Botan  2.1.0
Crypto and TLS for C++11
pubkey.h
Go to the documentation of this file.
1 /*
2 * Public Key Interface
3 * (C) 1999-2010 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_PUBKEY_H__
9 #define BOTAN_PUBKEY_H__
10 
11 #include <botan/pk_keys.h>
12 #include <botan/pk_ops_fwd.h>
13 #include <botan/symkey.h>
14 #include <botan/rng.h>
15 #include <botan/eme.h>
16 #include <botan/emsa.h>
17 #include <botan/kdf.h>
18 
19 #if defined(BOTAN_HAS_SYSTEM_RNG)
20  #include <botan/system_rng.h>
21  #define BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS
22 #endif
23 
24 namespace Botan {
25 
26 /**
27 * The two types of signature format supported by Botan.
28 */
30 
31 /**
32 * Public Key Encryptor
33 * This is the primary interface for public key encryption
34 */
35 class BOTAN_DLL PK_Encryptor
36  {
37  public:
38 
39  /**
40  * Encrypt a message.
41  * @param in the message as a byte array
42  * @param length the length of the above byte array
43  * @param rng the random number source to use
44  * @return encrypted message
45  */
46  std::vector<uint8_t> encrypt(const uint8_t in[], size_t length,
47  RandomNumberGenerator& rng) const
48  {
49  return enc(in, length, rng);
50  }
51 
52  /**
53  * Encrypt a message.
54  * @param in the message
55  * @param rng the random number source to use
56  * @return encrypted message
57  */
58  template<typename Alloc>
59  std::vector<uint8_t> encrypt(const std::vector<uint8_t, Alloc>& in,
60  RandomNumberGenerator& rng) const
61  {
62  return enc(in.data(), in.size(), rng);
63  }
64 
65  /**
66  * Return the maximum allowed message size in bytes.
67  * @return maximum message size in bytes
68  */
69  virtual size_t maximum_input_size() const = 0;
70 
71  PK_Encryptor() = default;
72  virtual ~PK_Encryptor() = default;
73 
74  PK_Encryptor(const PK_Encryptor&) = delete;
75  PK_Encryptor& operator=(const PK_Encryptor&) = delete;
76 
77  private:
78  virtual std::vector<uint8_t> enc(const uint8_t[], size_t,
79  RandomNumberGenerator&) const = 0;
80  };
81 
82 /**
83 * Public Key Decryptor
84 */
85 class BOTAN_DLL PK_Decryptor
86  {
87  public:
88  /**
89  * Decrypt a ciphertext, throwing an exception if the input
90  * seems to be invalid (eg due to an accidental or malicious
91  * error in the ciphertext).
92  *
93  * @param in the ciphertext as a byte array
94  * @param length the length of the above byte array
95  * @return decrypted message
96  */
97  secure_vector<uint8_t> decrypt(const uint8_t in[], size_t length) const;
98 
99  /**
100  * Same as above, but taking a vector
101  * @param in the ciphertext
102  * @return decrypted message
103  */
104  template<typename Alloc>
105  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc>& in) const
106  {
107  return decrypt(in.data(), in.size());
108  }
109 
110  /**
111  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
112  * invalid padding) or is not the expected length, instead
113  * returns a random string of the expected length. Use to avoid
114  * oracle attacks, especially against PKCS #1 v1.5 decryption.
115  */
117  decrypt_or_random(const uint8_t in[],
118  size_t length,
119  size_t expected_pt_len,
120  RandomNumberGenerator& rng) const;
121 
122  /**
123  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
124  * invalid padding) or is not the expected length, instead
125  * returns a random string of the expected length. Use to avoid
126  * oracle attacks, especially against PKCS #1 v1.5 decryption.
127  *
128  * Additionally checks (also in const time) that:
129  * contents[required_content_offsets[i]] == required_content_bytes[i]
130  * for 0 <= i < required_contents
131  *
132  * Used for example in TLS, which encodes the client version in
133  * the content bytes: if there is any timing variation the version
134  * check can be used as an oracle to recover the key.
135  */
137  decrypt_or_random(const uint8_t in[],
138  size_t length,
139  size_t expected_pt_len,
141  const uint8_t required_content_bytes[],
142  const uint8_t required_content_offsets[],
143  size_t required_contents) const;
144 
145  PK_Decryptor() = default;
146  virtual ~PK_Decryptor() = default;
147 
148  PK_Decryptor(const PK_Decryptor&) = delete;
149  PK_Decryptor& operator=(const PK_Decryptor&) = delete;
150 
151  private:
152  virtual secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
153  const uint8_t in[], size_t in_len) const = 0;
154  };
155 
156 /**
157 * Public Key Signer. Use the sign_message() functions for small
158 * messages. Use multiple calls update() to process large messages and
159 * generate the signature by finally calling signature().
