Botan  1.10.17
eme_pkcs.cpp
Go to the documentation of this file.
1 /*
2 * PKCS1 EME
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/eme_pkcs.h>
9 #include <botan/internal/ct_utils.h>
10 
11 namespace Botan {
12 
13 /*
14 * PKCS1 Pad Operation
15 */
16 SecureVector<byte> EME_PKCS1v15::pad(const byte in[], size_t inlen,
17  size_t olen,
18  RandomNumberGenerator& rng) const
19  {
20  olen /= 8;
21 
22  if(olen < 10)
23  throw Encoding_Error("PKCS1: Output space too small");
24  if(inlen > olen - 10)
25  throw Encoding_Error("PKCS1: Input is too large");
26 
27  SecureVector<byte> out(olen);
28 
29  out[0] = 0x02;
30  for(size_t j = 1; j != olen - inlen - 1; ++j)
31  while(out[j] == 0)
32  out[j] = rng.next_byte();
33  out.copy(olen - inlen, in, inlen);
34 
35  return out;
36  }
37 
38 /*
39 * PKCS1 Unpad Operation
40 */
41 SecureVector<byte> EME_PKCS1v15::unpad(const byte in[], size_t inlen,
42  size_t key_len) const
43  {
44 
45  byte bad_input_m = 0;
46  byte seen_zero_m = 0;
47  size_t delim_idx = 0;
48 
49  bad_input_m |= ~CT::is_equal<byte>(in[0], 2);
50 
51  for(size_t i = 1; i < inlen; ++i)
52  {
53  const byte is_zero_m = CT::is_zero<byte>(in[i]);
54 
55  delim_idx += CT::select<byte>(~seen_zero_m, 1, 0);
56 
57  bad_input_m |= is_zero_m & CT::expand_mask<byte>(i < 9);
58  seen_zero_m |= is_zero_m;
59  }
60 
61  bad_input_m |= ~seen_zero_m;
62  bad_input_m |= CT::is_less<size_t>(delim_idx, 8);
63 
64  SecureVector<byte> output(&in[delim_idx + 1], inlen - (delim_idx + 1));
65 
66  if(bad_input_m)
67  throw Decoding_Error("EME_PKCS1v15::unpad invalid ciphertext");
68  return output;
69  }
70 
71 /*
72 * Return the max input size for a given key size
73 */
74 size_t EME_PKCS1v15::maximum_input_size(size_t keybits) const
75  {
76  if(keybits / 8 > 10)
77  return ((keybits / 8) - 10);
78  else
79  return 0;
80  }
81 
82 }
size_t maximum_input_size(size_t) const
Definition: eme_pkcs.cpp:74
unsigned char byte
Definition: types.h:22