public static bool OaepDecode()

in TPM Parser/Tpm2Lib/CryptoLib.cs [287:357]

• 45 lines of code
• 7 McCabe index (conditional complexity)

        public static bool OaepDecode(byte[] eMx, byte[] encodingParms, TpmAlgId hashAlg, out byte[] decoded)
        {
            decoded = new byte[0];

            var em = new byte[eMx.Length + 1];
            Array.Copy(eMx, 0, em, 1, eMx.Length);

            int hLen = CryptoLib.DigestSize(hashAlg);
            int k = em.Length;

            // a.
            byte[] lHash = CryptoLib.HashData(hashAlg, encodingParms);

            // b.
            byte y = em[0];
            byte[] maskedSeed = Globs.CopyData(em, 1, hLen);
            byte[] maskedDB = Globs.CopyData(em, 1 + hLen);

            // c.
            byte[] seedMask = CryptoLib.MGF(maskedDB, hLen, hashAlg);

            // d.
            byte[] seed = XorEngine.Xor(maskedSeed, seedMask);

            // e.
            byte[] dbMask = CryptoLib.MGF(seed, k - hLen - 1, hashAlg);

            // f.
            byte[] db = XorEngine.Xor(maskedDB, dbMask);

            // g.
            byte[] lHashPrime = Globs.CopyData(db, 0, hLen);

            // Look for the zero..
            int j;

            for (j = hLen; j < db.Length; j++)
            {
                if (db[j] == 0)
                {
                    continue;
                }

                if (db[j] == 1)
                {
                    break;
                }

                return false;
            }

            if (j == db.Length - 1)
            {
                return false;
            }

            byte[] m = Globs.CopyData(db, j + 1);

            if (y != 0)
            {
                return false;
            }

            if (!Globs.ArraysAreEqual(lHash, lHashPrime))
            {
                return false;
            }

            decoded = m;
            return true;
        }