void OAEP<H,MGF,P,PLen>::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLength, byte *oaepBlock, unsigned int oaepBlockLen) const { assert (inputLength <= MaxUnpaddedLength(oaepBlockLen)); // convert from bit length to byte length if (oaepBlockLen % 8 != 0) { oaepBlock[0] = 0; oaepBlock++; } oaepBlockLen /= 8; const unsigned int hLen = H::DIGESTSIZE; const unsigned int seedLen = hLen, dbLen = oaepBlockLen-seedLen; byte *const maskedSeed = oaepBlock; byte *const maskedDB = oaepBlock+seedLen; // DB = pHash || 00 ... || 01 || M memcpy(maskedDB, PHash<H,P,PLen>(), hLen); memset(maskedDB+hLen, 0, dbLen-hLen-inputLength-1); maskedDB[dbLen-inputLength-1] = 0x01; memcpy(maskedDB+dbLen-inputLength, input, inputLength); rng.GetBlock(maskedSeed, seedLen); MGF::GenerateAndMask(maskedDB, dbLen, maskedSeed, seedLen); MGF::GenerateAndMask(maskedSeed, seedLen, maskedDB, dbLen); }
void ElGamalEncryptor::Encrypt(RandomNumberGenerator &rng, const byte *plainText, unsigned int plainTextLength, byte *cipherText) { assert(plainTextLength <= MaxPlainTextLength()); SecByteBlock block(modulusLen-1); rng.GetBlock(block, modulusLen-2-plainTextLength); memcpy(block+modulusLen-2-plainTextLength, plainText, plainTextLength); block[modulusLen-2] = plainTextLength; Integer m(block, modulusLen-1); Integer a,b; RawEncrypt(Integer(rng, ExponentBitLength()), m, a, b); a.Encode(cipherText, modulusLen); b.Encode(cipherText+modulusLen, modulusLen); }