예제 #1
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
 public static byte[] Sign(RSAPrivateKey sk, byte[] header,
                           byte[] hash, int hashOff, int hashLen)
 {
     byte[] sig = new byte[sk.N.Length];
     Sign(sk, header, hash, hashOff, hashLen, sig, 0);
     return(sig);
 }
예제 #2
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
        public static byte[] Decrypt(RSAPrivateKey sk,
                                     byte[] buf, int off, int len)
        {
            byte[] tmp    = new byte[sk.N.Length];
            int    outLen = Decrypt(sk, buf, off, len, tmp, 0);

            byte[] outBuf = new byte[outLen];
            Array.Copy(tmp, 0, outBuf, 0, outLen);
            return(outBuf);
        }
예제 #3
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
        public static int Sign(RSAPrivateKey sk, byte[] header,
                               byte[] hash, int hashOff, int hashLen,
                               byte[] outBuf, int outOff)
        {
            int modLen = sk.N.Length;

            byte[] x = DoPKCS1Padding(modLen, false,
                                      header, hash, hashOff, hashLen);
            DoPrivate(sk, x);
            Array.Copy(x, 0, outBuf, outOff, x.Length);
            return(x.Length);
        }
예제 #4
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
        public static int Decrypt(RSAPrivateKey sk,
                                  byte[] buf, int off, int len, byte[] outBuf, int outOff)
        {
            if (len != sk.N.Length)
            {
                throw new CryptoException(
                          "Invalid RSA-encrypted message length");
            }

            /*
             * Note: since RSAPrivateKey refuses a modulus of less
             * than 64 bytes, we know that len >= 64 here.
             */
            byte[] x = new byte[len];
            Array.Copy(buf, off, x, 0, len);
            DoPrivate(sk, x);
            if (x[0] != 0x00 || x[1] != 0x02)
            {
                throw new CryptoException(
                          "Invalid PKCS#1 v1.5 encryption padding");
            }
            int i;

            for (i = 2; i < len && x[i] != 0x00; i++)
            {
                ;
            }
            if (i < 10 || i >= len)
            {
                throw new CryptoException(
                          "Invalid PKCS#1 v1.5 encryption padding");
            }
            i++;
            int olen = len - i;

            Array.Copy(x, i, outBuf, outOff, olen);
            return(olen);
        }
예제 #5
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
 /*
  * Perform a RSA decryption. A PKCS#1 v1.5 "type 2" padding is
  * expected, and removed. An exception is thrown on any error.
  *
  * WARNING: potentially vulnerable to Bleichenbacher's attack.
  * Use with care.
  *
  * There are four methods, depending on input and output
  * operands.
  */
 public static byte[] Decrypt(RSAPrivateKey sk, byte[] buf)
 {
     return(Decrypt(sk, buf, 0, buf.Length));
 }
예제 #6
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
 public static int Sign(RSAPrivateKey sk, byte[] header,
                        byte[] hash, byte[] outBuf, int outOff)
 {
     return(Sign(sk, header, hash, 0, hash.Length, outBuf, outOff));
 }
예제 #7
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
        /*
         * Compute a RSA signature (PKCS#1 v1.5 "type 1" padding).
         * The digest header and the hashed data are provided. The
         * header should be one of the standard PKCS#1 header; it
         * may also be an empty array or null for a "ND" signature
         * (this is normally used only in SSL/TLS up to TLS-1.1).
         */

        public static byte[] Sign(RSAPrivateKey sk, byte[] header,
                                  byte[] hash)
        {
            return(Sign(sk, header, hash, 0, hash.Length));
        }
예제 #8
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
        public static void DoPrivate(RSAPrivateKey sk,
                                     byte[] x, int off, int len)
        {
            /*
             * Check that the source array has the proper length
             * (identical to the length of the modulus).
             */
            if (len != sk.N.Length)
            {
                throw new CryptoException(
                          "Invalid source length for RSA private");
            }

            /*
             * Reduce the source value to the proper range.
             */
            ModInt mx = new ModInt(sk.N);

            mx.DecodeReduce(x, off, len);

            /*
             * Compute m1 = x^dp mod p.
             */
            ModInt m1 = new ModInt(sk.P);

            m1.Set(mx);
            m1.Pow(sk.DP);

            /*
             * Compute m2 = x^dq mod q.
             */
            ModInt m2 = new ModInt(sk.Q);

            m2.Set(mx);
            m2.Pow(sk.DQ);

            /*
             * Compute h = (m1 - m2) / q mod p.
             * (Result goes in m1.)
             */
            ModInt m3 = m1.Dup();

            m3.Set(m2);
            m1.Sub(m3);
            m3.Decode(sk.IQ);
            m1.ToMonty();
            m1.MontyMul(m3);

            /*
             * Compute m_2 + q*h. This works on plain integers, but
             * we have efficient and constant-time code for modular
             * integers, so we will do it modulo n.
             */
            m3 = mx;
            m3.Set(m1);
            m1 = m3.Dup();
            m1.Decode(sk.Q);
            m1.ToMonty();
            m3.MontyMul(m1);
            m1.Set(m2);
            m3.Add(m1);

            /*
             * Write result back in x[].
             */
            m3.Encode(x, off, len);
        }
예제 #9
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
 /*
  * Perform a RSA private key operation (modular exponentiation
  * with the private exponent). The source array MUST have the
  * same length as the modulus, and it is modified "in place".
  *
  * This function is constant-time, except if the source x[] does
  * not have the proper length (it should be identical to the
  * modulus length). If the source array has the proper length
  * but the numerical value is not in the proper range, then it
  * is first reduced modulo N.
  */
 public static void DoPrivate(RSAPrivateKey sk, byte[] x)
 {
     DoPrivate(sk, x, 0, x.Length);
 }
예제 #10
0
파일: RSA.cs 프로젝트: appcoreopc/boarssl
 public static int Decrypt(RSAPrivateKey sk,
                           byte[] buf, byte[] outBuf, int outOff)
 {
     return(Decrypt(sk, buf, 0, buf.Length, outBuf, outOff));
 }