160 */
161 class BOTAN_DLL PK_Signer final
162  {
163  public:
164 
165  /**
166  * Construct a PK Signer.
167  * @param key the key to use inside this signer
168  * @param rng the random generator to use
169  * @param emsa the EMSA to use
170  * An example would be "EMSA1(SHA-224)".
171  * @param format the signature format to use
172  * @param provider the provider to use
173  */
174  PK_Signer(const Private_Key& key,
176  const std::string& emsa,
177  Signature_Format format = IEEE_1363,
178  const std::string& provider = "");
179 
180 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
181  /**
182  * Construct a PK Signer.
183  * @param key the key to use inside this signer
184  * @param emsa the EMSA to use
185  * An example would be "EMSA1(SHA-224)".
186  * @param format the signature format to use
187  */
188  BOTAN_DEPRECATED("Use constructor taking a RNG object")
189  PK_Signer(const Private_Key& key,
190  const std::string& emsa,
191  Signature_Format format = IEEE_1363,
192  const std::string& provider = "") :
193  PK_Signer(key, system_rng(), emsa, format, provider)
194  {}
195 #endif
196 
197  ~PK_Signer();
198 
199  PK_Signer(const PK_Signer&) = delete;
200  PK_Signer& operator=(const PK_Signer&) = delete;
201 
202  /**
203  * Sign a message all in one go
204  * @param in the message to sign as a byte array
205  * @param length the length of the above byte array
206  * @param rng the rng to use
207  * @return signature
208  */
209  std::vector<uint8_t> sign_message(const uint8_t in[], size_t length,
211  {
212  this->update(in, length);
213  return this->signature(rng);
214  }
215 
216  /**
217  * Sign a message.
218  * @param in the message to sign
219  * @param rng the rng to use
220  * @return signature
221  */
222  std::vector<uint8_t> sign_message(const std::vector<uint8_t>& in,
224  { return sign_message(in.data(), in.size(), rng); }
225 
226  /**
227  * Sign a message.
228  * @param in the message to sign
229  * @param rng the rng to use
230  * @return signature
231  */
232  std::vector<uint8_t> sign_message(const secure_vector<uint8_t>& in,
234  { return sign_message(in.data(), in.size(), rng); }
235 
236  /**
237  * Add a message part (single byte).
238  * @param in the byte to add
239  */
240  void update(uint8_t in) { update(&in, 1); }
241 
242  /**
243  * Add a message part.
244  * @param in the message part to add as a byte array
245  * @param length the length of the above byte array
246  */
247  void update(const uint8_t in[], size_t length);
248 
249  /**
250  * Add a message part.
251  * @param in the message part to add
252  */
253  void update(const std::vector<uint8_t>& in) { update(in.data(), in.size()); }
254 
255  /**
256  * Add a message part.
257  * @param in the message part to add
258  */
259  void update(const std::string& in)
260  {
261  update(reinterpret_cast<const uint8_t*>(in.data()), in.size());
262  }
263 
264  /**
265  * Get the signature of the so far processed message (provided by the
266  * calls to update()).
267  * @param rng the rng to use
268  * @return signature of the total message
269  */
270  std::vector<uint8_t> signature(RandomNumberGenerator& rng);
271 
272  /**
273  * Set the output format of the signature.
274  * @param format the signature format to use
275  */
276  void set_output_format(Signature_Format format) { m_sig_format = format; }
277  private:
278  std::unique_ptr<PK_Ops::Signature> m_op;
279  Signature_Format m_sig_format;
280  size_t m_parts, m_part_size;
281  };
282 
283 /**
284 * Public Key Verifier. Use the verify_message() functions for small
285 * messages. Use multiple calls update() to process large messages and
286 * verify the signature by finally calling check_signature().
287 */
288 class BOTAN_DLL PK_Verifier final
289  {
290  public:
291  /**
292  * Construct a PK Verifier.
293  * @param pub_key the public key to verify against
294  * @param emsa the EMSA to use (eg "EMSA3(SHA-1)")
295  * @param format the signature format to use
296  * @param provider the provider to use
297  */
298  PK_Verifier(const Public_Key& pub_key,
299  const std::string& emsa,
300  Signature_Format format = IEEE_1363,
301  const std::string& provider = "");
302 
303  ~PK_Verifier();
304 
305  PK_Verifier& operator=(const PK_Verifier&) = delete;
306  PK_Verifier(const PK_Verifier&) = delete;
307 
308  /**
309  * Verify a signature.
