66     int mdlen, dbmask_len = 0;  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()  local
91     mdlen = EVP_MD_get_size(md);  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
92     if (mdlen <= 0) {  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
98     if (flen > emlen - 2 * mdlen - 1) {  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
103     if (emlen < 2 * mdlen + 1) {  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
111     db = to + mdlen + 1;  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
117     memset(db + mdlen, 0, emlen - flen - 2 * mdlen - 1);  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
119     db[emlen - flen - mdlen - 1] = 0x01;  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
120     memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
122     if (RAND_bytes_ex(libctx, seed, mdlen, 0) <= 0)  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
125     dbmask_len = emlen - mdlen;  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
131     if (PKCS1_MGF1(dbmask, dbmask_len, seed, mdlen, mgf1md) < 0)  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
138     if (PKCS1_MGF1(seedmask, mdlen, db, dbmask_len, mgf1md) < 0)  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
141     for (i = 0; i < mdlen; i++)  in ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex()
183     int mdlen;  in RSA_padding_check_PKCS1_OAEP_mgf1()  local
209     mdlen = EVP_MD_get_size(md);  in RSA_padding_check_PKCS1_OAEP_mgf1()
211     if (tlen <= 0 || flen <= 0 || mdlen <= 0)  in RSA_padding_check_PKCS1_OAEP_mgf1()
221     if (num < flen || num < 2 * mdlen + 2) {  in RSA_padding_check_PKCS1_OAEP_mgf1()
226     dblen = num - mdlen - 1;  in RSA_padding_check_PKCS1_OAEP_mgf1()
256     maskeddb = em + 1 + mdlen;  in RSA_padding_check_PKCS1_OAEP_mgf1()
258     if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md))  in RSA_padding_check_PKCS1_OAEP_mgf1()
260     for (i = 0; i < mdlen; i++)  in RSA_padding_check_PKCS1_OAEP_mgf1()
263     if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md))  in RSA_padding_check_PKCS1_OAEP_mgf1()
271     good &= constant_time_is_zero(CRYPTO_memcmp(db, phash, mdlen));  in RSA_padding_check_PKCS1_OAEP_mgf1()
274     for (i = mdlen; i < dblen; i++) {  in RSA_padding_check_PKCS1_OAEP_mgf1()
311     tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen),  in RSA_padding_check_PKCS1_OAEP_mgf1()
312                                     dblen - mdlen - 1, tlen);  in RSA_padding_check_PKCS1_OAEP_mgf1()
313     for (msg_index = 1; msg_index < dblen - mdlen - 1; msg_index <<= 1) {  in RSA_padding_check_PKCS1_OAEP_mgf1()
314         mask = ~constant_time_eq(msg_index & (dblen - mdlen - 1 - mlen), 0);  in RSA_padding_check_PKCS1_OAEP_mgf1()
315         for (i = mdlen + 1; i < dblen - msg_index; i++)  in RSA_padding_check_PKCS1_OAEP_mgf1()
320         to[i] = constant_time_select_8(mask, db[i + mdlen + 1], to[i]);  in RSA_padding_check_PKCS1_OAEP_mgf1()
357     int mdlen;  in PKCS1_MGF1()  local
362     mdlen = EVP_MD_get_size(dgst);  in PKCS1_MGF1()
363     if (mdlen <= 0)  in PKCS1_MGF1()
377         if (outlen + mdlen <= len) {  in PKCS1_MGF1()
380             outlen += mdlen;  in PKCS1_MGF1()

Last Index update Fri Nov 22 14:03:13 UTC 2024

Dedicated to & Maintained by Room-11