diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-06 17:20:33 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-06 17:26:58 +0200 |
| commit | e6177630198eb1eea2def0374fae1196da0e40ec (patch) | |
| tree | 704951804609999fb6ef7a956b04921b9f84c320 /libtomcrypt/pk/pkcs1 | |
| parent | 943f9ab50c110133a5cd1118b5b19cb09301168f (diff) | |
| download | cryptodev-linux-e6177630198eb1eea2def0374fae1196da0e40ec.tar.gz cryptodev-linux-e6177630198eb1eea2def0374fae1196da0e40ec.tar.xz cryptodev-linux-e6177630198eb1eea2def0374fae1196da0e40ec.zip | |
Run Lindent on libtom(*)
Diffstat (limited to 'libtomcrypt/pk/pkcs1')
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c | 17 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c | 97 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c | 297 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c | 244 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c | 3 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c | 250 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c | 228 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c | 144 | ||||
| -rw-r--r-- | libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c | 95 |
9 files changed, 698 insertions, 677 deletions
diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c b/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c index 70294a5..7881068 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c @@ -30,22 +30,21 @@ */ int pkcs_1_i2osp(void *n, unsigned long modulus_len, unsigned char *out) { - unsigned long size; + unsigned long size; - size = mp_unsigned_bin_size(n); + size = mp_unsigned_bin_size(n); - if (size > modulus_len) { - return CRYPT_BUFFER_OVERFLOW; - } + if (size > modulus_len) { + return CRYPT_BUFFER_OVERFLOW; + } - /* store it */ - zeromem(out, modulus_len); - return mp_to_unsigned_bin(n, out+(modulus_len-size)); + /* store it */ + zeromem(out, modulus_len); + return mp_to_unsigned_bin(n, out + (modulus_len - size)); } #endif /* LTC_PKCS_1 */ - /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c,v $ */ /* $Revision: 1.7 $ */ /* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c index bfa3e7e..7becb86 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c @@ -11,7 +11,6 @@ #include "tomcrypt.h" #include <ncr-int.h> - /** @file pkcs_1_mgf1.c The Mask Generation Function (MGF1) for LTC_PKCS #1, Tom St Denis @@ -29,59 +28,61 @@ @return CRYPT_OK if successful */ int pkcs_1_mgf1(const struct algo_properties_st *hash, - const unsigned char *seed, unsigned long seedlen, - unsigned char *mask, unsigned long masklen) + const unsigned char *seed, unsigned long seedlen, + unsigned char *mask, unsigned long masklen) { - unsigned long hLen, x; - ulong32 counter; - int err; - unsigned char *buf; - - LTC_ARGCHK(seed != NULL); - LTC_ARGCHK(mask != NULL); - - /* ensure valid hash */ - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - /* get hash output size */ - hLen = hash->digest_size; - - /* allocate memory */ - buf = XMALLOC(hLen); - if (buf == NULL) { - return CRYPT_MEM; - } - - /* start counter */ - counter = 0; - - while (masklen > 0) { - /* handle counter */ - STORE32H(counter, buf); - ++counter; - - err = hash_memory_multi(hash, buf, &hLen, seed, seedlen, buf, (unsigned long) 4, NULL, 0); - if (err != CRYPT_OK) { - goto LBL_ERR; - } - - /* store it */ - for (x = 0; x < hLen && masklen > 0; x++, masklen--) { - *mask++ = buf[x]; - } - } - - err = CRYPT_OK; + unsigned long hLen, x; + ulong32 counter; + int err; + unsigned char *buf; + + LTC_ARGCHK(seed != NULL); + LTC_ARGCHK(mask != NULL); + + /* ensure valid hash */ + if ((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + + /* get hash output size */ + hLen = hash->digest_size; + + /* allocate memory */ + buf = XMALLOC(hLen); + if (buf == NULL) { + return CRYPT_MEM; + } + + /* start counter */ + counter = 0; + + while (masklen > 0) { + /* handle counter */ + STORE32H(counter, buf); + ++counter; + + err = + hash_memory_multi(hash, buf, &hLen, seed, seedlen, buf, + (unsigned long)4, NULL, 0); + if (err != CRYPT_OK) { + goto LBL_ERR; + } + + /* store it */ + for (x = 0; x < hLen && masklen > 0; x++, masklen--) { + *mask++ = buf[x]; + } + } + + err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(buf, hLen); + zeromem(buf, hLen); #endif - XFREE(buf); + XFREE(buf); - return err; + return err; } #endif /* LTC_PKCS_1 */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c index 04833ff..1335170 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c @@ -11,7 +11,6 @@ #include "tomcrypt.h" #include <ncr-int.h> - /** @file