310  * @param msg the message that the signature belongs to, as a byte array
311  * @param msg_length the length of the above byte array msg
312  * @param sig the signature as a byte array
313  * @param sig_length the length of the above byte array sig
314  * @return true if the signature is valid
315  */
316  bool verify_message(const uint8_t msg[], size_t msg_length,
317  const uint8_t sig[], size_t sig_length);
318  /**
319  * Verify a signature.
320  * @param msg the message that the signature belongs to
321  * @param sig the signature
322  * @return true if the signature is valid
323  */
324  template<typename Alloc, typename Alloc2>
325  bool verify_message(const std::vector<uint8_t, Alloc>& msg,
326  const std::vector<uint8_t, Alloc2>& sig)
327  {
328  return verify_message(msg.data(), msg.size(),
329  sig.data(), sig.size());
330  }
331 
332  /**
333  * Add a message part (single byte) of the message corresponding to the
334  * signature to be verified.
335  * @param in the byte to add
336  */
337  void update(uint8_t in) { update(&in, 1); }
338 
339  /**
340  * Add a message part of the message corresponding to the
341  * signature to be verified.
342  * @param msg_part the new message part as a byte array
343  * @param length the length of the above byte array
344  */
345  void update(const uint8_t msg_part[], size_t length);
346 
347  /**
348  * Add a message part of the message corresponding to the
349  * signature to be verified.
350  * @param in the new message part
351  */
352  void update(const std::vector<uint8_t>& in)
353  { update(in.data(), in.size()); }
354 
355  /**
356  * Add a message part of the message corresponding to the
357  * signature to be verified.
358  */
359  void update(const std::string& in)
360  {
361  update(reinterpret_cast<const uint8_t*>(in.data()), in.size());
362  }
363 
364  /**
365  * Check the signature of the buffered message, i.e. the one build
366  * by successive calls to update.
367  * @param sig the signature to be verified as a byte array
368  * @param length the length of the above byte array
369  * @return true if the signature is valid, false otherwise
370  */
371  bool check_signature(const uint8_t sig[], size_t length);
372 
373  /**
374  * Check the signature of the buffered message, i.e. the one build
375  * by successive calls to update.
376  * @param sig the signature to be verified
377  * @return true if the signature is valid, false otherwise
378  */
379  template<typename Alloc>
380  bool check_signature(const std::vector<uint8_t, Alloc>& sig)
381  {
382  return check_signature(sig.data(), sig.size());
383  }
384 
385  /**
386  * Set the format of the signatures fed to this verifier.
387  * @param format the signature format to use
388  */
389  void set_input_format(Signature_Format format);
390 
391  private:
392  std::unique_ptr<PK_Ops::Verification> m_op;
393  Signature_Format m_sig_format;
394  size_t m_parts, m_part_size;
395  };
396 
397 /**
398 * Key used for key agreement
399 */
400 class BOTAN_DLL PK_Key_Agreement final
401  {
402  public:
403 
404  /**
405  * Construct a PK Key Agreement.
406  * @param key the key to use
407  * @param rng the random generator to use
408  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
409  * @param provider the algo provider to use (or empty for default)
410  */
411  PK_Key_Agreement(const Private_Key& key,
413  const std::string& kdf,
414  const std::string& provider = "");
415 
416 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
417  /**
418  * Construct a PK Key Agreement.
