github.com/cloudflare/circl@v1.5.0/tss/rsa/internal/pss/rsa.go

github.com/cloudflare/circl@v1.5.0/tss/rsa/internal/pss/rsa.go (about)

     1  // https://cs.opensource.google/go/go/+/refs/tags/go1.18.3:src/crypto/rsa/rsa.go
     2  
     3  // Copyright (c) 2009 The Go Authors. All rights reserved.
     4  //
     5  // Redistribution and use in source and binary forms, with or without
     6  // modification, are permitted provided that the following conditions are
     7  // met:
     8  //
     9  //    * Redistributions of source code must retain the above copyright
    10  // notice, this list of conditions and the following disclaimer.
    11  //    * Redistributions in binary form must reproduce the above
    12  // copyright notice, this list of conditions and the following disclaimer
    13  // in the documentation and/or other materials provided with the
    14  // distribution.
    15  //    * Neither the name of Google Inc. nor the names of its
    16  // contributors may be used to endorse or promote products derived from
    17  // this software without specific prior written permission.
    18  //
    19  // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    20  // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    21  // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    22  // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    23  // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    24  // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    25  // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    26  // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    27  // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    28  // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    29  // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    30  
    31  package pss
    32  
    33  import (
    34  	"hash"
    35  )
    36  
    37  // incCounter increments a four byte, big-endian counter.
    38  func incCounter(c *[4]byte) {
    39  	if c[3]++; c[3] != 0 {
    40  		return
    41  	}
    42  	if c[2]++; c[2] != 0 {
    43  		return
    44  	}
    45  	if c[1]++; c[1] != 0 {
    46  		return
    47  	}
    48  	c[0]++
    49  }
    50  
    51  // mgf1XOR XORs the bytes in out with a mask generated using the MGF1 function
    52  // specified in PKCS #1 v2.1.
    53  func mgf1XOR(out []byte, hash hash.Hash, seed []byte) {
    54  	var counter [4]byte
    55  	var digest []byte
    56  
    57  	done := 0
    58  	for done < len(out) {
    59  		hash.Write(seed)
    60  		hash.Write(counter[0:4])
    61  		digest = hash.Sum(digest[:0])
    62  		hash.Reset()
    63  
    64  		for i := 0; i < len(digest) && done < len(out); i++ {
    65  			out[done] ^= digest[i]
    66  			done++
    67  		}
    68  		incCounter(&counter)
    69  	}
    70  }