public byte[] RSASSA_PSS_Sign(PrivateKey privateKey, byte[] M)
{
int k = privateKey.GetOctetsLength;
byte[] EM = EMSA_PSS_Encoding(M, k * 8 - 1, DEFAULT_SALT_LENGTH);
var m = dataPrimitives.OS2IP(M);
var s = cryptoPrimitives.RSASP1(privateKey, m);
return(dataPrimitives.I2OSP(s, k));
}
/// <summary>
/// Method that combines RSAEP and EME-PKCS1 encoding
/// </summary>
/// <param name="publicKey">Object that represents public key. Instance of <see cref="PublicKey"/></param>
/// <param name="M">Message to be encrypted, an octet string of length mLen, where mLen <= k - 11</param>
/// <returns>Ciphertext, an octet string of length k</returns>
public byte[] RSAES_PKCS1_Encrypt(PublicKey publicKey, byte[] M)
{
int k = publicKey.GetOctetsLength;
if (M.Length > k - 11)
{
throw new MessageTooLongException("Message too long");
}
byte[] EM = EME_PKCS1_Encoding(k, M);
BigInteger m = dataPrimitives.OS2IP(EM);
BigInteger c = cryptoPrimitives.RSAEP(publicKey, m);
byte[] C = dataPrimitives.I2OSP(c, k);
return(C);
}
/// <summary>
/// Method that combines <see cref="CryptoPrimitives.RSAEP(PublicKey, BigInteger)"/>
/// and <see cref="EME_OAEP_Encoding(byte[], byte[], int, HashAlgorithm)"/>
/// </summary>
/// <param name="publicKey">Object that represents public key. Instance of <see cref="PublicKey"/></param>
/// <param name="message">
/// Message to be encrypted, an octet string of length mLen, where mLen <= k - 2hLen - 2
/// </param>
/// <param name="label">
/// Optional label to be associated with the message; the
/// default value for L, if L is not provided, is the empty string.
/// </param>
/// <param name="hash">
/// Hash function (hLen denotes the length in octets of
/// the hash function output)
/// </param>
/// <returns>Ciphertext, an octet string of length k</returns>
/// <exception cref="MessageTooLongException">Thrown when <paramref name="message"/>
/// Thrown when message length > k - 2 * hLen -2
/// </exception>
public byte[] RSAES_OAEP_Encrypt(PublicKey publicKey, byte[] message, byte[] label, HashAlgorithm hash)
{
int k = publicKey.GetOctetsLength;
int hLen = hash.HashSize / 8;
// TO DO LABEL LENGTH CHECK
if (message.Length > k - 2 * hLen - 2)
{
throw new MessageTooLongException("Message to long!");
}
byte[] EM = EME_OAEP_Encoding(message, label, k, hash);
BigInteger m = dataPrimitives.OS2IP(EM);
BigInteger c = cryptoPrimitives.RSAEP(publicKey, m);
return(dataPrimitives.I2OSP(c, k));
}
private void TestDataPrimitive(string testString)
{
BigInteger integer = dataPrimitives.OS2IP(Encoding.UTF8.GetBytes(testString));
byte[] bytes = dataPrimitives.I2OSP(integer, Encoding.UTF8.GetBytes(testString).Length);
string actual = Encoding.UTF8.GetString(bytes, 0, bytes.Length);
Assert.AreEqual(testString, actual);
}
/// <summary>
/// MGF1 is a mask generation function, based on a
/// hash function. MGF1 coincides with the mask generation functions
/// defined in IEEE Std 1363-2000 and the draft ANSI X9.44.
/// </summary>
/// <param name="mgfSeed">Seed from which mask is generated, an octet string</param>
/// <param name="maskLen">Intended length in octets of the mask, at most 2^32 hLen</param>
/// <param name="hash">
/// Hash function (hLen denotes the length in octets of the hash
/// function output)
/// </param>
/// <returns>An octet string of length maskLen</returns>
/// <exception cref="MaskTooLongException">
/// Thrown when maskLen > 2^32*hLen
/// </exception>
public byte[] MGF1(byte[] mgfSeed, int maskLen, HashAlgorithm hash)
{
int hLen = hash.HashSize / 8;
if (maskLen > BigInteger.Pow(2, 32) * hLen)
{
throw new MaskTooLongException("Mask too long");
}
byte[] T = new byte[0];
for (BigInteger counter = 0; counter < (maskLen - 1) / hLen + 1; counter++)
{
byte[] C = dataPrimitives.I2OSP(counter, 4);
byte[] H = hash.ComputeHash(ByteArraysUtils.Concat(mgfSeed, C));
T = ByteArraysUtils.Concat(T, H);
}
return(ByteArraysUtils.GetSubArray(T, 0, maskLen));
}