We use cookies to ensure you get the best experience on our website
Inicio Explorar Ayuda
Registro Iniciar sesión
0ct0pu5
/
ladybird
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: 83f1775f15
Ramas Etiquetas
ladybird
/
Userland
/
Libraries
/
LibCrypto
/
PK
/
Code
/
EMSA_PKCS1_V1_5.h

EMSA_PKCS1_V1_5.h 4.6 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136 
  1. /*
    2. 

  2.  * Copyright (c) 2022, Michiel Visser <opensource@webmichiel.nl>
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: BSD-2-Clause
    5. 

  5.  */
    6. 

  6. 

  7. #pragma once
    8. 

  8. 

  9. #include <LibCrypto/Hash/HashManager.h>
    10. 

  10. #include <LibCrypto/Hash/MD5.h>
    11. 

  11. #include <LibCrypto/Hash/SHA1.h>
    12. 

  12. #include <LibCrypto/Hash/SHA2.h>
    13. 

  13. #include <LibCrypto/PK/Code/Code.h>
    14. 

  14. 

  15. namespace Crypto::PK {
    16. 

  16. 

  17. template<typename HashFunction>
    18. 

  18. class EMSA_PKCS1_V1_5 : public Code<HashFunction> {
    19. 

  19. public:
    20. 

  20.     template<typename... Args>
    21. 

  21.     EMSA_PKCS1_V1_5(Args... args)
    22. 

  22.         : Code<HashFunction>(args...)
    23. 

  23.     {
    24. 

  24.     }
    25. 

  25. 

  26.     virtual void encode(ReadonlyBytes in, ByteBuffer& out, size_t em_bits) override
    27. 

  27.     {
    28. 

  28.         auto& hash_fn = this->hasher();
    29. 

  29.         hash_fn.update(in);
    30. 

  30.         auto message_digest = hash_fn.digest();
    31. 

  31.         auto message_digest_size = message_digest.bytes().size();
    32. 

  32. 

  33.         auto digest_info = hash_function_digest_info();
    34. 

  34.         auto encoded_message_length = digest_info.size() + message_digest_size;
    35. 

  35. 

  36.         auto em_bytes = (em_bits + 7) / 8;
    37. 

  37.         // RFC8017 section 9.2: 3. If emLen < tLen + 11, output "intended encoded message length too short" and stop.
    38. 

  38.         if (em_bytes < encoded_message_length + 11) {
    39. 

  39.             dbgln("EMSA-PKCS1-V1_5-ENCODE: intended encoded message length too short");
    40. 

  40.             return;
    41. 

  41.         }
    42. 

  42. 

  43.         auto offset = 0;
    44. 

  44.         // Build the padding 0x0001ffff..ff00
    45. 

  45.         out[offset++] = 0x00;
    46. 

  46.         out[offset++] = 0x01;
    47. 

  47.         for (size_t i = 0; i < em_bytes - encoded_message_length - 3; i++)
    48. 

  48.             out[offset++] = 0xff;
    49. 

  49.         out[offset++] = 0x00;
    50. 

  50.         // Add the digest info and message digest
    51. 

  51.         out.overwrite(offset, digest_info.data(), digest_info.size());
    52. 

  52.         offset += digest_info.size();
    53. 

  53.         out.overwrite(offset, message_digest.immutable_data(), message_digest.data_length());
    54. 

  54.     }
    55. 

  55. 

  56.     virtual VerificationConsistency verify(ReadonlyBytes msg, ReadonlyBytes emsg, size_t em_bits) override
    57. 

  57.     {
    58. 

  58.         auto em_bytes = (em_bits + 7) / 8;
    59. 

  59.         auto buffer_result = ByteBuffer::create_uninitialized(em_bytes);
    60. 

  60.         if (buffer_result.is_error()) {
    61. 

  61.             dbgln("EMSA-PKCS1-V1_5-VERIFY: out of memory");
    62. 

  62.             return VerificationConsistency::Inconsistent;
    63. 

  63.         }
    64. 

  64.         auto buffer = buffer_result.release_value();
    65. 

  65. 

  66.         // Encode the supplied message into the buffer
    67. 

  67.         encode(msg, buffer, em_bits);
    68. 

  68. 

  69.         // Check that the expected message matches the encoded original message
    70. 

  70.         if (emsg != buffer) {
    71. 

  71.             return VerificationConsistency::Inconsistent;
    72. 

  72.         }
    73. 

  73.         return VerificationConsistency::Consistent;
    74. 

  74.     }
    75. 

  75. 

  76. private:
    77. 

  77.     inline ReadonlyBytes hash_function_digest_info();
    78. 

  78. };
    79. 

  79. 

  80. template<>
    81. 

  81. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::MD5>::hash_function_digest_info()
    82. 

  82. {
    83. 

  83.     // RFC8017 section 9.2 notes 1
    84. 

  84.     return { "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10", 18 };
    85. 

  85. }
    86. 

  86. 

  87. template<>
    88. 

  88. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::SHA1>::hash_function_digest_info()
    89. 

  89. {
    90. 

  90.     // RFC8017 section 9.2 notes 1
    91. 

  91.     return { "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14", 15 };
    92. 

  92. }
    93. 

  93. 

  94. template<>
    95. 

  95. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::SHA256>::hash_function_digest_info()
    96. 

  96. {
    97. 

  97.     // RFC8017 section 9.2 notes 1
    98. 

  98.     return { "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20", 19 };
    99. 

  99. }
    100. 

  100. 

  101. template<>
    102. 

  102. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::SHA384>::hash_function_digest_info()
    103. 

  103. {
    104. 

  104.     // RFC8017 section 9.2 notes 1
    105. 

  105.     return { "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30", 19 };
    106. 

  106. }
    107. 

  107. 

  108. template<>
    109. 

  109. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::SHA512>::hash_function_digest_info()
    110. 

  110. {
    111. 

  111.     // RFC8017 section 9.2 notes 1
    112. 

  112.     return { "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40", 19 };
    113. 

  113. }
    114. 

  114. 

  115. template<>
    116. 

  116. inline ReadonlyBytes EMSA_PKCS1_V1_5<Crypto::Hash::Manager>::hash_function_digest_info()
    117. 

  117. {
    118. 

  118.     // RFC8017 section 9.2 notes 1
    119. 

  119.     switch (hasher().kind()) {
    120. 

  120.     case Hash::HashKind::MD5:
    121. 

  121.         return { "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10", 18 };
    122. 

  122.     case Hash::HashKind::SHA1:
    123. 

  123.         return { "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14", 15 };
    124. 

  124.     case Hash::HashKind::SHA256:
    125. 

  125.         return { "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20", 19 };
    126. 

  126.     case Hash::HashKind::SHA384:
    127. 

  127.         return { "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30", 19 };
    128. 

  128.     case Hash::HashKind::SHA512:
    129. 

  129.         return { "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40", 19 };
    130. 

  130.     case Hash::HashKind::None:
    131. 

  131.     default:
    132. 

  132.         VERIFY_NOT_REACHED();
    133. 

  133.     }
    134. 

  134. }
    135. 

  135. 

  136. }
    137.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5