Пример #1
0
 internal void NextK(byte[] k)
 {
     for (;;)
     {
         drbg.GetBytes(k);
         BigInt.RShift(k, (k.Length << 3) - qlen);
         if (!BigInt.IsZero(k) && BigInt.CompareCT(k, q) < 0)
         {
             return;
         }
     }
 }
Пример #2
0
        /*
         * Create a new instance with the provided element (unsigned,
         * big-endian). This constructor checks the following rules:
         *
         *   the modulus size must be at least 512 bits
         *   the modulus must be odd
         *   the exponent must be odd and greater than 1
         */
        public RSAPublicKey(byte[] modulus, byte[] exponent)
        {
            mod = BigInt.NormalizeBE(modulus, false);
            e   = BigInt.NormalizeBE(exponent, false);
            if (mod.Length < 64 || (mod.Length == 64 && mod[0] < 0x80))
            {
                throw new CryptoException(
                          "Invalid RSA public key (less than 512 bits)");
            }
            if ((mod[mod.Length - 1] & 0x01) == 0)
            {
                throw new CryptoException(
                          "Invalid RSA public key (even modulus)");
            }
            if (BigInt.IsZero(e))
            {
                throw new CryptoException(
                          "Invalid RSA public key (exponent is zero)");
            }
            if (BigInt.IsOne(e))
            {
                throw new CryptoException(
                          "Invalid RSA public key (exponent is one)");
            }
            if ((e[e.Length - 1] & 0x01) == 0)
            {
                throw new CryptoException(
                          "Invalid RSA public key (even exponent)");
            }

            /*
             * A simple hash code that will work well because RSA
             * keys are in practice quite randomish.
             */
            hashCode = (int)(BigInt.HashInt(modulus)
                             ^ BigInt.HashInt(exponent));
        }