Botan  2.7.0
Crypto and TLS for C++11
pubkey.h
Go to the documentation of this file.
1 /*
2 * Public Key Interface
3 * (C) 1999-2010 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_PUBKEY_H_
9 #define BOTAN_PUBKEY_H_
10 
11 #include <botan/pk_keys.h>
12 #include <botan/pk_ops_fwd.h>
13 #include <botan/symkey.h>
14 
15 #if defined(BOTAN_HAS_SYSTEM_RNG)
16  #include <botan/system_rng.h>
17  #define BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS
18 #endif
19 
20 namespace Botan {
21 
22 class RandomNumberGenerator;
23 
24 /**
25 * The two types of signature format supported by Botan.
26 */
28 
29 /**
30 * Public Key Encryptor
31 * This is the primary interface for public key encryption
32 */
34  {
35  public:
36 
37  /**
38  * Encrypt a message.
39  * @param in the message as a byte array
40  * @param length the length of the above byte array
41  * @param rng the random number source to use
42  * @return encrypted message
43  */
44  std::vector<uint8_t> encrypt(const uint8_t in[], size_t length,
45  RandomNumberGenerator& rng) const
46  {
47  return enc(in, length, rng);
48  }
49 
50  /**
51  * Encrypt a message.
52  * @param in the message
53  * @param rng the random number source to use
54  * @return encrypted message
55  */
56  template<typename Alloc>
57  std::vector<uint8_t> encrypt(const std::vector<uint8_t, Alloc>& in,
58  RandomNumberGenerator& rng) const
59  {
60  return enc(in.data(), in.size(), rng);
61  }
62 
63  /**
64  * Return the maximum allowed message size in bytes.
65  * @return maximum message size in bytes
66  */
67  virtual size_t maximum_input_size() const = 0;
68 
69  PK_Encryptor() = default;
70  virtual ~PK_Encryptor() = default;
71 
72  PK_Encryptor(const PK_Encryptor&) = delete;
73  PK_Encryptor& operator=(const PK_Encryptor&) = delete;
74 
75  private:
76  virtual std::vector<uint8_t> enc(const uint8_t[], size_t,
77  RandomNumberGenerator&) const = 0;
78  };
79 
80 /**
81 * Public Key Decryptor
82 */
84  {
85  public:
86  /**
87  * Decrypt a ciphertext, throwing an exception if the input
88  * seems to be invalid (eg due to an accidental or malicious
89  * error in the ciphertext).
90  *
91  * @param in the ciphertext as a byte array
92  * @param length the length of the above byte array
93  * @return decrypted message
94  */
95  secure_vector<uint8_t> decrypt(const uint8_t in[], size_t length) const;
96 
97  /**
98  * Same as above, but taking a vector
99  * @param in the ciphertext
100  * @return decrypted message
101  */
102  template<typename Alloc>
103  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc>& in) const
104  {
105  return decrypt(in.data(), in.size());
106  }
107 
108  /**
109  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
110  * invalid padding) or is not the expected length, instead
111  * returns a random string of the expected length. Use to avoid
112  * oracle attacks, especially against PKCS #1 v1.5 decryption.
113  */
115  decrypt_or_random(const uint8_t in[],
116  size_t length,
117  size_t expected_pt_len,
118  RandomNumberGenerator& rng) const;
119 
120  /**
121  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
122  * invalid padding) or is not the expected length, instead
123  * returns a random string of the expected length. Use to avoid
124  * oracle attacks, especially against PKCS #1 v1.5 decryption.
125  *
126  * Additionally checks (also in const time) that:
127  * contents[required_content_offsets[i]] == required_content_bytes[i]
128  * for 0 <= i < required_contents
129  *
130  * Used for example in TLS, which encodes the client version in
131  * the content bytes: if there is any timing variation the version
132  * check can be used as an oracle to recover the key.
133  */
135  decrypt_or_random(const uint8_t in[],
136  size_t length,
137  size_t expected_pt_len,
139  const uint8_t required_content_bytes[],
140  const uint8_t required_content_offsets[],
141  size_t required_contents) const;
142 
143  PK_Decryptor() = default;
144  virtual ~PK_Decryptor() = default;
145 
146  PK_Decryptor(const PK_Decryptor&) = delete;
147  PK_Decryptor& operator=(const PK_Decryptor&) = delete;
148 
149  private:
150  virtual secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
151  const uint8_t in[], size_t in_len) const = 0;
152  };
153 
154 /**
155 * Public Key Signer. Use the sign_message() functions for small
156 * messages. Use multiple calls update() to process large messages and
157 * generate the signature by finally calling signature().