pkcs_1_oaep_decode.c OAEP Padding for LTC_PKCS #1, Tom St Denis @@ -32,157 +31,163 @@ @param res [out] Result of decoding, 1==valid, 0==invalid @return CRYPT_OK if successful (even if invalid) */ -int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, - const unsigned char *lparam, unsigned long lparamlen, - unsigned long modulus_bitlen, const struct algo_properties_st *hash, - unsigned char *out, unsigned long *outlen, - int *res) +int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, + const unsigned char *lparam, unsigned long lparamlen, + unsigned long modulus_bitlen, + const struct algo_properties_st *hash, + unsigned char *out, unsigned long *outlen, int *res) { - unsigned char *DB, *seed, *mask; - unsigned long hLen, x, y, modulus_len; - int err; - - LTC_ARGCHK(msg != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(res != NULL); - - /* default to invalid packet */ - *res = 0; - - /* test valid hash */ - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - hLen = hash->digest_size; - modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); - - /* test hash/message size */ - if ((2*hLen >= (modulus_len - 2)) || (msglen != modulus_len)) { - return CRYPT_PK_INVALID_SIZE; - } - - /* allocate ram for DB/mask/salt of size modulus_len */ - DB = XMALLOC(modulus_len); - mask = XMALLOC(modulus_len); - seed = XMALLOC(hLen); - if (DB == NULL || mask == NULL || seed == NULL) { - if (DB != NULL) { - XFREE(DB); - } - if (mask != NULL) { - XFREE(mask); - } - if (seed != NULL) { - XFREE(seed); - } - return CRYPT_MEM; - } - - /* ok so it's now in the form - - 0x00 || maskedseed || maskedDB - - 1 || hLen || modulus_len - hLen - 1 - - */ - - /* must have leading 0x00 byte */ - if (msg[0] != 0x00) { - err = CRYPT_OK; - goto LBL_ERR; - } - - /* now read the masked seed */ - x = 1; - XMEMCPY(seed, msg + x, hLen); - x += hLen; - - /* now read the masked DB */ - XMEMCPY(DB, msg + x, modulus_len - hLen - 1); - x += modulus_len - hLen - 1; - - /* compute MGF1 of maskedDB (hLen) */ - if ((err = pkcs_1_mgf1(hash, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* XOR against seed */ - for (y = 0; y < hLen; y++) { - seed[y] ^= mask[y]; - } - - /* compute MGF1 of seed (k - hlen - 1) */ - if ((err = pkcs_1_mgf1(hash, seed, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* xor against DB */ - for (y = 0; y < (modulus_len - hLen - 1); y++) { - DB[y] ^= mask[y]; - } - - /* now DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */ - - /* compute lhash and store it in seed [reuse temps!] */ - x = modulus_len; - if (lparam != NULL) { - if ((err = hash_memory(hash, lparam, lparamlen, seed, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - } else { - /* can't pass hash_memory a NULL so use DB with zero length */ - if ((err = hash_memory(hash, DB, 0, seed, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - } - - /* compare the lhash'es */ - if (XMEMCMP(seed, DB, hLen) != 0) { - err = CRYPT_OK; - goto LBL_ERR; - } - - /* now zeroes before a 0x01 */ - for (x = hLen; x < (modulus_len - hLen - 1) && DB[x] == 0x00; x++) { - /* step... */ - } - - /* error out if wasn't 0x01 */ - if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* rest is the message (and skip 0x01) */ - if ((modulus_len - hLen - 1 - ++x) > *outlen) { - *outlen = modulus_len - hLen - 1 - x; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* copy message */ - *outlen = modulus_len - hLen - 1 - x; - XMEMCPY(out, DB + x, modulus_len - hLen - 1 - x); - x += modulus_len - hLen - 1; - - /* valid packet */ - *res = 1; - - err = CRYPT_OK; + unsigned char *DB, *seed, *mask; + unsigned long hLen, x, y, modulus_len; + int err; + + LTC_ARGCHK(msg != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(res != NULL); + + /* default to invalid packet */ + *res = 0; + + /* test valid hash */ + if ((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + + hLen = hash->digest_size; + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + + /* test hash/message size */ + if ((2 * hLen >= (modulus_len - 2)) || (msglen != modulus_len)) { + return CRYPT_PK_INVALID_SIZE; + } + + /* allocate ram for DB/mask/salt of size modulus_len */ + DB = XMALLOC(modulus_len); + mask = XMALLOC(modulus_len); + seed = XMALLOC(hLen); + if (DB == NULL || mask == NULL || seed == NULL) { + if (DB != NULL) { + XFREE(DB); + } + if (mask != NULL) { + XFREE(mask); + } + if (seed != NULL) { + XFREE(seed); + } + return CRYPT_MEM; + } + + /* ok so it's now in the form + + 0x00 || maskedseed || maskedDB + + 1 || hLen || modulus_len - hLen - 1 + + */ + + /* must have leading 0x00 byte */ + if (msg[0] != 