void OAEP<H,MGF,P,PLen>::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLength, byte *oaepBlock, unsigned int oaepBlockLen) const
{
assert (inputLength <= MaxUnpaddedLength(oaepBlockLen));
// convert from bit length to byte length
if (oaepBlockLen % 8 != 0)
{
oaepBlock[0] = 0;
oaepBlock++;
}
oaepBlockLen /= 8;
const unsigned int hLen = H::DIGESTSIZE;
const unsigned int seedLen = hLen, dbLen = oaepBlockLen-seedLen;
byte *const maskedSeed = oaepBlock;
byte *const maskedDB = oaepBlock+seedLen;
// DB = pHash || 00 ... || 01 || M
memcpy(maskedDB, PHash<H,P,PLen>(), hLen);
memset(maskedDB+hLen, 0, dbLen-hLen-inputLength-1);
maskedDB[dbLen-inputLength-1] = 0x01;
memcpy(maskedDB+dbLen-inputLength, input, inputLength);
rng.GetBlock(maskedSeed, seedLen);
MGF::GenerateAndMask(maskedDB, dbLen, maskedSeed, seedLen);
MGF::GenerateAndMask(maskedSeed, seedLen, maskedDB, dbLen);
}
void ElGamalEncryptor::Encrypt(RandomNumberGenerator &rng, const byte *plainText, unsigned int plainTextLength, byte *cipherText)
{
assert(plainTextLength <= MaxPlainTextLength());
SecByteBlock block(modulusLen-1);
rng.GetBlock(block, modulusLen-2-plainTextLength);
memcpy(block+modulusLen-2-plainTextLength, plainText, plainTextLength);
block[modulusLen-2] = plainTextLength;
Integer m(block, modulusLen-1);
Integer a,b;
RawEncrypt(Integer(rng, ExponentBitLength()), m, a, b);
a.Encode(cipherText, modulusLen);
b.Encode(cipherText+modulusLen, modulusLen);
}
