LibCrypto: Add optimized RSA decryption with CRT method

The textbook RSA decryption method of `c^d % n` is quite slow. If the necessary parameters are present, the CRT variant will be used. Performing RSA decryption this way is ~3 times faster.
Author: https://github.com/devgianlu Commit: 57cc248883 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2928
2025-08-07 00:29:15 +00:00 · 2024-12-15 16:16:17 +01:00 · 2024-12-15 16:16:17 +01:00 · 57cc248883 · 2024-12-15 22:32:40 +00:00
commit 57cc248883
parent ec990d620f
1 changed files with 16 additions and 4 deletions
--- a/Libraries/LibCrypto/PK/RSA.cpp
+++ b/Libraries/LibCrypto/PK/RSA.cpp
@ -133,12 +133,24 @@ void RSA::encrypt(ReadonlyBytes in, Bytes& out)
 void RSA::decrypt(ReadonlyBytes in, Bytes& out)
 {
    // FIXME: Actually use the private key properly
    auto in_integer = UnsignedBigInteger::import_data(in.data(), in.size());
    auto exp = NumberTheory::ModularPower(in_integer, m_private_key.private_exponent(), m_private_key.modulus());
    auto size = exp.export_data(out);
    UnsignedBigInteger m;
    if (m_private_key.prime1().is_zero() || m_private_key.prime2().is_zero()) {
        m = NumberTheory::ModularPower(in_integer, m_private_key.private_exponent(), m_private_key.modulus());
    } else {
        auto m1 = NumberTheory::ModularPower(in_integer, m_private_key.exponent1(), m_private_key.prime1());
        auto m2 = NumberTheory::ModularPower(in_integer, m_private_key.exponent2(), m_private_key.prime2());
        if (m1 < m2)
            m1 = m1.plus(m_private_key.prime1());
        VERIFY(m1 >= m2);
        auto h = NumberTheory::Mod(m1.minus(m2).multiplied_by(m_private_key.coefficient()), m_private_key.prime1());
        m = m2.plus(h.multiplied_by(m_private_key.prime2()));
    }
    auto size = m.export_data(out);
    auto align = m_private_key.length();
    auto aligned_size = (size + align - 1) / align * align;