158 */
159 class BOTAN_PUBLIC_API(2,0) PK_Signer final
160  {
161  public:
162 
163  /**
164  * Construct a PK Signer.
165  * @param key the key to use inside this signer
166  * @param rng the random generator to use
167  * @param emsa the EMSA to use
168  * An example would be "EMSA1(SHA-224)".
169  * @param format the signature format to use
170  * @param provider the provider to use
171  */
172  PK_Signer(const Private_Key& key,
174  const std::string& emsa,
175  Signature_Format format = IEEE_1363,
176  const std::string& provider = "");
177 
178 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
179  /**
180  * Construct a PK Signer.
181  * @param key the key to use inside this signer
182  * @param emsa the EMSA to use
183  * An example would be "EMSA1(SHA-224)".
184  * @param format the signature format to use
185  */
186  BOTAN_DEPRECATED("Use constructor taking a RNG object")
187  PK_Signer(const Private_Key& key,
188  const std::string& emsa,
189  Signature_Format format = IEEE_1363,
190  const std::string& provider = "") :
191  PK_Signer(key, system_rng(), emsa, format, provider)
192  {}
193 #endif
194 
195  ~PK_Signer();
196 
197  PK_Signer(const PK_Signer&) = delete;
198  PK_Signer& operator=(const PK_Signer&) = delete;
199 
200  /**
201  * Sign a message all in one go
202  * @param in the message to sign as a byte array
203  * @param length the length of the above byte array
204  * @param rng the rng to use
205  * @return signature
206  */
207  std::vector<uint8_t> sign_message(const uint8_t in[], size_t length,
209  {
210  this->update(in, length);
211  return this->signature(rng);
212  }
213 
214  /**
215  * Sign a message.
216  * @param in the message to sign
217  * @param rng the rng to use
218  * @return signature
219  */
220  std::vector<uint8_t> sign_message(const std::vector<uint8_t>& in,
222  { return sign_message(in.data(), in.size(), rng); }
223 
224  /**
225  * Sign a message.
226  * @param in the message to sign
227  * @param rng the rng to use
228  * @return signature
229  */
230  std::vector<uint8_t> sign_message(const secure_vector<uint8_t>& in,
232  { return sign_message(in.data(), in.size(), rng); }
233 
234  /**
235  * Add a message part (single byte).
236  * @param in the byte to add
237  */
238  void update(uint8_t in) { update(&in, 1); }
239 
240  /**
241  * Add a message part.
242  * @param in the message part to add as a byte array
243  * @param length the length of the above byte array
244  */
245  void update(const uint8_t in[], size_t length);
246 
247  /**
248  * Add a message part.
249  * @param in the message part to add
250  */
251  void update(const std::vector<uint8_t>& in) { update(in.data(), in.size()); }
252 
253  /**
254  * Add a message part.
255  * @param in the message part to add
256  */
257  void update(const std::string& in)
258  {
259  update(cast_char_ptr_to_uint8(in.data()), in.size());
260  }
261 
262  /**
263  * Get the signature of the so far processed message (provided by the
264  * calls to update()).
265  * @param rng the rng to use
266  * @return signature of the total message
267  */
268  std::vector<uint8_t> signature(RandomNumberGenerator& rng);
269 
270  /**
271  * Set the output format of the signature.
272  * @param format the signature format to use
273  */
274  void set_output_format(Signature_Format format) { m_sig_format = format; }
275  private:
276  std::unique_ptr<PK_Ops::Signature> m_op;
277  Signature_Format m_sig_format;
278  size_t m_parts, m_part_size;
279  };
280 
281 /**
282 * Public Key Verifier. Use the verify_message() functions for small
283 * messages. Use multiple calls update() to process large messages and
284 * verify the signature by finally calling check_signature().
285 */
287  {
288  public:
289  /**
290  * Construct a PK Verifier.
