diff options
author | lloyd <[email protected]> | 2010-10-28 20:13:58 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-10-28 20:13:58 +0000 |
commit | ac9c7ab05844bf8a4add7067a1130b0c7b5b97e9 (patch) | |
tree | 7907ad757bc5c6a67379344ae5d88be8a529775f | |
parent | 7e4c62045c8216138dbed1c586139a1de7cd7f27 (diff) |
EME1::HASH_LENGTH was always exactly the output size of the hash, but
Phash is a vector we were keeping around which has an actual hash
output, so just access Phash.size() and avoid the need to carry an
extra size_t around.
-rw-r--r-- | src/pk_pad/eme1/eme1.cpp | 33 | ||||
-rw-r--r-- | src/pk_pad/eme1/eme1.h | 1 |
2 files changed, 16 insertions, 18 deletions
diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp index 63347e6a8..b49fb9af0 100644 --- a/src/pk_pad/eme1/eme1.cpp +++ b/src/pk_pad/eme1/eme1.cpp @@ -21,22 +21,22 @@ SecureVector<byte> EME1::pad(const byte in[], size_t in_length, { key_length /= 8; - if(in_length > key_length - 2*HASH_LENGTH - 1) + if(in_length > key_length - 2*Phash.size() - 1) throw Invalid_Argument("EME1: Input is too large"); SecureVector<byte> out(key_length); - rng.randomize(&out[0], HASH_LENGTH); + rng.randomize(&out[0], Phash.size()); - out.copy(HASH_LENGTH, &Phash[0], Phash.size()); + out.copy(Phash.size(), &Phash[0], Phash.size()); out[out.size() - in_length - 1] = 0x01; out.copy(out.size() - in_length, in, in_length); - mgf->mask(&out[0], HASH_LENGTH, - &out[HASH_LENGTH], out.size() - HASH_LENGTH); + mgf->mask(&out[0], Phash.size(), + &out[Phash.size()], out.size() - Phash.size()); - mgf->mask(&out[HASH_LENGTH], out.size() - HASH_LENGTH, - &out[0], HASH_LENGTH); + mgf->mask(&out[Phash.size()], out.size() - Phash.size(), + &out[0], Phash.size()); return out; } @@ -68,18 +68,18 @@ SecureVector<byte> EME1::unpad(const byte in[], size_t in_length, SecureVector<byte> tmp(key_length); tmp.copy(key_length - in_length, in, in_length); - mgf->mask(&tmp[HASH_LENGTH], tmp.size() - HASH_LENGTH, - &tmp[0], HASH_LENGTH); - mgf->mask(&tmp[0], HASH_LENGTH, - &tmp[HASH_LENGTH], tmp.size() - HASH_LENGTH); + mgf->mask(&tmp[Phash.size()], tmp.size() - Phash.size(), + &tmp[0], Phash.size()); + mgf->mask(&tmp[0], Phash.size(), + &tmp[Phash.size()], tmp.size() - Phash.size()); - const bool phash_ok = same_mem(&tmp[HASH_LENGTH], &Phash[0], Phash.size()); + const bool phash_ok = same_mem(&tmp[Phash.size()], &Phash[0], Phash.size()); bool delim_ok = true; size_t delim_idx = 0; // Is this vulnerable to timing attacks? - for(size_t i = HASH_LENGTH + Phash.size(); i != tmp.size(); ++i) + for(size_t i = Phash.size() + Phash.size(); i != tmp.size(); ++i) { if(tmp[i] && !delim_idx) { @@ -104,8 +104,8 @@ SecureVector<byte> EME1::unpad(const byte in[], size_t in_length, */ size_t EME1::maximum_input_size(size_t keybits) const { - if(keybits / 8 > 2*HASH_LENGTH + 1) - return ((keybits / 8) - 2*HASH_LENGTH - 1); + if(keybits / 8 > 2*Phash.size() + 1) + return ((keybits / 8) - 2*Phash.size() - 1); else return 0; } @@ -113,8 +113,7 @@ size_t EME1::maximum_input_size(size_t keybits) const /* * EME1 Constructor */ -EME1::EME1(HashFunction* hash, const std::string& P) : - HASH_LENGTH(hash->output_length()) +EME1::EME1(HashFunction* hash, const std::string& P) { Phash = hash->process(P); mgf = new MGF1(hash); diff --git a/src/pk_pad/eme1/eme1.h b/src/pk_pad/eme1/eme1.h index f99dceb8c..0d0223de0 100644 --- a/src/pk_pad/eme1/eme1.h +++ b/src/pk_pad/eme1/eme1.h @@ -34,7 +34,6 @@ class BOTAN_DLL EME1 : public EME RandomNumberGenerator&) const; SecureVector<byte> unpad(const byte[], size_t, size_t) const; - const size_t HASH_LENGTH; SecureVector<byte> Phash; MGF* mgf; }; |