#include <pubkey.h>
|
secure_vector< uint8_t > | decrypt (const uint8_t in[], size_t length) const |
|
template<typename Alloc > |
secure_vector< uint8_t > | decrypt (const std::vector< uint8_t, Alloc > &in) const |
|
secure_vector< uint8_t > | decrypt_or_random (const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const |
|
secure_vector< uint8_t > | decrypt_or_random (const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng, const uint8_t required_content_bytes[], const uint8_t required_content_offsets[], size_t required_contents) const |
|
PK_Decryptor & | operator= (const PK_Decryptor &)=delete |
|
| PK_Decryptor ()=default |
|
| PK_Decryptor (const PK_Decryptor &)=delete |
|
virtual | ~PK_Decryptor ()=default |
|
Public Key Decryptor
Definition at line 85 of file pubkey.h.
Botan::PK_Decryptor::PK_Decryptor |
( |
| ) |
|
|
default |
virtual Botan::PK_Decryptor::~PK_Decryptor |
( |
| ) |
|
|
virtualdefault |
secure_vector< uint8_t > Botan::PK_Decryptor::decrypt |
( |
const uint8_t |
in[], |
|
|
size_t |
length |
|
) |
| const |
Decrypt a ciphertext, throwing an exception if the input seems to be invalid (eg due to an accidental or malicious error in the ciphertext).
- Parameters
-
in | the ciphertext as a byte array |
length | the length of the above byte array |
- Returns
- decrypted message
Definition at line 16 of file pubkey.cpp.
Referenced by Botan::KeyPair::encryption_consistency_check().
18 uint8_t valid_mask = 0;
20 secure_vector<uint8_t> decoded = do_decrypt(valid_mask, in, length);
23 throw Decoding_Error(
"Invalid public key ciphertext, cannot decrypt");
template<typename Alloc >
secure_vector<uint8_t> Botan::PK_Decryptor::decrypt |
( |
const std::vector< uint8_t, Alloc > & |
in | ) |
const |
|
inline |
Same as above, but taking a vector
- Parameters
-
- Returns
- decrypted message
Definition at line 105 of file pubkey.h.
References Botan::CryptoBox::decrypt().
107 return decrypt(in.data(), in.size());
secure_vector< uint8_t > decrypt(const uint8_t in[], size_t length) const
Decrypt a ciphertext. If the ciphertext is invalid (eg due to invalid padding) or is not the expected length, instead returns a random string of the expected length. Use to avoid oracle attacks, especially against PKCS #1 v1.5 decryption.
Definition at line 77 of file pubkey.cpp.
secure_vector< uint8_t > decrypt_or_random(const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const
secure_vector< uint8_t > Botan::PK_Decryptor::decrypt_or_random |
( |
const uint8_t |
in[], |
|
|
size_t |
length, |
|
|
size_t |
expected_pt_len, |
|
|
RandomNumberGenerator & |
rng, |
|
|
const uint8_t |
required_content_bytes[], |
|
|
const uint8_t |
required_content_offsets[], |
|
|
size_t |
required_contents |
|
) |
| const |
Decrypt a ciphertext. If the ciphertext is invalid (eg due to invalid padding) or is not the expected length, instead returns a random string of the expected length. Use to avoid oracle attacks, especially against PKCS #1 v1.5 decryption.
Additionally checks (also in const time) that: contents[required_content_offsets[i]] == required_content_bytes[i] for 0 <= i < required_contents
Used for example in TLS, which encodes the client version in the content bytes: if there is any timing variation the version check can be used as an oracle to recover the key.
Definition at line 29 of file pubkey.cpp.
References BOTAN_ASSERT, Botan::CT::conditional_copy_mem(), Botan::CT::is_equal(), and Botan::RandomNumberGenerator::random_vec().
37 const secure_vector<uint8_t> fake_pms = rng.random_vec(expected_pt_len);
39 uint8_t valid_mask = 0;
40 secure_vector<uint8_t> decoded = do_decrypt(valid_mask, in, length);
42 valid_mask &=
CT::is_equal(decoded.size(), expected_pt_len);
44 decoded.resize(expected_pt_len);
46 for(
size_t i = 0; i != required_contents_length; ++i)
59 const uint8_t exp = required_content_bytes[i];
60 const uint8_t off = required_content_offsets[i];
62 BOTAN_ASSERT(off < expected_pt_len,
"Offset in range of plaintext");
void conditional_copy_mem(T value, T *to, const T *from0, const T *from1, size_t elems)
#define BOTAN_ASSERT(expr, assertion_made)
The documentation for this class was generated from the following files: