Botan 3.6.1
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::PK_KEM_Decryptor Class Referencefinal

#include <pubkey.h>

Public Member Functions

secure_vector< uint8_t > decrypt (const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len, const uint8_t salt[]=nullptr, size_t salt_len=0)
 
secure_vector< uint8_t > decrypt (std::span< const uint8_t > encap_key, size_t desired_shared_key_len=32, std::span< const uint8_t > salt={})
 
void decrypt (std::span< uint8_t > out_shared_key, std::span< const uint8_t > encap_key, size_t desired_shared_key_len=32, std::span< const uint8_t > salt={})
 
size_t encapsulated_key_length () const
 
PK_KEM_Decryptoroperator= (const PK_KEM_Decryptor &)=delete
 
PK_KEM_Decryptoroperator= (PK_KEM_Decryptor &&) noexcept
 
 PK_KEM_Decryptor (const PK_KEM_Decryptor &)=delete
 
 PK_KEM_Decryptor (const Private_Key &key, RandomNumberGenerator &rng, std::string_view kem_param="", std::string_view provider="")
 
 PK_KEM_Decryptor (PK_KEM_Decryptor &&) noexcept
 
size_t shared_key_length (size_t desired_shared_key_len) const
 
 ~PK_KEM_Decryptor ()
 

Detailed Description

Public Key Key Encapsulation Mechanism Decryption.

Definition at line 724 of file pubkey.h.

Constructor & Destructor Documentation

◆ PK_KEM_Decryptor() [1/3]

Botan::PK_KEM_Decryptor::PK_KEM_Decryptor ( const Private_Key & key,
RandomNumberGenerator & rng,
std::string_view kem_param = "",
std::string_view provider = "" )

Construct an instance.

Parameters
keythe key to use inside the decryptor
rngthe RNG to use
kem_paramadditional KEM parameters
providerthe provider to use

Definition at line 176 of file pubkey.cpp.

179 {
180 m_op = key.create_kem_decryption_op(rng, param, provider);
181 if(!m_op) {
182 throw Invalid_Argument(fmt("Key type {} does not support KEM decryption", key.algo_name()));
183 }
184}
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53

References Botan::Asymmetric_Key::algo_name(), Botan::Private_Key::create_kem_decryption_op(), and Botan::fmt().

◆ ~PK_KEM_Decryptor()

Botan::PK_KEM_Decryptor::~PK_KEM_Decryptor ( )
default

◆ PK_KEM_Decryptor() [2/3]

Botan::PK_KEM_Decryptor::PK_KEM_Decryptor ( const PK_KEM_Decryptor & )
delete

◆ PK_KEM_Decryptor() [3/3]

Botan::PK_KEM_Decryptor::PK_KEM_Decryptor ( PK_KEM_Decryptor && )
defaultnoexcept

Member Function Documentation

◆ decrypt() [1/3]

secure_vector< uint8_t > Botan::PK_KEM_Decryptor::decrypt ( const uint8_t encap_key[],
size_t encap_key_len,
size_t desired_shared_key_len,
const uint8_t salt[] = nullptr,
size_t salt_len = 0 )
inline

Decrypts the shared key for data encryption.

Parameters
encap_keythe encapsulated key
encap_key_lensize of the encapsulated key in bytes
desired_shared_key_lendesired size of the shared key in bytes (ignored if no KDF is used)
salta salt value used in the KDF (ignored if no KDF is used)
salt_lensize of the salt value in bytes (ignored if no KDF is used)
Returns
the shared data encryption key

Definition at line 795 of file pubkey.h.

799 {
800 secure_vector<uint8_t> shared_key(shared_key_length(desired_shared_key_len));
801 decrypt(shared_key, {encap_key, encap_key_len}, desired_shared_key_len, {salt, salt_len});
802 return shared_key;
803 }
Botan::PK_KEM_Decryptor::shared_key_length
size_t shared_key_length(size_t desired_shared_key_len) const
Definition pubkey.cpp:168
Botan::PK_KEM_Decryptor::decrypt
void decrypt(std::span< uint8_t > out_shared_key, std::span< const uint8_t > encap_key, size_t desired_shared_key_len=32, std::span< const uint8_t > salt={})
Definition pubkey.cpp:191
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61

◆ decrypt() [2/3]

secure_vector< uint8_t > Botan::PK_KEM_Decryptor::decrypt ( std::span< const uint8_t > encap_key,
size_t desired_shared_key_len = 32,
std::span< const uint8_t > salt = {} )
inline

Decrypts the shared key for data encryption.

Parameters
encap_keythe encapsulated key
desired_shared_key_lendesired size of the shared key in bytes (ignored if no KDF is used)
salta salt value used in the KDF (ignored if no KDF is used)
Returns
the shared data encryption key

Definition at line 816 of file pubkey.h.

818 {}) {
819 secure_vector<uint8_t> shared_key(shared_key_length(desired_shared_key_len));
820 decrypt(shared_key, encap_key, desired_shared_key_len, salt);
821 return shared_key;
822 }

◆ decrypt() [3/3]

void Botan::PK_KEM_Decryptor::decrypt ( std::span< uint8_t > out_shared_key,
std::span< const uint8_t > encap_key,
size_t desired_shared_key_len = 32,
std::span< const uint8_t > salt = {} )

Decrypts the shared key for data encryption.

Parameters
out_shared_keythe generated shared key
encap_keythe encapsulated key
desired_shared_key_lendesired size of the shared key in bytes (ignored if no KDF is used)
salta salt value used in the KDF (ignored if no KDF is used)

Definition at line 191 of file pubkey.cpp.

194 {
195 BOTAN_ARG_CHECK(out_shared_key.size() == shared_key_length(desired_shared_key_len),
196 "inconsistent size of shared key output buffer");
197 m_op->kem_decrypt(out_shared_key, encap_key, desired_shared_key_len, salt);
198}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29

References BOTAN_ARG_CHECK.

Referenced by Botan::Kyber_PrivateKey::check_key(), and Botan::TLS::Callbacks::tls_kem_decapsulate().

◆ encapsulated_key_length()

size_t Botan::PK_KEM_Decryptor::encapsulated_key_length ( ) const

Return the length of the encapsulated key expected by this KEM

Definition at line 172 of file pubkey.cpp.

172 {
173 return m_op->encapsulated_key_length();
174}

Referenced by Botan::TLS::Callbacks::tls_kem_decapsulate().

◆ operator=() [1/2]

PK_KEM_Decryptor & Botan::PK_KEM_Decryptor::operator= ( const PK_KEM_Decryptor & )
delete

◆ operator=() [2/2]

PK_KEM_Decryptor & Botan::PK_KEM_Decryptor::operator= ( PK_KEM_Decryptor && )
defaultnoexcept

◆ shared_key_length()

size_t Botan::PK_KEM_Decryptor::shared_key_length ( size_t desired_shared_key_len) const

Return the length of the shared key returned by this KEM

If this KEM was used with a KDF, then it will always return exactly the desired key length, because the output of the KEM will be hashed by the KDF.

However if the KEM was used with "Raw" kdf, to request the algorithmic output of the KEM directly, then the desired key length will be ignored and a bytestring that depends on the algorithm is returned

Parameters
desired_shared_key_lenis the requested length.

Definition at line 168 of file pubkey.cpp.

168 {
169 return m_op->shared_key_length(desired_shared_key_len);
170}
The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0