예제 #1
0
        /// <summary>
        ///     Method that implements EME-OAEP decoding
        /// </summary>
        /// <param name="EM">
        ///     Message to be decoded. An octet string of length k
        /// </param>
        /// <param name="label">
        ///     Optional label to be associated with the message; the
        ///     default value for L, if L is not provided, is the empty string.
        /// </param>
        /// <param name="k">
        ///     Size of public key modulus in octets
        /// </param>
        /// <param name="hash">
        ///     Hash function (hLen denotes the length in octets of
        ///     the hash function output)
        /// </param>
        /// <returns>
        ///     Decoded message, octet string of length mLen
        /// </returns>
        /// <exception cref="DecryptionErrorException">
        ///     Method can throw exception
        /// </exception>
        public byte[] EME_OAEP_Decoding(byte[] EM, byte[] label, int k, HashAlgorithm hash)
        {
            int hLen = hash.HashSize / 8;

            byte[] lHash = hash.ComputeHash(label);
            if (EM[0] != 0x00)
            {
                throw new DecryptionErrorException("Decryption error!");
            }
            byte[] maskedSeed = new byte[hLen];
            byte[] maskedDB   = new byte[k - hLen - 1];
            System.Buffer.BlockCopy(EM, 1, maskedSeed, 0, maskedSeed.Length);
            System.Buffer.BlockCopy(EM, 1 + maskedSeed.Length, maskedDB, 0, maskedDB.Length);
            byte[] seedMask   = mgf.MGF1(maskedDB, hLen, hash);
            byte[] seed       = ByteArraysUtils.XorBytes(maskedSeed, seedMask);
            byte[] dbMask     = mgf.MGF1(seed, k - hLen - 1, hash);
            byte[] DB         = ByteArraysUtils.XorBytes(maskedDB, dbMask);
            byte[] lHash_dash = new byte[hLen];
            System.Buffer.BlockCopy(DB, 0, lHash_dash, 0, hLen);
            if (!lHash.SequenceEqual(lHash_dash))
            {
                throw new DecryptionErrorException("Decryption error!");
            }
            int i = Array.FindIndex(DB, hLen, el => el == 0x01);

            if (i == -1)
            {
                throw new DecryptionErrorException("Decryption error!");
            }
            byte[] M = new byte[DB.Length - 1 - i];
            System.Buffer.BlockCopy(DB, i + 1, M, 0, M.Length);
            return(M);
        }
예제 #2
0
 public void XorBytes()
 {
     byte[] arg1   = { 97, 29, 31, 55, 17, 0, 129 };
     byte[] arg2   = { 12, 33, 14, 40, 199, 244, 87 };
     byte[] xor    = ByteArraysUtils.XorBytes(arg1, arg2);
     byte[] actual = ByteArraysUtils.XorBytes(xor, arg2);
     CollectionAssert.AreEqual(arg1, actual);
 }
예제 #3
0
        /// <summary>
        ///     Method that implements EME-OAEP encoding.
        /// </summary>
        /// <param name="message">
        ///     Message to be encoded, an octet string of length mLen, where mLen <= k - 2hLen - 2
        /// </param>
        /// <param name="label">
        ///     Optional label to be associated with the message; the
        ///     default value for L, if L is not provided, is the empty string.
        /// </param>
        /// <param name="k">
        ///     Size of public key modulus in octets
        /// </param>
        /// <param name="hash">
        ///     Hash function (hLen denotes the length in octets of
        ///     the hash function output)
        /// </param>
        /// <returns>
        ///     Encoded message of k length
        /// </returns>
        public byte[] EME_OAEP_Encoding(byte[] message, byte[] label, int k, HashAlgorithm hash)
        {
            int hLen = hash.HashSize / 8;

            byte[] lHash = hash.ComputeHash(label);
            byte[] PS    = new byte[k - message.Length - 2 * hLen - 2];
            byte[] DB    = new byte[k - hLen - 1];
            System.Buffer.BlockCopy(lHash, 0, DB, 0, lHash.Length);
            System.Buffer.BlockCopy(PS, 0, DB, lHash.Length, PS.Length);
            DB[lHash.Length + PS.Length] = 0x01;
            System.Buffer.BlockCopy(message, 0, DB, lHash.Length + PS.Length + 1, message.Length);
            byte[] seed       = ByteArraysUtils.GetRandomOctets(RNGCryptoServiceProvider.Create(), hLen);
            byte[] dbMask     = mgf.MGF1(seed, k - hLen - 1, hash);
            byte[] maskedDB   = ByteArraysUtils.XorBytes(DB, dbMask);
            byte[] seedMask   = mgf.MGF1(maskedDB, hLen, hash);
            byte[] maskedSeed = ByteArraysUtils.XorBytes(seed, seedMask);
            byte[] EM         = new byte[k];
            System.Buffer.SetByte(EM, 0, 0x00);
            System.Buffer.BlockCopy(maskedSeed, 0, EM, 1, maskedSeed.Length);
            System.Buffer.BlockCopy(maskedDB, 0, EM, maskedSeed.Length + 1, maskedDB.Length);
            return(EM);
        }
예제 #4
0
        public byte[] EMSA_PSS_Encoding(byte[] M, int k, int sLen)
        {
            int hLen  = hash.HashSize;
            int emLen = k / 8;
            var mHash = hash.ComputeHash(M);

            if (emLen < hLen + sLen + 2)
            {
                throw new EncodingException();
            }
            byte[] salt     = ByteArraysUtils.GetRandomOctets(RNGCryptoServiceProvider.Create(), sLen);
            var    M_dash   = ByteArraysUtils.Concat(new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, ByteArraysUtils.Concat(mHash, salt));
            var    H        = hash.ComputeHash(M_dash);
            var    PS       = new byte[emLen - sLen - hLen - 2];
            var    DB       = ByteArraysUtils.Concat(ByteArraysUtils.Concat(PS, new byte[] { 0x01 }), salt);
            var    dbMask   = mgf.MGF1(H, emLen - hLen - 1, hash);
            var    maskedDB = ByteArraysUtils.XorBytes(DB, dbMask);

            maskedDB[0] &= (byte)(0xFF >> (8 * emLen - k));
            var EM = ByteArraysUtils.Concat(ByteArraysUtils.Concat(maskedDB, H), new byte[] { 0xbc });

            return(EM);
        }