wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Discuss http://www.shoup.net/papers/oaep.ps.Z

Browse source
This commit is contained in:
Bodo Möller 2000-12-05 10:30:21 +00:00
parent c28500900e
commit 9347ba487c
1 changed files with 16 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
crypto/rsa/rsa_oaep.c
View file

@ -2,7 +2,22 @@
/* Written by Ulf Moeller. This software is distributed on an "AS IS" /* Written by Ulf Moeller. This software is distributed on an "AS IS"
basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ /* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
/* See Victor Shoup, "OAEP reconsidered," Nov. 2000,
* <URL: http://www.shoup.net/papers/oaep.ps.Z>
* for problems with the security proof for the
* original OAEP scheme, which EME-OAEP is based on.
*
* Note that for RSA OAEP a security proof in the
* random oracle model *does* exist if 160 < log_2(N/e);
* cf. section 7.2 ("But RSA-OAEP with exponent 3 is
* provably secure") of Shoup's paper. (The slight
* differences between the OAEP definition used by Shoup
* and OAEP as defined in RFC 2437 should not affect
* this result.)
*/
#if !defined(NO_SHA) && !defined(NO_SHA1) #if !defined(NO_SHA) && !defined(NO_SHA1)
#include <stdio.h> #include <stdio.h>