8 #include <botan/eme1.h>
9 #include <botan/mgf1.h>
10 #include <botan/mem_ops.h>
18 SecureVector<byte> EME1::pad(
const byte in[],
size_t in_length,
20 RandomNumberGenerator&
rng)
const
24 if(key_length < in_length + 2*Phash.
size() + 1)
27 SecureVector<byte> out(key_length);
29 rng.randomize(&out[0], Phash.
size());
31 out.copy(Phash.
size(), &Phash[0], Phash.
size());
32 out[out.size() - in_length - 1] = 0x01;
33 out.copy(out.size() - in_length, in, in_length);
36 &out[Phash.
size()], out.size() - Phash.
size());
39 &out[0], Phash.
size());
47 SecureVector<byte> EME1::unpad(
const byte in[],
size_t in_length,
48 size_t key_length)
const
65 if(in_length > key_length)
68 SecureVector<byte> input(key_length);
69 input.copy(key_length - in_length, in, in_length);
71 mgf->
mask(&input[Phash.
size()], input.size() - Phash.
size(),
72 &input[0], Phash.
size());
74 &input[Phash.
size()], input.size() - Phash.
size());
76 bool waiting_for_delim =
true;
77 bool bad_input =
false;
78 size_t delim_idx = 2 * Phash.
size();
85 for(
size_t i = delim_idx; i < input.size(); ++i)
87 const bool zero_p = !input[i];
88 const bool one_p = input[i] == 0x01;
90 const bool add_1 = waiting_for_delim && zero_p;
92 bad_input |= waiting_for_delim && !(zero_p || one_p);
96 waiting_for_delim &= zero_p;
100 bad_input |= waiting_for_delim;
105 throw Decoding_Error(
"Invalid EME1 encoding");
107 return SecureVector<byte>(input + delim_idx + 1,
108 input.size() - delim_idx - 1);
116 if(keybits / 8 > 2*Phash.
size() + 1)
117 return ((keybits / 8) - 2*Phash.
size() - 1);
128 mgf =
new MGF1(hash);
bool same_mem(const T *p1, const T *p2, size_t n)
size_t maximum_input_size(size_t) const
EME1(HashFunction *hash, const std::string &P="")
std::invalid_argument Invalid_Argument
virtual void mask(const byte in[], size_t in_len, byte out[], size_t out_len) const =0
RandomNumberGenerator * rng
SecureVector< byte > process(const byte in[], size_t length)