private byte[] EncodeOAEP(byte[] message, byte[] p, bool usePrivate)
{
var mLen = message.Length;
if (mLen > _rsaConfig.OctetsInModulus - 2 * _rsaConfig.hLen - 2)
{
throw new ArgumentException("message too long.");
}
else
{
var ps = new byte[_rsaConfig.OctetsInModulus - mLen - 2 * _rsaConfig.hLen - 2];
var pHash = _rsaConfig.ComputeHash(p);
var db = new List <byte>();
db.AddRange(pHash);
db.AddRange(ps);
db.Add(0x01);
db.AddRange(message);
var dbArr = db.ToArray();
var seed = new byte[_rsaConfig.hLen];
_randomGen.GetBytes(seed);
var dbMask = GenerateMask(seed, _rsaConfig.OctetsInModulus - _rsaConfig.hLen - 1);
var maskedDB = RSAHelper.XOR(dbArr, dbMask);
var seedMask = GenerateMask(maskedDB, _rsaConfig.hLen);
var maskedSeed = RSAHelper.XOR(seed, seedMask);
var result = new List <byte>();
result.Add(0x00);
result.AddRange(maskedSeed);
result.AddRange(maskedDB);
return(CrunchRSA(result.ToArray(), usePrivate));
}
}
private byte[] Decrypt(byte[] message, byte[] parameters, bool usePrivate, bool fOAEP)
{
var EM = new byte[0];
try
{
if ((usePrivate == true) && (FastPrivateDecrypt) && (_rsaConfig.HasCRTInfo))
{
EM = PrivateDecryptFast(message);
}
else
{
EM = CrunchRSA(message, usePrivate);
}
}
catch (CryptographicException ex)
{
throw new CryptographicException("Exception while Decryption: " + ex.Message);
}
catch
{
throw new Exception("Exception while Decryption: ");
}
try
{
if (fOAEP)
{
if ((EM.Length == _rsaConfig.OctetsInModulus) && (EM.Length > (2 * _rsaConfig.hLen + 1)))
{
byte[] maskedSeed;
byte[] maskedDB;
byte[] pHash = _rsaConfig.ComputeHash(parameters);
if (EM[0] == 0)
{
maskedSeed = EM.ToList().GetRange(1, _rsaConfig.hLen).ToArray();
maskedDB = EM.ToList().GetRange(1 + _rsaConfig.hLen, EM.Length - _rsaConfig.hLen - 1).ToArray();
var seedMask = GenerateMask(maskedDB, _rsaConfig.hLen);
var seed = RSAHelper.XOR(maskedSeed, seedMask);
var dbMask = GenerateMask(seed, _rsaConfig.OctetsInModulus - _rsaConfig.hLen - 1);
var DB = RSAHelper.XOR(maskedDB, dbMask);
if (DB.Length >= (_rsaConfig.hLen + 1))
{
var _pHash = DB.ToList().GetRange(0, _rsaConfig.hLen).ToArray();
var PS_M = DB.ToList().GetRange(_rsaConfig.hLen, DB.Length - _rsaConfig.hLen);
var pos = PS_M.IndexOf(0x01);
if (pos >= 0 && (pos < PS_M.Count))
{
var _01_M = PS_M.GetRange(pos, PS_M.Count - pos);
byte[] M;
if (_01_M.Count > 1)
{
M = _01_M.GetRange(1, _01_M.Count - 1).ToArray();
}
else
{
M = new byte[0];
}
var success = true;
for (var i = 0; i < _rsaConfig.hLen; i++)
{
if (_pHash[i] != pHash[i])
{
success = false;
break;
}
}
if (success)
{
return(M);
}
else
{
M = new byte[_rsaConfig.OctetsInModulus];
throw new CryptographicException("OAEP Decode Error");
}
}
else
{
throw new CryptographicException("OAEP Decode Error");
}
}
else
{
throw new CryptographicException("OAEP Decode Error");
}
}
else
{
throw new CryptographicException("OAEP Decode Error");
}
}
else
{
throw new CryptographicException("OAEP Decode Error");
}
}
else
{
if (EM.Length >= 11)
{
if ((EM[0] == 0x00) && (EM[1] == 0x02))
{
var startIndex = 2;
var PS = new List <byte>();
for (var i = startIndex; i < EM.Length; i++)
{
if (EM[i] != 0)
{
PS.Add(EM[i]);
}
else
{
break;
}
}
if (PS.Count >= 8)
{
var DecodedDataIndex = startIndex + PS.Count + 1;
if (DecodedDataIndex < (EM.Length - 1))
{
var DATA = new List <byte>();
for (int i = DecodedDataIndex; i < EM.Length; i++)
{
DATA.Add(EM[i]);
}
return(DATA.ToArray());
}
else
{
return(new byte[0]);
}
}
else
{
throw new CryptographicException("PKCS v1.5 Decode Error");
}
}
else
{
throw new CryptographicException("PKCS v1.5 Decode Error");
}
}
else
{
throw new CryptographicException("PKCS v1.5 Decode Error");
}
}
}
catch (CryptographicException ex)
{
throw new CryptographicException("Exception while decoding: " + ex.Message);
}
catch
{
throw new CryptographicException("Exception while decoding");
}
}