419  * @param key the key to use
420  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
421  * @param provider the algo provider to use (or empty for default)
422  */
423  BOTAN_DEPRECATED("Use constructor taking a RNG object")
424  PK_Key_Agreement(const Private_Key& key,
425  const std::string& kdf,
426  const std::string& provider = "") :
427  PK_Key_Agreement(key, system_rng(), kdf, provider)
428  {}
429 #endif
430 
431  ~PK_Key_Agreement();
432 
433  // For ECIES
434  PK_Key_Agreement& operator=(PK_Key_Agreement&&);
436 
437  PK_Key_Agreement& operator=(const PK_Key_Agreement&) = delete;
438  PK_Key_Agreement(const PK_Key_Agreement&) = delete;
439 
440  /*
441  * Perform Key Agreement Operation
442  * @param key_len the desired key output size
443  * @param in the other parties key
444  * @param in_len the length of in in bytes
445  * @param params extra derivation params
446  * @param params_len the length of params in bytes
447  */
448  SymmetricKey derive_key(size_t key_len,
449  const uint8_t in[],
450  size_t in_len,
451  const uint8_t params[],
452  size_t params_len) const;
453 
454  /*
455  * Perform Key Agreement Operation
456  * @param key_len the desired key output size
457  * @param in the other parties key
458  * @param in_len the length of in in bytes
459  * @param params extra derivation params
460  * @param params_len the length of params in bytes
461  */
462  SymmetricKey derive_key(size_t key_len,
463  const std::vector<uint8_t>& in,
464  const uint8_t params[],
465  size_t params_len) const
466  {
467  return derive_key(key_len, in.data(), in.size(),
468  params, params_len);
469  }
470 
471  /*
472  * Perform Key Agreement Operation
473  * @param key_len the desired key output size
474  * @param in the other parties key
475  * @param in_len the length of in in bytes
476  * @param params extra derivation params
477  */
478  SymmetricKey derive_key(size_t key_len,
479  const uint8_t in[], size_t in_len,
480  const std::string& params = "") const
481  {
482  return derive_key(key_len, in, in_len,
483  reinterpret_cast<const uint8_t*>(params.data()),
484  params.length());
485  }
486 
487  /*
488  * Perform Key Agreement Operation
489  * @param key_len the desired key output size
490  * @param in the other parties key
491  * @param params extra derivation params
492  */
493  SymmetricKey derive_key(size_t key_len,
494  const std::vector<uint8_t>& in,
495  const std::string& params = "") const
496  {
497  return derive_key(key_len, in.data(), in.size(),
498  reinterpret_cast<const uint8_t*>(params.data()),
499  params.length());
500  }
501 
502  private:
503  std::unique_ptr<PK_Ops::Key_Agreement> m_op;
504  };
505 
506 /**
507 * Encryption using a standard message recovery algorithm like RSA or
508 * ElGamal, paired with an encoding scheme like OAEP.
509 */
510 class BOTAN_DLL PK_Encryptor_EME final : public PK_Encryptor
511  {
512  public:
513  size_t maximum_input_size() const override;
514 
515  /**
516  * Construct an instance.
517  * @param key the key to use inside the encryptor
518  * @param rng the RNG to use
519  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
520  * @param provider the provider to use
521  */
522  PK_Encryptor_EME(const Public_Key& key,
524  const std::string& padding,
525  const std::string& provider = "");
526 
527 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
528  /**
529  * Construct an instance.
530  * @param key the key to use inside the encryptor
531  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
532  */
533  BOTAN_DEPRECATED("Use constructor taking a RNG object")
534  PK_Encryptor_EME(const Public_Key& key,
535  const std::string& padding,
536  const std::string& provider = "") :
537  PK_Encryptor_EME(key, system_rng(), padding, provider) {}
538 #endif
539 
540  ~PK_Encryptor_EME();
541 
542  PK_Encryptor_EME& operator=(const PK_Encryptor_EME&) = delete;
543  PK_Encryptor_EME(const PK_Encryptor_EME&) = delete;
544  private:
545  std::vector<uint8_t> enc(const uint8_t[], size_t,
546  RandomNumberGenerator& rng) const override;
547 
548  std::unique_ptr<PK_Ops::Encryption> m_op;
549  };
550 
551 /**
552 * Decryption with an MR algorithm and an EME.
553 */
554 class BOTAN_DLL PK_Decryptor_EME final : public PK_Decryptor
555  {
556  public:
557  /**
558  * Construct an instance.
559  * @param key the key to use inside the decryptor
560  * @param rng the random generator to use
561  * @param eme the EME to use
562  * @param provider the provider to use
563  */
564  PK_Decryptor_EME(const Private_Key& key,
566  const std::string& eme,
567  const std::string& provider = "");
568 
569 
570 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
571  /**
572  * Construct an instance.
573  * @param key the key to use inside the decryptor
574  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
575  */
576  BOTAN_DEPRECATED("Use constructor taking a RNG object")
577  PK_Decryptor_EME(const Private_Key& key,
578  const std::string& eme,
579  const std::string& provider = "") :
580  PK_Decryptor_EME(key, system_rng(), eme, provider) {}
581 #endif
582 
583  ~PK_Decryptor_EME();
584  PK_Decryptor_EME& operator=(const PK_Decryptor_EME&) = delete;
585  PK_Decryptor_EME(const PK_Decryptor_EME&) = delete;
586  private:
587  secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
588  const uint8_t in[],
589  size_t in_len) const override;
590 
591  std::unique_ptr<PK_Ops::Decryption> m_op;
592  };
593 
594 /**
595 * Public Key Key Encapsulation Mechanism Encryption.
