInteger f;
Random rand = new Random();
if ((nbits < 768) || (nbits > 4096))
throw new ArgumentException("Only keysizes betwen 768 and 4096 bit are allowed!");
/* make sure that nbits is even so that we generate p, q of equal size */
if ( (nbits&1)==1 )
nbits++;
do {
/* select two (very secret) primes */
p = new BigInteger();
q = new BigInteger();
p = BigInteger.genPseudoPrime(nbits / 2);
q = BigInteger.genPseudoPrime(nbits / 2);
/* p shall be smaller than q (for calc of u)*/
if (q > p) {
BigInteger tmp = p;
p = q;
q = tmp;
}
/* calculate the modulus */
n = p * q;
} while ( n.bitCount() != nbits );
/* calculate Euler totient: phi = (p-1)(q-1) */
t1 = p - new BigInteger(1);
t2 = q - new BigInteger(1);
phi = t1 * t2;
g = t1.gcd(t2);
f = phi / g;
/* find an public exponent.
We use 41 as this is quite fast and more secure than the
commonly used 17.
*/
e = new BigInteger(41);
t1 = e.gcd(phi);
if( t1 != new BigInteger(1) ) {
e = new BigInteger(257);
t1 = e.gcd(phi);
if( t1 != new BigInteger(1) ) {
e = new BigInteger(65537);
t1 = e.gcd(phi);
/* (while gcd is not 1) */
while( t1 != new BigInteger(1) ) {
e += 2;
t1 = e.gcd(phi);
}
}
}
/* calculate the secret key d = e^1 mod phi */
d = e.modInverse(f);
/* calculate the inverse of p and q (used for chinese remainder theorem)*/
u = p.modInverse(q);
RSA_Secret_Key sk = new RSA_Secret_Key();
sk.n = n;
sk.e = e;
sk.p = p;
sk.q = q;
sk.d = d;
sk.u = u;
this.biGeneratedKey = ParseSecretKey(sk);
return this.biGeneratedKey;
/* now we can test our keys (this should never fail!) */
// test_keys( sk, nbits - 64 );
}
