pkcspad.cpp

00001 // pkcspad.cpp - written and placed in the public domain by Wei Dai
00002 
00003 #include "pch.h"
00004 
00005 #ifndef CRYPTOPP_PKCSPAD_CPP    // SunCC workaround: compiler could cause this file to be included twice
00006 #define CRYPTOPP_PKCSPAD_CPP
00007 
00008 #include "pkcspad.h"
00009 #include <assert.h>
00010 
00011 NAMESPACE_BEGIN(CryptoPP)
00012 
00013 // more in dll.cpp
00014 template<> const byte PKCS_DigestDecoration<MD2>::decoration[] = {0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x02,0x05,0x00,0x04,0x10};
00015 template<> const unsigned int PKCS_DigestDecoration<MD2>::length = sizeof(PKCS_DigestDecoration<MD2>::decoration);
00016 
00017 template<> const byte PKCS_DigestDecoration<MD5>::decoration[] = {0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x04,0x10};
00018 template<> const unsigned int PKCS_DigestDecoration<MD5>::length = sizeof(PKCS_DigestDecoration<MD5>::decoration);
00019 
00020 template<> const byte PKCS_DigestDecoration<RIPEMD160>::decoration[] = {0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x24,0x03,0x02,0x01,0x05,0x00,0x04,0x14};
00021 template<> const unsigned int PKCS_DigestDecoration<RIPEMD160>::length = sizeof(PKCS_DigestDecoration<RIPEMD160>::decoration);
00022 
00023 template<> const byte PKCS_DigestDecoration<Tiger>::decoration[] = {0x30,0x29,0x30,0x0D,0x06,0x09,0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0C,0x02,0x05,0x00,0x04,0x18};
00024 template<> const unsigned int PKCS_DigestDecoration<Tiger>::length = sizeof(PKCS_DigestDecoration<Tiger>::decoration);
00025 
00026 size_t PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(size_t paddedLength) const
00027 {
00028         return SaturatingSubtract(paddedLength/8, 10U);
00029 }
00030 
00031 void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *input, size_t inputLen, byte *pkcsBlock, size_t pkcsBlockLen, const NameValuePairs &parameters) const
00032 {
00033         assert (inputLen <= MaxUnpaddedLength(pkcsBlockLen));   // this should be checked by caller
00034 
00035         // convert from bit length to byte length
00036         if (pkcsBlockLen % 8 != 0)
00037         {
00038                 pkcsBlock[0] = 0;
00039                 pkcsBlock++;
00040         }
00041         pkcsBlockLen /= 8;
00042 
00043         pkcsBlock[0] = 2;  // block type 2
00044 
00045         // pad with non-zero random bytes
00046         for (unsigned i = 1; i < pkcsBlockLen-inputLen-1; i++)
00047                 pkcsBlock[i] = (byte)rng.GenerateWord32(1, 0xff);
00048 
00049         pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     // separator
00050         memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
00051 }
00052 
00053 DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, size_t pkcsBlockLen, byte *output, const NameValuePairs &parameters) const
00054 {
00055         bool invalid = false;
00056         size_t maxOutputLen = MaxUnpaddedLength(pkcsBlockLen);
00057 
00058         // convert from bit length to byte length
00059         if (pkcsBlockLen % 8 != 0)
00060         {
00061                 invalid = (pkcsBlock[0] != 0) || invalid;
00062                 pkcsBlock++;
00063         }
00064         pkcsBlockLen /= 8;
00065 
00066         // Require block type 2.
00067         invalid = (pkcsBlock[0] != 2) || invalid;
00068 
00069         // skip past the padding until we find the separator
00070         size_t i=1;
00071         while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
00072                 }
00073         assert(i==pkcsBlockLen || pkcsBlock[i-1]==0);
00074 
00075         size_t outputLen = pkcsBlockLen - i;
00076         invalid = (outputLen > maxOutputLen) || invalid;
00077 
00078         if (invalid)
00079                 return DecodingResult();
00080 
00081         memcpy (output, pkcsBlock+i, outputLen);
00082         return DecodingResult(outputLen);
00083 }
00084 
00085 // ********************************************************
00086 
00087 #ifndef CRYPTOPP_IMPORTS
00088 
00089 void PKCS1v15_SignatureMessageEncodingMethod::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
00090         const byte *recoverableMessage, size_t recoverableMessageLength,
00091         HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
00092         byte *representative, size_t representativeBitLength) const
00093 {
00094         assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
00095 
00096         size_t pkcsBlockLen = representativeBitLength;
00097         // convert from bit length to byte length
00098         if (pkcsBlockLen % 8 != 0)
00099         {
00100                 representative[0] = 0;
00101                 representative++;
00102         }
00103         pkcsBlockLen /= 8;
00104 
00105         representative[0] = 1;   // block type 1
00106 
00107         unsigned int digestSize = hash.DigestSize();
00108         byte *pPadding = representative + 1;
00109         byte *pDigest = representative + pkcsBlockLen - digestSize;
00110         byte *pHashId = pDigest - hashIdentifier.second;
00111         byte *pSeparator = pHashId - 1;
00112 
00113         // pad with 0xff
00114         memset(pPadding, 0xff, pSeparator-pPadding);
00115         *pSeparator = 0;
00116         memcpy(pHashId, hashIdentifier.first, hashIdentifier.second);
00117         hash.Final(pDigest);
00118 }
00119 
00120 #endif
00121 
00122 NAMESPACE_END
00123 
00124 #endif
Generated on Sat Dec 23 02:07:09 2006 for Crypto++ by  doxygen 1.5.1-p1