From cbfafc112557cc22e667b1c924c4c27695083b8c Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@strongswan.org>
Date: Mon, 17 Aug 2009 15:30:20 +0200
Subject: enforce RSA_PRIME1 > RSA_PRIME2 (p > q) in PGP

---
 src/libstrongswan/plugins/pgp/pgp_builder.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/libstrongswan/plugins/pgp/pgp_builder.c')

diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index 8a6fc76b8..e3b370eee 100644
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -202,10 +202,11 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
 			return NULL;
 		}
 	}
+	/* PGP has uses p < q, but we use p > q */
 	return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, 
 						BUILD_RSA_MODULUS, mpi[0], BUILD_RSA_PUB_EXP, mpi[1],
-						BUILD_RSA_PRIV_EXP, mpi[2], BUILD_RSA_PRIME1, mpi[3],
-						BUILD_RSA_PRIME2, mpi[4], BUILD_RSA_COEFF, mpi[5],
+						BUILD_RSA_PRIV_EXP, mpi[2], BUILD_RSA_PRIME2, mpi[3],
+						BUILD_RSA_PRIME1, mpi[4], BUILD_RSA_COEFF, mpi[5],
 						BUILD_END);
 }
 
-- 
cgit v1.2.3