setting the two most significant bits assures an RSA modulus of maximum bit size

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index c58097f88954ccd68b1e9e80f2bd84e9196c3408..211ce411e08f0a926cab9edec5dba8bb1dc52193 100644 (file)
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -149,8 +149,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this,
        do
        {
                rng->allocate_bytes(rng, prime_size, &random_bytes);
-               /* make sure most significant bit is set */
-               random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80;
+               /* make sure the two most significant bits are set */
+               random_bytes.ptr[0] = random_bytes.ptr[0] | 0xC0;
 
                mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
                mpz_nextprime (*prime, *prime);