public override byte[] EncryptValue (byte[] rgb)
{
if (m_disposed)
throw new ObjectDisposedException ("public key");
if (!keypairGenerated)
GenerateKeyPair ();
BigInteger input = new BigInteger (rgb);
BigInteger output = input.ModPow (e, n);
byte[] result = output.GetBytes ();
// zeroize value
input.Clear ();
output.Clear ();
return result;
}
public override byte[] DecryptValue (byte[] rgb)
{
if (m_disposed)
throw new ObjectDisposedException ("private key");
// decrypt operation is used for signature
if (!keypairGenerated)
GenerateKeyPair ();
BigInteger input = new BigInteger (rgb);
BigInteger r = null;
// we use key blinding (by default) against timing attacks
if (keyBlinding) {
// x = (r^e * g) mod n
// *new* random number (so it's timing is also random)
r = BigInteger.GenerateRandom (n.BitCount ());
input = r.ModPow (e, n) * input % n;
}
BigInteger output;
// decrypt (which uses the private key) can be
// optimized by using CRT (Chinese Remainder Theorem)
if (isCRTpossible) {
// m1 = c^dp mod p
BigInteger m1 = input.ModPow (dp, p);
// m2 = c^dq mod q
BigInteger m2 = input.ModPow (dq, q);
BigInteger h;
if (m2 > m1) {
// thanks to benm!
h = p - ((m2 - m1) * qInv % p);
output = m2 + q * h;
} else {
// h = (m1 - m2) * qInv mod p
h = (m1 - m2) * qInv % p;
// m = m2 + q * h;
output = m2 + q * h;
}
} else {
// m = c^d mod n
output = input.ModPow (d, n);
}
if (keyBlinding) {
// Complete blinding
// x^e / r mod n
output = output * r.ModInverse (n) % n;
r.Clear ();
}
byte[] result = output.GetBytes ();
// zeroize values
input.Clear ();
output.Clear ();
return result;
}
public override byte[] DecryptValue (byte[] rgb)
{
if (m_disposed)
throw new ObjectDisposedException ("private key");
// decrypt operation is used for signature
if (!keypairGenerated)
GenerateKeyPair ();
BigInteger input = new BigInteger (rgb);
BigInteger r = null;
// we use key blinding (by default) against timing attacks
if (keyBlinding) {
// x = (r^e * g) mod n
// *new* random number (so it's timing is also random)
r = BigInteger.GenerateRandom (n.BitCount ());
input = r.ModPow (e, n) * input % n;
}
BigInteger output;
// decrypt (which uses the private key) can be
// optimized by using CRT (Chinese Remainder Theorem)
if (isCRTpossible) {
// m1 = c^dp mod p
BigInteger m1 = input.ModPow (dp, p);
// m2 = c^dq mod q
BigInteger m2 = input.ModPow (dq, q);
BigInteger h;
if (m2 > m1) {
// thanks to benm!
h = p - ((m2 - m1) * qInv % p);
output = m2 + q * h;
} else {
// h = (m1 - m2) * qInv mod p
h = (m1 - m2) * qInv % p;
// m = m2 + q * h;
output = m2 + q * h;
}
} else if (!PublicOnly) {
// m = c^d mod n
output = input.ModPow (d, n);
} else {
throw new CryptographicException (Locale.GetText ("Missing private key to decrypt value."));
}
if (keyBlinding) {
// Complete blinding
// x^e / r mod n
output = output * r.ModInverse (n) % n;
r.Clear ();
}
// it's sometimes possible for the results to be a byte short
// and this can break some software (see #79502) so we 0x00 pad the result
byte[] result = GetPaddedValue (output, (KeySize >> 3));
// zeroize values
input.Clear ();
output.Clear ();
return result;
}
public override byte[] EncryptValue (byte[] rgb)
{
if (m_disposed)
throw new ObjectDisposedException ("public key");
if (!keypairGenerated)
GenerateKeyPair ();
BigInteger input = new BigInteger (rgb);
BigInteger output = input.ModPow (e, n);
// it's sometimes possible for the results to be a byte short
// and this can break some software (see #79502) so we 0x00 pad the result
byte[] result = GetPaddedValue (output, (KeySize >> 3));
// zeroize value
input.Clear ();
output.Clear ();
return result;
}
public override byte[] DecryptValue (byte[] rgb)
{
if (m_disposed)
throw new ObjectDisposedException ("private key");
// decrypt operation is used for signature
if (!keypairGenerated)
GenerateKeyPair ();
BigInteger input = new BigInteger (rgb);
BigInteger output;
// decrypt (which uses the private key) can be
// optimized by using CRT (Chinese Remainder Theorem)
if (isCRTpossible) {
// m1 = c^dp mod p
BigInteger m1 = input.ModPow (dp, p);
// m2 = c^dq mod q
BigInteger m2 = input.ModPow (dq, q);
BigInteger h;
if (m2 > m1) {
// thanks to benm!
h = p - ((m2 - m1) * qInv % p);
output = m2 + q * h;
}
else {
// h = (m1 - m2) * qInv mod p
h = (m1 - m2) * qInv % p;
// m = m2 + q * h;
output = m2 + q * h;
}
}
else {
// m = c^d mod n
output = input.ModPow (d, n);
}
byte[] result = output.GetBytes ();
// zeroize value
input.Clear ();
output.Clear ();
return result;
}
