00001
00002
00003 #include "pch.h"
00004
00005 #ifndef CRYPTOPP_IMPORTS
00006
00007 #include "oaep.h"
00008 #include "stdcpp.h"
00009 #include "smartptr.h"
00010
00011 NAMESPACE_BEGIN(CryptoPP)
00012
00013
00014
00015 size_t OAEP_Base::MaxUnpaddedLength(size_t paddedLength) const
00016 {
00017 return SaturatingSubtract(paddedLength/8, 1+2*DigestSize());
00018 }
00019
00020 void OAEP_Base::Pad(RandomNumberGenerator &rng, const byte *input, size_t inputLength, byte *oaepBlock, size_t oaepBlockLen, const NameValuePairs ¶meters) const
00021 {
00022 assert (inputLength <= MaxUnpaddedLength(oaepBlockLen));
00023
00024
00025 if (oaepBlockLen % 8 != 0)
00026 {
00027 oaepBlock[0] = 0;
00028 oaepBlock++;
00029 }
00030 oaepBlockLen /= 8;
00031
00032 member_ptr<HashTransformation> pHash(NewHash());
00033 const size_t hLen = pHash->DigestSize();
00034 const size_t seedLen = hLen, dbLen = oaepBlockLen-seedLen;
00035 byte *const maskedSeed = oaepBlock;
00036 byte *const maskedDB = oaepBlock+seedLen;
00037
00038 ConstByteArrayParameter encodingParameters;
00039 parameters.GetValue(Name::EncodingParameters(), encodingParameters);
00040
00041
00042 pHash->CalculateDigest(maskedDB, encodingParameters.begin(), encodingParameters.size());
00043 memset(maskedDB+hLen, 0, dbLen-hLen-inputLength-1);
00044 maskedDB[dbLen-inputLength-1] = 0x01;
00045 memcpy(maskedDB+dbLen-inputLength, input, inputLength);
00046
00047 rng.GenerateBlock(maskedSeed, seedLen);
00048 member_ptr<MaskGeneratingFunction> pMGF(NewMGF());
00049 pMGF->GenerateAndMask(*pHash, maskedDB, dbLen, maskedSeed, seedLen);
00050 pMGF->GenerateAndMask(*pHash, maskedSeed, seedLen, maskedDB, dbLen);
00051 }
00052
00053 DecodingResult OAEP_Base::Unpad(const byte *oaepBlock, size_t oaepBlockLen, byte *output, const NameValuePairs ¶meters) const
00054 {
00055 bool invalid = false;
00056
00057
00058 if (oaepBlockLen % 8 != 0)
00059 {
00060 invalid = (oaepBlock[0] != 0) || invalid;
00061 oaepBlock++;
00062 }
00063 oaepBlockLen /= 8;
00064
00065 member_ptr<HashTransformation> pHash(NewHash());
00066 const size_t hLen = pHash->DigestSize();
00067 const size_t seedLen = hLen, dbLen = oaepBlockLen-seedLen;
00068
00069 invalid = (oaepBlockLen < 2*hLen+1) || invalid;
00070
00071 SecByteBlock t(oaepBlock, oaepBlockLen);
00072 byte *const maskedSeed = t;
00073 byte *const maskedDB = t+seedLen;
00074
00075 member_ptr<MaskGeneratingFunction> pMGF(NewMGF());
00076 pMGF->GenerateAndMask(*pHash, maskedSeed, seedLen, maskedDB, dbLen);
00077 pMGF->GenerateAndMask(*pHash, maskedDB, dbLen, maskedSeed, seedLen);
00078
00079 ConstByteArrayParameter encodingParameters;
00080 parameters.GetValue(Name::EncodingParameters(), encodingParameters);
00081
00082
00083 byte *M = std::find(maskedDB+hLen, maskedDB+dbLen, 0x01);
00084 invalid = (M == maskedDB+dbLen) || invalid;
00085 invalid = (std::find_if(maskedDB+hLen, M, std::bind2nd(std::not_equal_to<byte>(), byte(0))) != M) || invalid;
00086 invalid = !pHash->VerifyDigest(maskedDB, encodingParameters.begin(), encodingParameters.size()) || invalid;
00087
00088 if (invalid)
00089 return DecodingResult();
00090
00091 M++;
00092 memcpy(output, M, maskedDB+dbLen-M);
00093 return DecodingResult(maskedDB+dbLen-M);
00094 }
00095
00096 NAMESPACE_END
00097
00098 #endif