0x00) { + err = CRYPT_OK; + goto LBL_ERR; + } + + /* now read the masked seed */ + x = 1; + XMEMCPY(seed, msg + x, hLen); + x += hLen; + + /* now read the masked DB */ + XMEMCPY(DB, msg + x, modulus_len - hLen - 1); + x += modulus_len - hLen - 1; + + /* compute MGF1 of maskedDB (hLen) */ + if ((err = + pkcs_1_mgf1(hash, DB, modulus_len - hLen - 1, mask, + hLen)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* XOR against seed */ + for (y = 0; y < hLen; y++) { + seed[y] ^= mask[y]; + } + + /* compute MGF1 of seed (k - hlen - 1) */ + if ((err = + pkcs_1_mgf1(hash, seed, hLen, mask, + modulus_len - hLen - 1)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* xor against DB */ + for (y = 0; y < (modulus_len - hLen - 1); y++) { + DB[y] ^= mask[y]; + } + + /* now DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */ + + /* compute lhash and store it in seed [reuse temps!] */ + x = modulus_len; + if (lparam != NULL) { + if ((err = + hash_memory(hash, lparam, lparamlen, seed, + &x)) != CRYPT_OK) { + goto LBL_ERR; + } + } else { + /* can't pass hash_memory a NULL so use DB with zero length */ + if ((err = hash_memory(hash, DB, 0, seed, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + } + + /* compare the lhash'es */ + if (XMEMCMP(seed, DB, hLen) != 0) { + err = CRYPT_OK; + goto LBL_ERR; + } + + /* now zeroes before a 0x01 */ + for (x = hLen; x < (modulus_len - hLen - 1) && DB[x] == 0x00; x++) { + /* step... */ + } + + /* error out if wasn't 0x01 */ + if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + /* rest is the message (and skip 0x01) */ + if ((modulus_len - hLen - 1 - ++x) > *outlen) { + *outlen = modulus_len - hLen - 1 - x; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + + /* copy message */ + *outlen = modulus_len - hLen - 1 - x; + XMEMCPY(out, DB + x, modulus_len - hLen - 1 - x); + x += modulus_len - hLen - 1; + + /* valid packet */ + *res = 1; + + err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(DB, modulus_len); - zeromem(seed, hLen); - zeromem(mask, modulus_len); + zeromem(DB, modulus_len); + zeromem(seed, hLen); + zeromem(mask, modulus_len); #endif - XFREE(seed); - XFREE(mask); - XFREE(DB); + XFREE(seed); + XFREE(mask); + XFREE(DB); - return err; + return err; } #endif /* LTC_PKCS_1 */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c index ab75f73..9d07ead 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c @@ -11,7 +11,6 @@ #include "tomcrypt.h" #include <ncr-int.h> - /** @file pkcs_1_oaep_encode.c OAEP Padding for LTC_PKCS #1, Tom St Denis @@ -31,134 +30,141 @@ @param outlen [in/out] The max size and resulting size of the encoded data @return CRYPT_OK if successful */ -int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, - const unsigned char *lparam, unsigned long lparamlen, - unsigned long modulus_bitlen, const struct algo_properties_st *hash, - unsigned char *out, unsigned long *outlen) +int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, + const unsigned char *lparam, unsigned long lparamlen, + unsigned long modulus_bitlen, + const struct algo_properties_st *hash, + unsigned char *out, unsigned long *outlen) { - unsigned char *DB, *seed, *mask; - unsigned long hLen, x, y, modulus_len; - int err; - - LTC_ARGCHK(msg != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* test valid hash */ - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - hLen = hash->digest_size; - modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); - - /* test message size */ - if ((2*hLen >= (modulus_len - 2)) || (msglen > (modulus_len - 2*hLen - 2))) { - return CRYPT_PK_INVALID_SIZE; - } - - /* allocate ram for DB/mask/salt of size modulus_len */ - DB = XMALLOC(modulus_len); - mask = XMALLOC(modulus_len); - seed = XMALLOC(hLen); - if (DB == NULL || mask == NULL || seed == NULL) { - if (DB != NULL) { - XFREE(DB); - } - if (mask != NULL) { - XFREE(mask); - } - if (seed != NULL) { - XFREE(seed); - } - return CRYPT_MEM; - } - - /* get lhash */ - /* DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */ - x = modulus_len; - if (lparam != NULL) { - if ((err = hash_memory(hash, lparam, lparamlen, DB, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - } else { - /* can't pass hash_memory a NULL so use DB with zero length */ - if ((err = hash_memory(hash, DB, 0, DB, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - } - - /* append PS then 0x01 (to lhash) */ - x = hLen; - y = modulus_len - msglen - 2*hLen - 2; - XMEMSET(DB+x, 0, y); - x += y; - - /* 0x01 byte */ - DB[x++] = 0x01; - - /* message (length = msglen) */ - XMEMCPY(DB+x, msg, msglen); - x += msglen; - - /* now choose a random seed */ - get_random_bytes(seed, hLen); - - /* compute MGF1 of seed (k - hlen - 1) */ - if ((err = pkcs_1_mgf1(hash, seed, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* xor against DB */ - for (y = 0; y < (modulus_len - hLen - 1); y++) { - DB[y] ^= mask[y]; - } - - /* compute MGF1 of maskedDB (hLen) */ - if ((err = pkcs_1_mgf1(hash, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* XOR against seed */ - for (y = 0; y < hLen; y++) { - seed[y] ^= mask[y]; - } - - /* create string of length modulus_len */ - if (*outlen < modulus_len) { - *outlen = modulus_len; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* start output which is 0x00 || maskedSeed || maskedDB */ - x = 0; - out[x++] = 0x00; - XMEMCPY(out+x, seed, hLen); - x += hLen; - XMEMCPY(out+x, DB, modulus_len - hLen - 1); - x += modulus_len - hLen - 1; - - *outlen = x; - - err = CRYPT_OK; + unsigned char *DB, *seed, *mask; + unsigned long hLen, x, y, modulus_len; + int err; + + LTC_ARGCHK(msg != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* test valid hash */ + if ((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + + hLen = hash->digest_size; + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + + /* test message size */ + if ((2 * hLen >= (modulus_len - 2)) + || (msglen > (modulus_len - 2 * hLen - 2))) { + return CRYPT_PK_INVALID_SIZE; + } + + /* allocate ram for DB/mask/salt of size modulus_len */ + DB = XMALLOC(modulus_len); + mask = XMALLOC(modulus_len); + seed = XMALLOC(hLen); + if (DB == NULL || mask == NULL || seed == NULL) { + if (DB != NULL) { + XFREE(DB); + } + if (mask != NULL) { + XFREE(mask); + } + if (seed != NULL) { + XFREE(seed); + } + return CRYPT_MEM; + } + + /* get lhash */ + /* DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */ + x = modulus_len; + if (lparam != NULL) { + if ((err = + hash_memory(hash, lparam, lparamlen, DB, + &x)) != CRYPT_OK) { + goto LBL_ERR; + } + } else { + /* can't pass hash_memory a NULL so use DB with zero length */ + if ((err = hash_memory(hash, DB, 0, DB, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + } + + /* append PS then 0x01 (to lhash) */ + x = hLen; + y = modulus_len - msglen - 2 * hLen - 2; + XMEMSET(DB + x, 0, y); + x += y; + + /* 0x01 byte */ + DB[x++] = 0x01; + + /* message (length = msglen) */ + XMEMCPY(DB + x, msg, msglen); + x += msglen; + + /* now choose a random seed */ + get_random_bytes(seed, hLen); + + /* compute MGF1 of seed (k - hlen - 1) */ + if ((err = + pkcs_1_mgf1(hash, seed, hLen, mask, + modulus_len - hLen - 1)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* xor against DB */ + for (y = 0; y < (modulus_len - hLen - 1); y++) { + DB[y] ^= mask[y]; + } + + /* compute MGF1 of maskedDB (hLen) */ + if ((err = + pkcs_1_mgf1(hash, DB, modulus_len - hLen - 1, mask, + hLen)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* XOR against seed */ + for (y = 0; y < hLen; y++) { + seed[y] ^= mask[y]; + } + + /* create string of length modulus_len */ + if (*outlen < modulus_len) { + *outlen = modulus_len; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + + /* start output which is 0x00 || maskedSeed || maskedDB */ + x = 0; + out[x++] = 0x00; + XMEMCPY(out + x, seed, hLen); + x += hLen; + XMEMCPY(out + x, DB, modulus_len - hLen - 1); + x += modulus_len - hLen - 1; + + *outlen = x; + + err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(DB, modulus_len); - zeromem(seed, hLen); - zeromem(mask, modulus_len); + zeromem(DB, modulus_len); + zeromem(seed, hLen); + zeromem(mask, modulus_len); #endif - XFREE(seed); - XFREE(mask); - XFREE(DB); + XFREE(seed); + XFREE(mask); + XFREE(DB); - return err; + return err; } #endif /* LTC_PKCS_1 */ - /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c,v $ */ /* $Revision: 1.9 $ */ /* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c b/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c index 513abb6..87fda40 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c @@ -25,12 +25,11 @@ */ int pkcs_1_os2ip(void *n, unsigned char *in, unsigned long inlen) { - return mp_read_unsigned_bin(n, in, inlen); + return mp_read_unsigned_bin(n, in, inlen); } #endif /* LTC_PKCS_1 */ - /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c,v $ */ /* $Revision: 1.7 $ */ /* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c index 789d12d..2a2b980 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c @@ -11,7 +11,6 @@ #include "tomcrypt.h" #include <ncr-int.h> - /** @file pkcs_1_pss_decode.c LTC_PKCS #1 PSS Signature Padding, Tom St Denis @@ -32,133 +31,140 @@ @return CRYPT_OK if