291  * @param pub_key the public key to verify against
292  * @param emsa the EMSA to use (eg "EMSA3(SHA-1)")
293  * @param format the signature format to use
294  * @param provider the provider to use
295  */
296  PK_Verifier(const Public_Key& pub_key,
297  const std::string& emsa,
298  Signature_Format format = IEEE_1363,
299  const std::string& provider = "");
300 
301  ~PK_Verifier();
302 
303  PK_Verifier& operator=(const PK_Verifier&) = delete;
304  PK_Verifier(const PK_Verifier&) = delete;
305 
306  /**
307  * Verify a signature.
308  * @param msg the message that the signature belongs to, as a byte array
309  * @param msg_length the length of the above byte array msg
310  * @param sig the signature as a byte array
311  * @param sig_length the length of the above byte array sig
312  * @return true if the signature is valid
313  */
314  bool verify_message(const uint8_t msg[], size_t msg_length,
315  const uint8_t sig[], size_t sig_length);
316  /**
317  * Verify a signature.
318  * @param msg the message that the signature belongs to
319  * @param sig the signature
320  * @return true if the signature is valid
321  */
322  template<typename Alloc, typename Alloc2>
323  bool verify_message(const std::vector<uint8_t, Alloc>& msg,
324  const std::vector<uint8_t, Alloc2>& sig)
325  {
326  return verify_message(msg.data(), msg.size(),
327  sig.data(), sig.size());
328  }
329 
330  /**
331  * Add a message part (single byte) of the message corresponding to the
332  * signature to be verified.
333  * @param in the byte to add
334  */
335  void update(uint8_t in) { update(&in, 1); }
336 
337  /**
338  * Add a message part of the message corresponding to the
339  * signature to be verified.
340  * @param msg_part the new message part as a byte array
341  * @param length the length of the above byte array
342  */
343  void update(const uint8_t msg_part[], size_t length);
344 
345  /**
346  * Add a message part of the message corresponding to the
347  * signature to be verified.
348  * @param in the new message part
349  */
350  void update(const std::vector<uint8_t>& in)
351  { update(in.data(), in.size()); }
352 
353  /**
354  * Add a message part of the message corresponding to the
355  * signature to be verified.
356  */
357  void update(const std::string& in)
358  {
359  update(cast_char_ptr_to_uint8(in.data()), in.size());
360  }
361 
362  /**
363  * Check the signature of the buffered message, i.e. the one build
364  * by successive calls to update.
365  * @param sig the signature to be verified as a byte array
366  * @param length the length of the above byte array
367  * @return true if the signature is valid, false otherwise
368  */
369  bool check_signature(const uint8_t sig[], size_t length);
370 
371  /**
372  * Check the signature of the buffered message, i.e. the one build
373  * by successive calls to update.
374  * @param sig the signature to be verified
375  * @return true if the signature is valid, false otherwise
376  */
377  template<typename Alloc>
378  bool check_signature(const std::vector<uint8_t, Alloc>& sig)
379  {
380  return check_signature(sig.data(), sig.size());
381  }
382 
383  /**
384  * Set the format of the signatures fed to this verifier.
385  * @param format the signature format to use
386  */
387  void set_input_format(Signature_Format format);
388 
389  private:
390  std::unique_ptr<PK_Ops::Verification> m_op;
391  Signature_Format m_sig_format;
392  size_t m_parts, m_part_size;
393  };
394 
395 /**
396 * Key used for key agreement
397 */
399  {
400  public:
401 
402  /**
403  * Construct a PK Key Agreement.
404  * @param key the key to use
405  * @param rng the random generator to use
406  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
407  * @param provider the algo provider to use (or empty for default)
408  */
409  PK_Key_Agreement(const Private_Key& key,
411  const std::string& kdf,
412  const std::string& provider = "");
413 
414 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
415  /**
416  * Construct a PK Key Agreement.
