private byte[] EncodeOAEP(byte[] message, byte[] p, bool usePrivate) { var mLen = message.Length; if (mLen > _rsaConfig.OctetsInModulus - 2 * _rsaConfig.hLen - 2) { throw new ArgumentException("message too long."); } else { var ps = new byte[_rsaConfig.OctetsInModulus - mLen - 2 * _rsaConfig.hLen - 2]; var pHash = _rsaConfig.ComputeHash(p); var db = new List <byte>(); db.AddRange(pHash); db.AddRange(ps); db.Add(0x01); db.AddRange(message); var dbArr = db.ToArray(); var seed = new byte[_rsaConfig.hLen]; _randomGen.GetBytes(seed); var dbMask = GenerateMask(seed, _rsaConfig.OctetsInModulus - _rsaConfig.hLen - 1); var maskedDB = RSAHelper.XOR(dbArr, dbMask); var seedMask = GenerateMask(maskedDB, _rsaConfig.hLen); var maskedSeed = RSAHelper.XOR(seed, seedMask); var result = new List <byte>(); result.Add(0x00); result.AddRange(maskedSeed); result.AddRange(maskedDB); return(CrunchRSA(result.ToArray(), usePrivate)); } }
private byte[] Decrypt(byte[] message, byte[] parameters, bool usePrivate, bool fOAEP) { var EM = new byte[0]; try { if ((usePrivate == true) && (FastPrivateDecrypt) && (_rsaConfig.HasCRTInfo)) { EM = PrivateDecryptFast(message); } else { EM = CrunchRSA(message, usePrivate); } } catch (CryptographicException ex) { throw new CryptographicException("Exception while Decryption: " + ex.Message); } catch { throw new Exception("Exception while Decryption: "); } try { if (fOAEP) { if ((EM.Length == _rsaConfig.OctetsInModulus) && (EM.Length > (2 * _rsaConfig.hLen + 1))) { byte[] maskedSeed; byte[] maskedDB; byte[] pHash = _rsaConfig.ComputeHash(parameters); if (EM[0] == 0) { maskedSeed = EM.ToList().GetRange(1, _rsaConfig.hLen).ToArray(); maskedDB = EM.ToList().GetRange(1 + _rsaConfig.hLen, EM.Length - _rsaConfig.hLen - 1).ToArray(); var seedMask = GenerateMask(maskedDB, _rsaConfig.hLen); var seed = RSAHelper.XOR(maskedSeed, seedMask); var dbMask = GenerateMask(seed, _rsaConfig.OctetsInModulus - _rsaConfig.hLen - 1); var DB = RSAHelper.XOR(maskedDB, dbMask); if (DB.Length >= (_rsaConfig.hLen + 1)) { var _pHash = DB.ToList().GetRange(0, _rsaConfig.hLen).ToArray(); var PS_M = DB.ToList().GetRange(_rsaConfig.hLen, DB.Length - _rsaConfig.hLen); var pos = PS_M.IndexOf(0x01); if (pos >= 0 && (pos < PS_M.Count)) { var _01_M = PS_M.GetRange(pos, PS_M.Count - pos); byte[] M; if (_01_M.Count > 1) { M = _01_M.GetRange(1, _01_M.Count - 1).ToArray(); } else { M = new byte[0]; } var success = true; for (var i = 0; i < _rsaConfig.hLen; i++) { if (_pHash[i] != pHash[i]) { success = false; break; } } if (success) { return(M); } else { M = new byte[_rsaConfig.OctetsInModulus]; throw new CryptographicException("OAEP Decode Error"); } } else { throw new CryptographicException("OAEP Decode Error"); } } else { throw new CryptographicException("OAEP Decode Error"); } } else { throw new CryptographicException("OAEP Decode Error"); } } else { throw new CryptographicException("OAEP Decode Error"); } } else { if (EM.Length >= 11) { if ((EM[0] == 0x00) && (EM[1] == 0x02)) { var startIndex = 2; var PS = new List <byte>(); for (var i = startIndex; i < EM.Length; i++) { if (EM[i] != 0) { PS.Add(EM[i]); } else { break; } } if (PS.Count >= 8) { var DecodedDataIndex = startIndex + PS.Count + 1; if (DecodedDataIndex < (EM.Length - 1)) { var DATA = new List <byte>(); for (int i = DecodedDataIndex; i < EM.Length; i++) { DATA.Add(EM[i]); } return(DATA.ToArray()); } else { return(new byte[0]); } } else { throw new CryptographicException("PKCS v1.5 Decode Error"); } } else { throw new CryptographicException("PKCS v1.5 Decode Error"); } } else { throw new CryptographicException("PKCS v1.5 Decode Error"); } } } catch (CryptographicException ex) { throw new CryptographicException("Exception while decoding: " + ex.Message); } catch { throw new CryptographicException("Exception while decoding"); } }