Botan 3.0.0-alpha0
Crypto and TLS for C&
|
#include <dlies.h>
Public Member Functions | |
template<typename Alloc > | |
secure_vector< uint8_t > | decrypt (const std::vector< uint8_t, Alloc > &in) const |
secure_vector< uint8_t > | decrypt (const uint8_t in[], size_t length) const |
secure_vector< uint8_t > | decrypt_or_random (const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const |
secure_vector< uint8_t > | decrypt_or_random (const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng, const uint8_t required_content_bytes[], const uint8_t required_content_offsets[], size_t required_contents) const |
DLIES_Decryptor (const DH_PrivateKey &own_priv_key, RandomNumberGenerator &rng, KDF *kdf, Cipher_Mode *cipher, size_t cipher_key_len, MessageAuthenticationCode *mac, size_t mac_key_len=20) | |
DLIES_Decryptor (const DH_PrivateKey &own_priv_key, RandomNumberGenerator &rng, KDF *kdf, MessageAuthenticationCode *mac, size_t mac_key_len=20) | |
void | set_initialization_vector (const InitializationVector &iv) |
Set the initialization vector for the data decryption method. More... | |
Botan::DLIES_Decryptor::DLIES_Decryptor | ( | const DH_PrivateKey & | own_priv_key, |
RandomNumberGenerator & | rng, | ||
KDF * | kdf, | ||
MessageAuthenticationCode * | mac, | ||
size_t | mac_key_len = 20 |
||
) |
Stream mode: use KDF to provide a stream of bytes to xor with the message
own_priv_key | own (ephemeral) DH private key |
rng | the RNG to use |
kdf | the KDF that should be used |
mac | the MAC function that should be used |
mac_key_len | key length of the MAC function. Default = 20 bytes |
input = (ephemeral) public key + ciphertext + tag
Definition at line 130 of file dlies.cpp.
Botan::DLIES_Decryptor::DLIES_Decryptor | ( | const DH_PrivateKey & | own_priv_key, |
RandomNumberGenerator & | rng, | ||
KDF * | kdf, | ||
Cipher_Mode * | cipher, | ||
size_t | cipher_key_len, | ||
MessageAuthenticationCode * | mac, | ||
size_t | mac_key_len = 20 |
||
) |
Block cipher mode
own_priv_key | own (ephemeral) DH private key |
rng | the RNG to use |
kdf | the KDF that should be used |
cipher | the block cipher that should be used |
cipher_key_len | the key length of the block cipher |
mac | the MAC function that should be used |
mac_key_len | key length of the MAC function. Default = 20 bytes |
input = (ephemeral) public key + ciphertext + tag
Definition at line 110 of file dlies.cpp.
|
inlineinherited |
Same as above, but taking a vector
in | the ciphertext |
Definition at line 101 of file pubkey.h.
References Botan::CryptoBox::decrypt().
|
inherited |
Decrypt a ciphertext, throwing an exception if the input seems to be invalid (eg due to an accidental or malicious error in the ciphertext).
in | the ciphertext as a byte array |
length | the length of the above byte array |
Definition at line 17 of file pubkey.cpp.
Referenced by Botan::KeyPair::encryption_consistency_check().
|
inherited |
Decrypt a ciphertext. If the ciphertext is invalid (eg due to invalid padding) or is not the expected length, instead returns a random string of the expected length. Use to avoid oracle attacks, especially against PKCS #1 v1.5 decryption.
Definition at line 78 of file pubkey.cpp.
References Botan::PK_Decryptor::decrypt_or_random().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), and Botan::PK_Decryptor::decrypt_or_random().
|
inherited |
Decrypt a ciphertext. If the ciphertext is invalid (eg due to invalid padding) or is not the expected length, instead returns a random string of the expected length. Use to avoid oracle attacks, especially against PKCS #1 v1.5 decryption.
Additionally checks (also in const time) that: contents[required_content_offsets[i]] == required_content_bytes[i] for 0 <= i < required_contents
Used for example in TLS, which encodes the client version in the content bytes: if there is any timing variation the version check can be used as an oracle to recover the key.
Definition at line 30 of file pubkey.cpp.
References BOTAN_ASSERT, Botan::CT::Mask< T >::is_equal(), and Botan::RandomNumberGenerator::random_vec().
|
inline |