code review 7948044: crypto/rsa: don't correct private exponent unless needed.

crypto/rsa: don't correct private exponent unless needed.

At some point in the past, I believe the GCD algorithm was setting d to
be negative. The RSA code has been correcting that ever since but, now,
it appears to have changed and the correction isn't needed.

Having d be too large is harmless, it's just a little odd and I
happened to notice.

[agl1, 2013-03-21 21:10:09]

Hello golang-dev@googlegroups.com (cc: golang-dev@googlegroups.com),

I'd like you to review this change to
https://code.google.com/p/go/

[rsc, 2013-03-21 21:13:16]

Why do you think priv.D cannot come back negative? I don't see that
documented, and on a quick glance at the code I don't see that it's obvious.

[agl1, 2013-03-22 14:52:06]

On Thu, Mar 21, 2013 at 5:13 PM, Russ Cox <rsc@golang.org> wrote:
> Why do you think priv.D cannot come back negative? I don't see that
> documented, and on a quick glance at the code I don't see that it's obvious.

I don't believe that it cannot come back negative. I think that it
used to /always/ come back negative and so the correction was applied
uniformly. This no longer appears to be the case, so the correction is
now conditional.


Cheers

AGL

[rsc, 2013-03-25 20:11:07]

LGTM

I suck at reading diffs.

[agl1, 2013-03-25 23:08:41]

*** Submitted as https://code.google.com/p/go/source/detail?r=892655b57e28 ***

crypto/rsa: don't correct private exponent unless needed.

At some point in the past, I believe the GCD algorithm was setting d to
be negative. The RSA code has been correcting that ever since but, now,
it appears to have changed and the correction isn't needed.

Having d be too large is harmless, it's just a little odd and I
happened to notice.

R=golang-dev, rsc
CC=golang-dev
https://codereview.appspot.com/7948044