successful (even if the comparison failed) */ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, - const unsigned char *sig, unsigned long siglen, - unsigned long saltlen, const struct algo_properties_st *hash_algo, - unsigned long modulus_bitlen, int *res) + const unsigned char *sig, unsigned long siglen, + unsigned long saltlen, + const struct algo_properties_st *hash_algo, + unsigned long modulus_bitlen, int *res) { - unsigned char *DB, *mask, *salt, *hash; - unsigned long x, y, hLen, modulus_len; - int err; - - LTC_ARGCHK(msghash != NULL); - LTC_ARGCHK(res != NULL); - - /* default to invalid */ - *res = 0; - - /* ensure hash is valid */ - if ((err = hash_is_valid(hash_algo)) != CRYPT_OK) { - return err; - } - - hLen = hash_algo->digest_size; - modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); - - /* check sizes */ - if ((saltlen > modulus_len) || - (modulus_len < hLen + saltlen + 2) || (siglen != modulus_len)) { - return CRYPT_PK_INVALID_SIZE; - } - - /* allocate ram for DB/mask/salt/hash of size modulus_len */ - DB = XMALLOC(modulus_len); - mask = XMALLOC(modulus_len); - salt = XMALLOC(modulus_len); - hash = XMALLOC(modulus_len); - if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) { - if (DB != NULL) { - XFREE(DB); - } - if (mask != NULL) { - XFREE(mask); - } - if (salt != NULL) { - XFREE(salt); - } - if (hash != NULL) { - XFREE(hash); - } - return CRYPT_MEM; - } - - /* ensure the 0xBC byte */ - if (sig[siglen-1] != 0xBC) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* copy out the DB */ - x = 0; - XMEMCPY(DB, sig + x, modulus_len - hLen - 1); - x += modulus_len - hLen - 1; - - /* copy out the hash */ - XMEMCPY(hash, sig + x, hLen); - x += hLen; - - /* check the MSB */ - if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)))) != 0) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* generate mask of length modulus_len - hLen - 1 from hash */ - if ((err = pkcs_1_mgf1(hash_algo, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* xor against DB */ - for (y = 0; y < (modulus_len - hLen - 1); y++) { - DB[y] ^= mask[y]; - } - - /* now clear the first byte [make sure smaller than modulus] */ - DB[0] &= 0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)); - - /* DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ - - /* check for zeroes and 0x01 */ - for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) { - if (DB[x] != 0x00) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - } - - /* check for the 0x01 */ - if (DB[x++] != 0x01) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - zeromem(mask, 8); - - /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ - err = hash_memory_multi(hash_algo, mask, &hLen, mask, (unsigned long)8, msghash, (unsigned long)msghashlen, DB+x, (unsigned long)saltlen, NULL, 0); - if (err != CRYPT_OK) { - goto LBL_ERR; - } - - /* mask == hash means valid signature */ - if (XMEMCMP(mask, hash, hLen) == 0) { - *res = 1; - } - - err = CRYPT_OK; + unsigned char *DB, *mask, *salt, *hash; + unsigned long x, y, hLen, modulus_len; + int err; + + LTC_ARGCHK(msghash != NULL); + LTC_ARGCHK(res != NULL); + + /* default to invalid */ + *res = 0; + + /* ensure hash is valid */ + if ((err = hash_is_valid(hash_algo)) != CRYPT_OK) { + return err; + } + + hLen = hash_algo->digest_size; + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + + /* check sizes */ + if ((saltlen > modulus_len) || + (modulus_len < hLen + saltlen + 2) || (siglen != modulus_len)) { + return CRYPT_PK_INVALID_SIZE; + } + + /* allocate ram for DB/mask/salt/hash of size modulus_len */ + DB = XMALLOC(modulus_len); + mask = XMALLOC(modulus_len); + salt = XMALLOC(modulus_len); + hash = XMALLOC(modulus_len); + if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) { + if (DB != NULL) { + XFREE(DB); + } + if (mask != NULL) { + XFREE(mask); + } + if (salt != NULL) { + XFREE(salt); + } + if (hash != NULL) { + XFREE(hash); + } + return CRYPT_MEM; + } + + /* ensure the 0xBC byte */ + if (sig[siglen - 1] != 0xBC) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + /* copy out the DB */ + x = 0; + XMEMCPY(DB, sig + x, modulus_len - hLen - 1); + x += modulus_len - hLen - 1; + + /* copy out the hash */ + XMEMCPY(hash, sig + x, hLen); + x += hLen; + + /* check the MSB */ + if ((sig[0] & ~(0xFF >> ((modulus_len << 3) - (modulus_bitlen - 1)))) != + 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + /* generate mask of length modulus_len - hLen - 1 from hash */ + if ((err = + pkcs_1_mgf1(hash_algo, hash, hLen, mask, + modulus_len - hLen - 1)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* xor