596 */
597 class BOTAN_DLL PK_KEM_Encryptor final
598  {
599  public:
600  /**
601  * Construct an instance.
602  * @param key the key to use inside the encryptor
603  * @param rng the RNG to use
604  * @param kem_param additional KEM parameters
605  * @param provider the provider to use
606  */
607  PK_KEM_Encryptor(const Public_Key& key,
609  const std::string& kem_param = "",
610  const std::string& provider = "");
611 
612 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
613  BOTAN_DEPRECATED("Use constructor taking a RNG object")
614  PK_KEM_Encryptor(const Public_Key& key,
615  const std::string& kem_param = "",
616  const std::string& provider = "") :
617  PK_KEM_Encryptor(key, system_rng(), kem_param, provider) {}
618 #endif
619 
620  ~PK_KEM_Encryptor();
621 
622  PK_KEM_Encryptor& operator=(const PK_KEM_Encryptor&) = delete;
623  PK_KEM_Encryptor(const PK_KEM_Encryptor&) = delete;
624 
625  /**
626  * Generate a shared key for data encryption.
627  * @param out_encapsulated_key the generated encapsulated key
628  * @param out_shared_key the generated shared key
629  * @param desired_shared_key_len desired size of the shared key in bytes
630  * @param rng the RNG to use
631  * @param salt a salt value used in the KDF
632  * @param salt_len size of the salt value in bytes
633  */
634  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
635  secure_vector<uint8_t>& out_shared_key,
636  size_t desired_shared_key_len,
638  const uint8_t salt[],
639  size_t salt_len);
640 
641  /**
642  * Generate a shared key for data encryption.
643  * @param out_encapsulated_key the generated encapsulated key
644  * @param out_shared_key the generated shared key
645  * @param desired_shared_key_len desired size of the shared key in bytes
646  * @param rng the RNG to use
647  * @param salt a salt value used in the KDF
648  */
649  template<typename Alloc>
650  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
651  secure_vector<uint8_t>& out_shared_key,
652  size_t desired_shared_key_len,
654  const std::vector<uint8_t, Alloc>& salt)
655  {
656  this->encrypt(out_encapsulated_key,
657  out_shared_key,
658  desired_shared_key_len,
659  rng,
660  salt.data(), salt.size());
661  }
662 
663 
664  /**
665  * Generate a shared key for data encryption.
666  * @param out_encapsulated_key the generated encapsulated key
667  * @param out_shared_key the generated shared key
668  * @param desired_shared_key_len desired size of the shared key in bytes
669  * @param rng the RNG to use
670  */
671  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
672  secure_vector<uint8_t>& out_shared_key,
673  size_t desired_shared_key_len,
675  {
676  this->encrypt(out_encapsulated_key,
677  out_shared_key,
678  desired_shared_key_len,
679  rng,
680  nullptr,
681  0);
682  }
683 
684  private:
685  std::unique_ptr<PK_Ops::KEM_Encryption> m_op;
686  };
687 
688 /**
689 * Public Key Key Encapsulation Mechanism Decryption.
690 */
691 class BOTAN_DLL PK_KEM_Decryptor final
692  {
693  public:
694  /**
695  * Construct an instance.
696  * @param key the key to use inside the decryptor
697  * @param rng the RNG to use
698  * @param kem_param additional KEM parameters
699  * @param provider the provider to use
700  */
701  PK_KEM_Decryptor(const Private_Key& key,
703  const std::string& kem_param = "",
704  const std::string& provider = "");
705 
706 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
707  BOTAN_DEPRECATED("Use constructor taking a RNG object")
708  PK_KEM_Decryptor(const Private_Key& key,
709  const std::string& kem_param = "",
710  const std::string& provider = "") :
711  PK_KEM_Decryptor(key, system_rng(), kem_param, provider)
712  {}
713 #endif
714 
715  ~PK_KEM_Decryptor();
716  PK_KEM_Decryptor& operator=(const PK_KEM_Decryptor&) = delete;
717  PK_KEM_Decryptor(const PK_KEM_Decryptor&) = delete;
718 
719  /**
720  * Decrypts the shared key for data encryption.
