diff options
| author | Werner Koch <wk@gnupg.org> | 2011-05-31 15:14:51 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2011-06-03 17:22:25 +0200 |
| commit | 7887d409e88743761b05815f9b3ad7556e1d5da3 (patch) | |
| tree | b0744de1b8f90d07780f586d0c0001becf2c7fb4 /cipher/pubkey.c | |
| parent | d6b2adeccdb0d105e91fbba50cebc2b0af0f384c (diff) | |
| download | libgcrypt-7887d409e88743761b05815f9b3ad7556e1d5da3.tar.gz | |
Add comments to the mgf1 function and speed it up.
Diffstat (limited to 'cipher/pubkey.c')
| -rw-r--r-- | cipher/pubkey.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 0d8b0821..a9e98f7d 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -1035,47 +1035,55 @@ pkcs1_encode_for_signature (gcry_mpi_t *r_result, unsigned int nbits, } +/* Mask generation function for OAEP. See RFC-3447 B.2.1. */ static gcry_err_code_t mgf1 (unsigned char *output, size_t outlen, unsigned char *seed, size_t seedlen, int algo) { - size_t dlen; + size_t dlen, nbytes, n; int idx; gcry_md_hd_t hd; gcry_error_t err; - unsigned char *p; - err = gcry_md_test_algo (algo); + err = gcry_md_open (&hd, algo, 0); if (err) return gpg_err_code (err); - memset (output, 0, outlen); dlen = gcry_md_get_algo_dlen (algo); - for (idx = 0, p = output; idx < (outlen + dlen - 1) / dlen; idx++, p += dlen) + + /* We skip step 1 which would be assert(OUTLEN <= 2^32). The loop + in step 3 is merged with step 4 by concatenating no more octets + than what would fit into OUTPUT. The ceiling for the counter IDX + is implemented indirectly. */ + nbytes = 0; /* Step 2. */ + idx = 0; + while ( nbytes < outlen ) { unsigned char c[4], *digest; + if (idx) + gcry_md_reset (hd); + c[0] = (idx >> 24) & 0xFF; c[1] = (idx >> 16) & 0xFF; c[2] = (idx >> 8) & 0xFF; c[3] = idx & 0xFF; - - err = gcry_md_open (&hd, algo, 0); - if (err) - return gpg_err_code (err); + idx++; gcry_md_write (hd, seed, seedlen); gcry_md_write (hd, c, 4); digest = gcry_md_read (hd, 0); - if (outlen - (p - output) >= dlen) - memcpy (p, digest, dlen); - else - memcpy (p, digest, outlen - (p - output)); - gcry_md_close (hd); + + n = (outlen - nbytes < dlen)? (outlen - nbytes) : dlen; + memcpy (output+nbytes, digest, n); + nbytes += n; } + + gcry_md_close (hd); return GPG_ERR_NO_ERROR; } + static gcry_err_code_t oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, const unsigned char *value, size_t valuelen, |