Hi All When rsa_crpt.c needs to do blinding of the exponent d and doesn't have the exponent e, it calculates e from d using Euler's phi function (function rsa_get_public_exp). But what if the original exponents e and d were generated using Carmichaels lambda function instead of Euler like the ietf rfc stipulates? Does the Euler based blinding still work?
https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_crpt.c