against DB */ + for (y = 0; y < (modulus_len - hLen - 1); y++) { + DB[y] ^= mask[y]; + } + + /* now clear the first byte [make sure smaller than modulus] */ + DB[0] &= 0xFF >> ((modulus_len << 3) - (modulus_bitlen - 1)); + + /* DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ + + /* check for zeroes and 0x01 */ + for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) { + if (DB[x] != 0x00) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + } + + /* check for the 0x01 */ + if (DB[x++] != 0x01) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + zeromem(mask, 8); + + /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ + err = + hash_memory_multi(hash_algo, mask, &hLen, mask, (unsigned long)8, + msghash, (unsigned long)msghashlen, DB + x, + (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { + goto LBL_ERR; + } + + /* mask == hash means valid signature */ + if (XMEMCMP(mask, hash, hLen) == 0) { + *res = 1; + } + + err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(DB, modulus_len); - zeromem(mask, modulus_len); - zeromem(salt, modulus_len); - zeromem(hash, modulus_len); + zeromem(DB, modulus_len); + zeromem(mask, modulus_len); + zeromem(salt, modulus_len); + zeromem(hash, modulus_len); #endif - XFREE(hash); - XFREE(salt); - XFREE(mask); - XFREE(DB); + XFREE(hash); + XFREE(salt); + XFREE(mask); + XFREE(DB); - return err; + return err; } #endif /* LTC_PKCS_1 */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c index d3ce3d9..a2c6928 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c @@ -11,7 +11,6 @@ #include "tomcrypt.h" #include <ncr-int.h> - /** @file pkcs_1_pss_encode.c LTC_PKCS #1 PSS Signature Padding, Tom St Denis @@ -31,123 +30,128 @@ @return CRYPT_OK if successful */ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, - unsigned long saltlen, const struct algo_properties_st *hash_algo, - unsigned long modulus_bitlen, - unsigned char *out, unsigned long *outlen) + unsigned long saltlen, + const struct algo_properties_st *hash_algo, + unsigned long modulus_bitlen, unsigned char *out, + unsigned long *outlen) { - unsigned char *DB, *mask, *salt, *hash; - unsigned long x, y, hLen, modulus_len; - int err; - - LTC_ARGCHK(msghash != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* ensure hash and PRNG are valid */ - if ((err = hash_is_valid(hash_algo)) != CRYPT_OK) { - return err; - } - - hLen = hash_algo->digest_size; - modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); - - /* check sizes */ - if ((saltlen > modulus_len) || (modulus_len < hLen + saltlen + 2)) { - return CRYPT_PK_INVALID_SIZE; - } - - /* allocate ram for DB/mask/salt/hash of size modulus_len */ - DB = XMALLOC(modulus_len); - mask = XMALLOC(modulus_len); - salt = XMALLOC(modulus_len); - hash = XMALLOC(modulus_len); - if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) { - if (DB != NULL) { - XFREE(DB); - } - if (mask != NULL) { - XFREE(mask); - } - if (salt != NULL) { - XFREE(salt); - } - if (hash != NULL) { - XFREE(hash); - } - return CRYPT_MEM; - } - - - /* generate random salt */ - if (saltlen > 0) { - get_random_bytes(salt, saltlen); - } - - zeromem(DB, 8); - - /* M = (eight) 0x00 || msghash || salt, hash = H(M) */ - err = hash_memory_multi(hash_algo, hash, &hLen, DB, (unsigned long)8, msghash, (unsigned long)msghashlen, salt, (unsigned long)saltlen, NULL, 0); - if (err != CRYPT_OK) { - goto LBL_ERR; - } - - /* generate DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ - x = 0; - XMEMSET(DB + x, 0, modulus_len - saltlen - hLen - 2); - x += modulus_len - saltlen - hLen - 2; - DB[x++] = 0x01; - XMEMCPY(DB + x, salt, saltlen); - x += saltlen; - - /* generate mask of length modulus_len - hLen - 1 from hash */ - if ((err = pkcs_1_mgf1(hash_algo, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* xor against DB */ - for (y = 0; y < (modulus_len - hLen - 1); y++) { - DB[y] ^= mask[y]; - } - - /* output is DB || hash || 0xBC */ - if (*outlen < modulus_len) { - *outlen = modulus_len; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* DB len = modulus_len - hLen - 1 */ - y = 0; - XMEMCPY(out + y, DB, modulus_len - hLen - 1); - y += modulus_len - hLen - 1; - - /* hash */ - XMEMCPY(out + y, hash, hLen); - y += hLen; - - /* 0xBC */ - out[y] = 0xBC; - - /* now clear the 8*modulus_len - modulus_bitlen most significant bits */ - out[0] &= 0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)); - - /* store output size */ - *outlen = modulus_len; - err = CRYPT_OK; + unsigned char *DB, *mask, *salt, *hash; + unsigned long x, y, hLen, modulus_len; + int err; + + LTC_ARGCHK(msghash != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* ensure hash and PRNG are valid */ + if ((err = hash_is_valid(hash_algo)) != CRYPT_OK) { + return err; + } + + hLen = hash_algo->digest_size; + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + + /* check sizes */ + if ((saltlen > modulus_len) || (modulus_len < hLen + saltlen + 2)) { + return CRYPT_PK_INVALID_SIZE; + } + + /* allocate ram for DB/mask/salt/hash of size modulus_len */ + DB = XMALLOC(modulus_len); + mask = XMALLOC(modulus_len); + salt = XMALLOC(modulus_len); + hash = XMALLOC(modulus_len); + if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) { + if (DB != NULL) { + XFREE(DB); + } + if (mask != NULL) { + XFREE(mask); + } + if (salt != NULL) { + XFREE(salt); + } + if (hash != NULL) { + XFREE(hash); + } + return CRYPT_MEM; + } + + /* generate random salt */ + if (saltlen > 0) { + get_random_bytes(salt, saltlen); + } + + zeromem(DB, 8); + + /* M = (eight) 0x00 || msghash || salt, hash = H(M) */ + err = + hash_memory_multi(hash_algo, hash, &hLen, DB, (unsigned long)8, + msghash, (unsigned long)msghashlen, salt, + (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { + goto LBL_ERR; + } + + /* generate DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ + x = 0; + XMEMSET(DB + x, 0, modulus_len - saltlen - hLen - 2); + x += modulus_len - saltlen - hLen - 2; + DB[x++] = 0x01; + XMEMCPY(DB + x, salt, saltlen); + x += saltlen; + + /* generate mask of length modulus_len - hLen - 1 from hash */ + if ((err = + pkcs_1_mgf1(hash_algo, hash, hLen, mask, + modulus_len - hLen - 1)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* xor against DB */ + for (y = 0; y < (modulus_len - hLen - 1); y++) { + DB[y] ^= mask[y]; + } + + /* output is DB || hash || 0xBC */ + if (*outlen < modulus_len) { + *outlen = modulus_len; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + + /* DB len = modulus_len - hLen - 1 */ + y = 0; + XMEMCPY(out + y, DB, modulus_len - hLen - 1); + y += modulus_len - hLen - 1; + + /* hash */ + XMEMCPY(out + y, hash, hLen); + y += hLen; + + /* 0xBC */ + out[y] = 0xBC; + + /* now clear the 8*modulus_len - modulus_bitlen most significant bits */ + out[0] &= 0xFF >> ((modulus_len << 3) - (modulus_bitlen - 1)); + + /* store output size */ + *outlen = modulus_len; + err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(DB, modulus_len); - zeromem(mask, modulus_len); - zeromem(salt, modulus_len); - zeromem(hash, modulus_len); + zeromem(DB, modulus_len); + zeromem(mask, modulus_len); + zeromem(salt, modulus_len); + zeromem(hash, modulus_len); #endif - XFREE(hash); - XFREE(salt); - XFREE(mask); - XFREE(DB); + XFREE(hash); + XFREE(salt); + XFREE(mask); + XFREE(DB); - return err; + return err; } #endif /* LTC_PKCS_1 */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c index 1bb08e3..29c4d7b 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c @@ -29,79 +29,81 @@ * * @return CRYPT_OK if successful (even if invalid) */ -int pkcs_1_v1_5_decode(const unsigned char *msg, - unsigned long msglen, - int block_type, - unsigned long modulus_bitlen, - unsigned char *out, - unsigned long *outlen, - int *is_valid) +int pkcs_1_v1_5_decode(const unsigned char *msg, + unsigned long msglen, + int block_type, + unsigned long modulus_bitlen, + unsigned char *out, unsigned long *outlen, int *is_valid) { - unsigned long modulus_len, ps_len, i; - int result; - - /* default to invalid packet */ - *is_valid = 0; - - modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); - - /* test message size */ - - if ((msglen > modulus_len) || (modulus_len < 11)) { - return CRYPT_PK_INVALID_SIZE; - } - - /* separate encoded message */ - - if ((msg[0] != 0x00) || (msg[1] != (unsigned char)block_type)) { - result = CRYPT_INVALID_PACKET; - goto bail; - } - - if (block_type == LTC_LTC_PKCS_1_EME) { - for (i = 2; i < modulus_len; i++) { - /* separator */ - if (msg[i] == 0x00) { break; } - } - ps_len = i++ - 2; - - if ((i >= modulus_len) || (ps_len < 8)) { - /* There was no octet with hexadecimal value 0x00 to separate ps from m, - * or the length of ps is less than 8 octets. - */ - result = CRYPT_INVALID_PACKET; - goto bail; - } - } else { - for (i = 2; i < modulus_len - 1; i++) { - if (msg[i] != 0xFF) { break; } - } - - /* separator check */ - if (msg[i] != 0) { - /* There was no octet with hexadecimal value 0x00 to separate ps from m. */ - result = CRYPT_INVALID_PACKET; - goto bail; - } - - ps_len = i - 2; - } - - if (*outlen < (msglen - (2 + ps_len + 1))) { - *outlen = msglen - (2 + ps_len + 1); - result = CRYPT_BUFFER_OVERFLOW; - goto bail; - } - - *outlen = (msglen - (2 + ps_len + 1)); - XMEMCPY(out, &msg[2 + ps_len + 1], *outlen); - - /* valid packet */ - *is_valid = 1; - result = CRYPT_OK; + unsigned long modulus_len, ps_len, i; + int result; + + /* default to invalid packet */ + *is_valid = 0; + + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + + /* test message size */ + + if ((msglen > modulus_len) || (modulus_len < 11)) { + return CRYPT_PK_INVALID_SIZE; + } + + /* separate encoded message */ + + if ((msg[0] != 0x00) || (msg[1] != (unsigned char)block_type)) { + result = CRYPT_INVALID_PACKET; + goto bail; + } + + if (block_type == LTC_LTC_PKCS_1_EME) { + for (i = 2; i < modulus_len; i++) { + /* separator */ + if (msg[i] == 0x00) { + break; + } + } + ps_len = i++ - 2; + + if ((i >= modulus_len) || (ps_len < 8)) { + /* There was no octet with hexadecimal value 0x00 to separate ps from m, + * or the length of ps is less than 8 octets. + */ + result = CRYPT_INVALID_PACKET; + goto bail; + } + } else { + for (i = 2; i < modulus_len - 1; i++) { + if (msg[i] != 0xFF) { + break; + } + } + + /* separator check */ + if (msg[i] != 0) { + /* There was no octet with hexadecimal value 0x00 to separate ps from m. */ + result = CRYPT_INVALID_PACKET; + goto bail; + } + + ps_len = i - 2; + } + + if (*outlen < (msglen - (2 + ps_len + 1))) { + *outlen = msglen - (2 + ps_len + 1); + result = CRYPT_BUFFER_OVERFLOW; + goto bail; + } + + *outlen = (msglen - (2 + ps_len + 1)); + XMEMCPY(out, &msg[2 + ps_len + 1], *outlen); + + /* valid packet */ + *is_valid = 1; + result = CRYPT_OK; bail: - return result; -} /* pkcs_1_v1_5_decode */ + return result; +} /* pkcs_1_v1_5_decode */ #endif /* #ifdef LTC_PKCS_1 */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c index 048fe69..0261b7b 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c @@ -28,65 +28,64 @@ * * \return CRYPT_OK if successful */ -int pkcs_1_v1_5_encode(const unsigned char *msg, - unsigned long msglen, - int block_type, - unsigned long modulus_bitlen, - unsigned char *out, - unsigned long *outlen) +int pkcs_1_v1_5_encode(const unsigned char *msg, + unsigned long msglen, + int block_type, + unsigned long modulus_bitlen, + unsigned char *out, unsigned long *outlen) { - unsigned long modulus_len, ps_len, i; - unsigned char *ps; - int result; + unsigned long modulus_len, ps_len, i; + unsigned char *ps; + int result; - /* valid block_type? */ - if ((block_type != LTC_LTC_PKCS_1_EMSA) && - (block_type != LTC_LTC_PKCS_1_EME)) { - return CRYPT_PK_INVALID_PADDING; - } + /* valid block_type? */ + if ((block_type != LTC_LTC_PKCS_1_EMSA) && + (block_type != LTC_LTC_PKCS_1_EME)) { + return CRYPT_PK_INVALID_PADDING; + } - modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); + modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); - /* test message size */ - if ((msglen + 11) > modulus_len) { - return CRYPT_PK_INVALID_SIZE; - } + /* test message size */ + if ((msglen + 11) > modulus_len) { + return CRYPT_PK_INVALID_SIZE; + } - if (*outlen < modulus_len) { - *outlen = modulus_len; - result = CRYPT_BUFFER_OVERFLOW; - goto bail; - } + if (*outlen < modulus_len) { + *outlen = modulus_len; + result = CRYPT_BUFFER_OVERFLOW; + goto bail; + } - /* generate an octets string PS */ - ps = &out[2]; - ps_len = modulus_len - msglen - 3; + /* generate an octets string PS */ + ps = &out[2]; + ps_len = modulus_len - msglen - 3; - if (block_type == LTC_LTC_PKCS_1_EME) { - /* now choose a random ps */ - get_random_bytes(ps, ps_len); + if (block_type == LTC_LTC_PKCS_1_EME) { + /* now choose a random ps */ + get_random_bytes(ps, ps_len); - /* transform zero bytes (if any) to non-zero random bytes */ - for (i = 0; i < ps_len; i++) { - while (ps[i] == 0) { - get_random_bytes(&ps[i], 1); - } - } - } else { - XMEMSET(ps, 0xFF, ps_len); - } + /* transform zero bytes (if any) to non-zero random bytes */ + for (i = 0; i < ps_len; i++) { + while (ps[i] == 0) { + get_random_bytes(&ps[i], 1); + } + } + } else { + XMEMSET(ps, 0xFF, ps_len); + } - /* create string of length modulus_len */ - out[0] = 0x00; - out[1] = (unsigned char)block_type; /* block_type 1 or 2 */ - out[2 + ps_len] = 0x00; - XMEMCPY(&out[2 + ps_len + 1], msg, msglen); - *outlen = modulus_len; + /* create string of length modulus_len */ + out[0] = 0x00; + out[1] = (unsigned char)block_type; /* block_type 1 or 2 */ + out[2 + ps_len] = 0x00; + XMEMCPY(&out[2 + ps_len + 1], msg, msglen); + *outlen = modulus_len; - result = CRYPT_OK; + result = CRYPT_OK; bail: - return result; -} /* pkcs_1_v1_5_encode */ + return result; +} /* pkcs_1_v1_5_encode */ #endif /* #ifdef LTC_PKCS_1 */ |