Mercurial > dropbear

comparison libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 #include "tomcrypt.h" 9 #include "tomcrypt.h"
12 10
13 /** 11 /**
14 @file pkcs_1_oaep_encode.c 12 @file pkcs_1_oaep_encode.c
15 OAEP Padding for LTC_PKCS #1, Tom St Denis 13 OAEP Padding for PKCS #1, Tom St Denis
16 */ 14 */
17 15
18 #ifdef LTC_PKCS_1 16 #ifdef LTC_PKCS_1
19 17
20 /** 18 /**
21 LTC_PKCS #1 v2.00 OAEP encode 19 PKCS #1 v2.00 OAEP encode
22 @param msg The data to encode 20 @param msg The data to encode
23 @param msglen The length of the data to encode (octets) 21 @param msglen The length of the data to encode (octets)
24 @param lparam A session or system parameter (can be NULL) 22 @param lparam A session or system parameter (can be NULL)
25 @param lparamlen The length of the lparam data 23 @param lparamlen The length of the lparam data
26 @param modulus_bitlen The bit length of the RSA modulus 24 @param modulus_bitlen The bit length of the RSA modulus
44 LTC_ARGCHK(msg != NULL); 42 LTC_ARGCHK(msg != NULL);
45 LTC_ARGCHK(out != NULL); 43 LTC_ARGCHK(out != NULL);
46 LTC_ARGCHK(outlen != NULL); 44 LTC_ARGCHK(outlen != NULL);
47 45
48 /* test valid hash */ 46 /* test valid hash */
49 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { 47 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
50 return err; 48 return err;
51 } 49 }
52 50
53 /* valid prng */ 51 /* valid prng */
54 if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { 52 if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
118 goto LBL_ERR; 116 goto LBL_ERR;
119 } 117 }
120 118
121 /* xor against DB */ 119 /* xor against DB */
122 for (y = 0; y < (modulus_len - hLen - 1); y++) { 120 for (y = 0; y < (modulus_len - hLen - 1); y++) {
123 DB[y] ^= mask[y]; 121 DB[y] ^= mask[y];
124 } 122 }
125 123
126 /* compute MGF1 of maskedDB (hLen) */ 124 /* compute MGF1 of maskedDB (hLen) */
127 if ((err = pkcs_1_mgf1(hash_idx, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) { 125 if ((err = pkcs_1_mgf1(hash_idx, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) {
128 goto LBL_ERR; 126 goto LBL_ERR;
129 } 127 }
130 128
131 /* XOR against seed */ 129 /* XOR against seed */
147 x += hLen; 145 x += hLen;
148 XMEMCPY(out+x, DB, modulus_len - hLen - 1); 146 XMEMCPY(out+x, DB, modulus_len - hLen - 1);
149 x += modulus_len - hLen - 1; 147 x += modulus_len - hLen - 1;
150 148
151 *outlen = x; 149 *outlen = x;
152 150
153 err = CRYPT_OK; 151 err = CRYPT_OK;
154 LBL_ERR: 152 LBL_ERR:
155 #ifdef LTC_CLEAN_STACK 153 #ifdef LTC_CLEAN_STACK
156 zeromem(DB, modulus_len); 154 zeromem(DB, modulus_len);
157 zeromem(seed, hLen); 155 zeromem(seed, hLen);
166 } 164 }
167 165
168 #endif /* LTC_PKCS_1 */ 166 #endif /* LTC_PKCS_1 */
169 167
170 168
171 /* $Source$ */ 169 /* ref: $Format:%D$ */
172 /* $Revision$ */ 170 /* git commit: $Format:%H$ */
173 /* $Date$ */ 171 /* commit time: $Format:%ai$ */