721  * @param encap_key the encapsulated key
722  * @param encap_key_len size of the encapsulated key in bytes
723  * @param desired_shared_key_len desired size of the shared key in bytes
724  * @param salt a salt value used in the KDF
725  * @param salt_len size of the salt value in bytes
726  * @return the shared data encryption key
727  */
728  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
729  size_t encap_key_len,
730  size_t desired_shared_key_len,
731  const uint8_t salt[],
732  size_t salt_len);
733 
734  /**
735  * Decrypts the shared key for data encryption.
736  * @param encap_key the encapsulated key
737  * @param encap_key_len size of the encapsulated key in bytes
738  * @param desired_shared_key_len desired size of the shared key in bytes
739  * @return the shared data encryption key
740  */
741  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
742  size_t encap_key_len,
743  size_t desired_shared_key_len)
744  {
745  return this->decrypt(encap_key, encap_key_len,
746  desired_shared_key_len,
747  nullptr, 0);
748  }
749 
750  /**
751  * Decrypts the shared key for data encryption.
752  * @param encap_key the encapsulated key
753  * @param desired_shared_key_len desired size of the shared key in bytes
754  * @param salt a salt value used in the KDF
755  * @return the shared data encryption key
756  */
757  template<typename Alloc1, typename Alloc2>
758  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc1>& encap_key,
759  size_t desired_shared_key_len,
760  const std::vector<uint8_t, Alloc2>& salt)
761  {
762  return this->decrypt(encap_key.data(), encap_key.size(),
763  desired_shared_key_len,
764  salt.data(), salt.size());
765  }
766 
767  private:
768  std::unique_ptr<PK_Ops::KEM_Decryption> m_op;
769  };
770 
771 }
772 
773 #endif
std::vector< uint8_t > encrypt(const std::vector< uint8_t, Alloc > &in, RandomNumberGenerator &rng) const
Definition: pubkey.h:59
secure_vector< uint8_t > decrypt(const std::vector< uint8_t, Alloc1 > &encap_key, size_t desired_shared_key_len, const std::vector< uint8_t, Alloc2 > &salt)
Definition: pubkey.h:758
bool check_signature(const std::vector< uint8_t, Alloc > &sig)
Definition: pubkey.h:380
bool verify_message(const std::vector< uint8_t, Alloc > &msg, const std::vector< uint8_t, Alloc2 > &sig)
Definition: pubkey.h:325
Signature_Format
Definition: pubkey.h:29
void update(const std::vector< uint8_t > &in)
Definition: pubkey.h:352
void update(uint8_t in)
Definition: pubkey.h:337
std::vector< uint8_t > sign_message(const uint8_t in[], size_t length, RandomNumberGenerator &rng)
Definition: pubkey.h:209
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
Definition: cryptobox.cpp:42
std::vector< uint8_t > encrypt(const uint8_t in[], size_t length, RandomNumberGenerator &rng) const
Definition: pubkey.h:46
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
class BOTAN_DLL BOTAN_DEPRECATED("LibraryInitializer is no longer required") LibraryInitializer
Definition: init.h:22
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const std::string &params="") const
Definition: pubkey.h:478
void update(const std::vector< uint8_t > &in)
Definition: pubkey.h:253
std::vector< uint8_t > sign_message(const secure_vector< uint8_t > &in, RandomNumberGenerator &rng)
Definition: pubkey.h:232
secure_vector< uint8_t > decrypt(const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len)
Definition: pubkey.h:741
void update(uint8_t in)
Definition: pubkey.h:240
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
Definition: cryptobox.cpp:102
Definition: alg_id.cpp:13
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const std::vector< uint8_t, Alloc > &salt)
Definition: pubkey.h:650
void update(const std::string &in)
Definition: pubkey.h:359
RandomNumberGenerator & system_rng()
Definition: system_rng.cpp:196
std::vector< uint8_t > sign_message(const std::vector< uint8_t > &in, RandomNumberGenerator &rng)
Definition: pubkey.h:222
SymmetricKey derive_key(size_t key_len, const std::vector< uint8_t > &in, const uint8_t params[], size_t params_len) const
Definition: pubkey.h:462
void set_output_format(Signature_Format format)
Definition: pubkey.h:276
void update(const std::string &in)
Definition: pubkey.h:259
SymmetricKey derive_key(size_t key_len, const std::vector< uint8_t > &in, const std::string &params="") const
Definition: pubkey.h:493
secure_vector< uint8_t > decrypt(const std::vector< uint8_t, Alloc > &in) const
Definition: pubkey.h:105
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng)
Definition: pubkey.h:671