417  * @param key the key to use
418  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
419  * @param provider the algo provider to use (or empty for default)
420  */
421  BOTAN_DEPRECATED("Use constructor taking a RNG object")
422  PK_Key_Agreement(const Private_Key& key,
423  const std::string& kdf,
424  const std::string& provider = "") :
425  PK_Key_Agreement(key, system_rng(), kdf, provider)
426  {}
427 #endif
428 
429  ~PK_Key_Agreement();
430 
431  // For ECIES
432  PK_Key_Agreement& operator=(PK_Key_Agreement&&);
434 
435  PK_Key_Agreement& operator=(const PK_Key_Agreement&) = delete;
436  PK_Key_Agreement(const PK_Key_Agreement&) = delete;
437 
438  /*
439  * Perform Key Agreement Operation
440  * @param key_len the desired key output size
441  * @param in the other parties key
442  * @param in_len the length of in in bytes
443  * @param params extra derivation params
444  * @param params_len the length of params in bytes
445  */
446  SymmetricKey derive_key(size_t key_len,
447  const uint8_t in[],
448  size_t in_len,
449  const uint8_t params[],
450  size_t params_len) const;
451 
452  /*
453  * Perform Key Agreement Operation
454  * @param key_len the desired key output size
455  * @param in the other parties key
456  * @param in_len the length of in in bytes
457  * @param params extra derivation params
458  * @param params_len the length of params in bytes
459  */
460  SymmetricKey derive_key(size_t key_len,
461  const std::vector<uint8_t>& in,
462  const uint8_t params[],
463  size_t params_len) const
464  {
465  return derive_key(key_len, in.data(), in.size(),
466  params, params_len);
467  }
468 
469  /*
470  * Perform Key Agreement Operation
471  * @param key_len the desired key output size
472  * @param in the other parties key
473  * @param in_len the length of in in bytes
474  * @param params extra derivation params
475  */
476  SymmetricKey derive_key(size_t key_len,
477  const uint8_t in[], size_t in_len,
478  const std::string& params = "") const
479  {
480  return derive_key(key_len, in, in_len,
481  cast_char_ptr_to_uint8(params.data()),
482  params.length());
483  }
484 
485  /*
486  * Perform Key Agreement Operation
487  * @param key_len the desired key output size
488  * @param in the other parties key
489  * @param params extra derivation params
490  */
491  SymmetricKey derive_key(size_t key_len,
492  const std::vector<uint8_t>& in,
493  const std::string& params = "") const
494  {
495  return derive_key(key_len, in.data(), in.size(),
496  cast_char_ptr_to_uint8(params.data()),
497  params.length());
498  }
499 
500  private:
501  std::unique_ptr<PK_Ops::Key_Agreement> m_op;
502  };
503 
504 /**
505 * Encryption using a standard message recovery algorithm like RSA or
506 * ElGamal, paired with an encoding scheme like OAEP.
507 */
509  {
510  public:
511  size_t maximum_input_size() const override;
512 
513  /**
514  * Construct an instance.
515  * @param key the key to use inside the encryptor
516  * @param rng the RNG to use
517  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
518  * @param provider the provider to use
519  */
520  PK_Encryptor_EME(const Public_Key& key,
522  const std::string& padding,
523  const std::string& provider = "");
524 
525 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
526  /**
527  * Construct an instance.
528  * @param key the key to use inside the encryptor
529  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
530  */
531  BOTAN_DEPRECATED("Use constructor taking a RNG object")
532  PK_Encryptor_EME(const Public_Key& key,
533  const std::string& padding,
534  const std::string& provider = "") :
535  PK_Encryptor_EME(key, system_rng(), padding, provider) {}
536 #endif
537 
538  ~PK_Encryptor_EME();
539 
540  PK_Encryptor_EME& operator=(const PK_Encryptor_EME&) = delete;
541  PK_Encryptor_EME(const PK_Encryptor_EME&) = delete;
542  private:
543  std::vector<uint8_t> enc(const uint8_t[], size_t,
544  RandomNumberGenerator& rng) const override;
545 
546  std::unique_ptr<PK_Ops::Encryption> m_op;
547  };
548 
549 /**
550 * Decryption with an MR algorithm and an EME.
551 */
553  {
554  public:
555  /**
556  * Construct an instance.
557  * @param key the key to use inside the decryptor
558  * @param rng the random generator to use
559  * @param eme the EME to use
560  * @param provider the provider to use
561  */
562  PK_Decryptor_EME(const Private_Key& key,
564  const std::string& eme,
565  const std::string& provider = "");
566 
567 
568 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
569  /**
570  * Construct an instance.
571  * @param key the key to use inside the decryptor
572  * @param eme the message encoding scheme to use (eg "OAEP(SHA-256)")
573  */
574  BOTAN_DEPRECATED("Use constructor taking a RNG object")
575  PK_Decryptor_EME(const Private_Key& key,
576  const std::string& eme,
577  const std::string& provider = "") :
578  PK_Decryptor_EME(key, system_rng(), eme, provider) {}
579 #endif
580 
581  ~PK_Decryptor_EME();
582  PK_Decryptor_EME& operator=(const PK_Decryptor_EME&) = delete;
583  PK_Decryptor_EME(const PK_Decryptor_EME&) = delete;
584  private:
585  secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
586  const uint8_t in[],
587  size_t in_len) const override;
588 
589  std::unique_ptr<PK_Ops::Decryption> m_op;
590  };
591 
592 /**
593 * Public Key Key Encapsulation Mechanism Encryption.
