monotone

monotone Mtn Source Tree

Root/cryptopp/pkcspad.cpp

1// pkcspad.cpp - written and placed in the public domain by Wei Dai
2
3#include "pch.h"
4#include "pkcspad.h"
5#include <assert.h>
6
7NAMESPACE_BEGIN(CryptoPP)
8
9template<> const byte PKCS_DigestDecoration<SHA>::decoration[] = {0x30,0x21,0x30,0x09,0x06,0x05,0x2B,0x0E,0x03,0x02,0x1A,0x05,0x00,0x04,0x14};
10template<> const unsigned int PKCS_DigestDecoration<SHA>::length = sizeof(PKCS_DigestDecoration<SHA>::decoration);
11
12template<> const byte PKCS_DigestDecoration<MD2>::decoration[] = {0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x02,0x05,0x00,0x04,0x10};
13template<> const unsigned int PKCS_DigestDecoration<MD2>::length = sizeof(PKCS_DigestDecoration<MD2>::decoration);
14
15template<> const byte PKCS_DigestDecoration<MD5>::decoration[] = {0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x04,0x10};
16template<> const unsigned int PKCS_DigestDecoration<MD5>::length = sizeof(PKCS_DigestDecoration<MD5>::decoration);
17
18template<> const byte PKCS_DigestDecoration<RIPEMD160>::decoration[] = {0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x24,0x03,0x02,0x01,0x05,0x00,0x04,0x14};
19template<> const unsigned int PKCS_DigestDecoration<RIPEMD160>::length = sizeof(PKCS_DigestDecoration<RIPEMD160>::decoration);
20
21template<> const byte PKCS_DigestDecoration<Tiger>::decoration[] = {0x30,0x29,0x30,0x0D,0x06,0x09,0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0C,0x02,0x05,0x00,0x04,0x18};
22template<> const unsigned int PKCS_DigestDecoration<Tiger>::length = sizeof(PKCS_DigestDecoration<Tiger>::decoration);
23
24template<> const byte PKCS_DigestDecoration<SHA256>::decoration[] = {0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20};
25template<> const unsigned int PKCS_DigestDecoration<SHA256>::length = sizeof(PKCS_DigestDecoration<SHA256>::decoration);
26
27template<> const byte PKCS_DigestDecoration<SHA384>::decoration[] = {0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,0x00,0x04,0x30};
28template<> const unsigned int PKCS_DigestDecoration<SHA384>::length = sizeof(PKCS_DigestDecoration<SHA384>::decoration);
29
30template<> const byte PKCS_DigestDecoration<SHA512>::decoration[] = {0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40};
31template<> const unsigned int PKCS_DigestDecoration<SHA512>::length = sizeof(PKCS_DigestDecoration<SHA512>::decoration);
32
33unsigned int PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(unsigned int paddedLength) const
34{
35return SaturatingSubtract(paddedLength/8, 10U);
36}
37
38void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLen, byte *pkcsBlock, unsigned int pkcsBlockLen) const
39{
40assert (inputLen <= MaxUnpaddedLength(pkcsBlockLen));// this should be checked by caller
41
42// convert from bit length to byte length
43if (pkcsBlockLen % 8 != 0)
44{
45pkcsBlock[0] = 0;
46pkcsBlock++;
47}
48pkcsBlockLen /= 8;
49
50pkcsBlock[0] = 2; // block type 2
51
52// pad with non-zero random bytes
53for (unsigned i = 1; i < pkcsBlockLen-inputLen-1; i++)
54pkcsBlock[i] = (byte)rng.GenerateWord32(1, 0xff);
55
56pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator
57memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
58}
59
60DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsigned int pkcsBlockLen, byte *output) const
61{
62bool invalid = false;
63unsigned int maxOutputLen = MaxUnpaddedLength(pkcsBlockLen);
64
65// convert from bit length to byte length
66if (pkcsBlockLen % 8 != 0)
67{
68invalid = (pkcsBlock[0] != 0) || invalid;
69pkcsBlock++;
70}
71pkcsBlockLen /= 8;
72
73// Require block type 2.
74invalid = (pkcsBlock[0] != 2) || invalid;
75
76// skip past the padding until we find the separator
77unsigned i=1;
78while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
79}
80assert(i==pkcsBlockLen || pkcsBlock[i-1]==0);
81
82unsigned int outputLen = pkcsBlockLen - i;
83invalid = (outputLen > maxOutputLen) || invalid;
84
85if (invalid)
86return DecodingResult();
87
88memcpy (output, pkcsBlock+i, outputLen);
89return DecodingResult(outputLen);
90}
91
92// ********************************************************
93
94void PKCS1v15_SignatureMessageEncodingMethod::ComputeMessageRepresentative(RandomNumberGenerator &rng,
95const byte *recoverableMessage, unsigned int recoverableMessageLength,
96HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
97byte *representative, unsigned int representativeBitLength) const
98{
99unsigned int digestSize = hash.DigestSize();
100if (digestSize + hashIdentifier.second + 10 > representativeBitLength/8)
101throw PK_Signer::KeyTooShort();
102
103unsigned int pkcsBlockLen = representativeBitLength;
104// convert from bit length to byte length
105if (pkcsBlockLen % 8 != 0)
106{
107representative[0] = 0;
108representative++;
109}
110pkcsBlockLen /= 8;
111
112representative[0] = 1; // block type 1
113
114byte *pPadding = representative + 1;
115byte *pDigest = representative + pkcsBlockLen - digestSize;
116byte *pHashId = pDigest - hashIdentifier.second;
117byte *pSeparator = pHashId - 1;
118
119// pad with 0xff
120memset(pPadding, 0xff, pSeparator-pPadding);
121*pSeparator = 0;
122memcpy(pHashId, hashIdentifier.first, hashIdentifier.second);
123hash.Final(pDigest);
124}
125
126NAMESPACE_END

Archive Download this file

Branches

Tags

Quick Links:     www.monotone.ca    -     Downloads    -     Documentation    -     Wiki    -     Code Forge    -     Build Status