Mercurial > dropbear

comparison libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c @ 382:0cbe8f6dbf9e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f) to branch 'au.asn.ucc.matt.dropbear' (head 02c413252c90e9de8e03d91e9939dde3029f5c0a)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 11 Jan 2007 02:41:05 +0000
parents 1b9e69c058d2
children f849a5ca2efc
comparison
equal deleted inserted replaced
379:b66a00272a90 382:0cbe8f6dbf9e
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 * 8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org 9 * Tom St Denis, [email protected], http://libtomcrypt.com
10 */ 10 */
11 #include "tomcrypt.h" 11 #include "tomcrypt.h"
12 12
13 /** 13 /**
14 @file pkcs_1_oaep_decode.c 14 @file pkcs_1_oaep_decode.c
99 /* now read the masked DB */ 99 /* now read the masked DB */
100 XMEMCPY(DB, msg + x, modulus_len - hLen - 1); 100 XMEMCPY(DB, msg + x, modulus_len - hLen - 1);
101 x += modulus_len - hLen - 1; 101 x += modulus_len - hLen - 1;
102 102
103 /* compute MGF1 of maskedDB (hLen) */ 103 /* compute MGF1 of maskedDB (hLen) */
104 if ((err = pkcs_1_mgf1(DB, modulus_len - hLen - 1, hash_idx, mask, hLen)) != CRYPT_OK) { 104 if ((err = pkcs_1_mgf1(hash_idx, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) {
105 goto LBL_ERR; 105 goto LBL_ERR;
106 } 106 }
107 107
108 /* XOR against seed */ 108 /* XOR against seed */
109 for (y = 0; y < hLen; y++) { 109 for (y = 0; y < hLen; y++) {
110 seed[y] ^= mask[y]; 110 seed[y] ^= mask[y];
111 } 111 }
112 112
113 /* compute MGF1 of seed (k - hlen - 1) */ 113 /* compute MGF1 of seed (k - hlen - 1) */
114 if ((err = pkcs_1_mgf1(seed, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) { 114 if ((err = pkcs_1_mgf1(hash_idx, seed, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
115 goto LBL_ERR; 115 goto LBL_ERR;
116 } 116 }
117 117
118 /* xor against DB */ 118 /* xor against DB */
119 for (y = 0; y < (modulus_len - hLen - 1); y++) { 119 for (y = 0; y < (modulus_len - hLen - 1); y++) {
134 goto LBL_ERR; 134 goto LBL_ERR;
135 } 135 }
136 } 136 }
137 137
138 /* compare the lhash'es */ 138 /* compare the lhash'es */
139 if (memcmp(seed, DB, hLen) != 0) { 139 if (XMEMCMP(seed, DB, hLen) != 0) {
140 err = CRYPT_OK; 140 err = CRYPT_OK;
141 goto LBL_ERR; 141 goto LBL_ERR;
142 } 142 }
143 143
144 /* now zeroes before a 0x01 */ 144 /* now zeroes before a 0x01 */
146 /* step... */ 146 /* step... */
147 } 147 }
148 148
149 /* error out if wasn't 0x01 */ 149 /* error out if wasn't 0x01 */
150 if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) { 150 if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) {
151 err = CRYPT_OK; 151 err = CRYPT_INVALID_PACKET;
152 goto LBL_ERR; 152 goto LBL_ERR;
153 } 153 }
154 154
155 /* rest is the message (and skip 0x01) */ 155 /* rest is the message (and skip 0x01) */
156 if ((modulus_len - hLen - 1) - ++x > *outlen) { 156 if ((modulus_len - hLen - 1 - ++x) > *outlen) {
157 *outlen = modulus_len - hLen - 1 - x;
157 err = CRYPT_BUFFER_OVERFLOW; 158 err = CRYPT_BUFFER_OVERFLOW;
158 goto LBL_ERR; 159 goto LBL_ERR;
159 } 160 }
160 161
161 /* copy message */ 162 /* copy message */
162 *outlen = (modulus_len - hLen - 1) - x; 163 *outlen = modulus_len - hLen - 1 - x;
163 XMEMCPY(out, DB + x, modulus_len - hLen - 1 - x); 164 XMEMCPY(out, DB + x, modulus_len - hLen - 1 - x);
164 x += modulus_len - hLen - 1; 165 x += modulus_len - hLen - 1;
165 166
166 /* valid packet */ 167 /* valid packet */
167 *res = 1; 168 *res = 1;
182 } 183 }
183 184
184 #endif /* PKCS_1 */ 185 #endif /* PKCS_1 */
185 186
186 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c,v $ */ 187 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c,v $ */
187 /* $Revision: 1.5 $ */ 188 /* $Revision: 1.11 $ */
188 /* $Date: 2005/06/18 02:37:06 $ */ 189 /* $Date: 2006/11/01 09:28:17 $ */