594 */
596  {
597  public:
598  /**
599  * Construct an instance.
600  * @param key the key to use inside the encryptor
601  * @param rng the RNG to use
602  * @param kem_param additional KEM parameters
603  * @param provider the provider to use
604  */
605  PK_KEM_Encryptor(const Public_Key& key,
607  const std::string& kem_param = "",
608  const std::string& provider = "");
609 
610 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
611  BOTAN_DEPRECATED("Use constructor taking a RNG object")
612  PK_KEM_Encryptor(const Public_Key& key,
613  const std::string& kem_param = "",
614  const std::string& provider = "") :
615  PK_KEM_Encryptor(key, system_rng(), kem_param, provider) {}
616 #endif
617 
618  ~PK_KEM_Encryptor();
619 
620  PK_KEM_Encryptor& operator=(const PK_KEM_Encryptor&) = delete;
621  PK_KEM_Encryptor(const PK_KEM_Encryptor&) = delete;
622 
623  /**
624  * Generate a shared key for data encryption.
625  * @param out_encapsulated_key the generated encapsulated key
626  * @param out_shared_key the generated shared key
627  * @param desired_shared_key_len desired size of the shared key in bytes
628  * @param rng the RNG to use
629  * @param salt a salt value used in the KDF
630  * @param salt_len size of the salt value in bytes
631  */
632  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
633  secure_vector<uint8_t>& out_shared_key,
634  size_t desired_shared_key_len,
636  const uint8_t salt[],
637  size_t salt_len);
638 
639  /**
640  * Generate a shared key for data encryption.
641  * @param out_encapsulated_key the generated encapsulated key
642  * @param out_shared_key the generated shared key
643  * @param desired_shared_key_len desired size of the shared key in bytes
644  * @param rng the RNG to use
645  * @param salt a salt value used in the KDF
646  */
647  template<typename Alloc>
648  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
649  secure_vector<uint8_t>& out_shared_key,
650  size_t desired_shared_key_len,
652  const std::vector<uint8_t, Alloc>& salt)
653  {
654  this->encrypt(out_encapsulated_key,
655  out_shared_key,
656  desired_shared_key_len,
657  rng,
658  salt.data(), salt.size());
659  }
660 
661 
662  /**
663  * Generate a shared key for data encryption.
664  * @param out_encapsulated_key the generated encapsulated key
665  * @param out_shared_key the generated shared key
666  * @param desired_shared_key_len desired size of the shared key in bytes
667  * @param rng the RNG to use
668  */
669  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
670  secure_vector<uint8_t>& out_shared_key,
671  size_t desired_shared_key_len,
673  {
674  this->encrypt(out_encapsulated_key,
675  out_shared_key,
676  desired_shared_key_len,
677  rng,
678  nullptr,
679  0);
680  }
681 
682  private:
683  std::unique_ptr<PK_Ops::KEM_Encryption> m_op;
684  };
685 
686 /**
687 * Public Key Key Encapsulation Mechanism Decryption.
688 */
690  {
691  public:
692  /**
693  * Construct an instance.
694  * @param key the key to use inside the decryptor
695  * @param rng the RNG to use
696  * @param kem_param additional KEM parameters
697  * @param provider the provider to use
698  */
699  PK_KEM_Decryptor(const Private_Key& key,
701  const std::string& kem_param = "",
702  const std::string& provider = "");
703 
704 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
705  BOTAN_DEPRECATED("Use constructor taking a RNG object")
706  PK_KEM_Decryptor(const Private_Key& key,
707  const std::string& kem_param = "",
708  const std::string& provider = "") :
709  PK_KEM_Decryptor(key, system_rng(), kem_param, provider)
710  {}
711 #endif
712 
713  ~PK_KEM_Decryptor();
714  PK_KEM_Decryptor& operator=(const PK_KEM_Decryptor&) = delete;
715  PK_KEM_Decryptor(const PK_KEM_Decryptor&) = delete;
716 
717  /**
718  * Decrypts the shared key for data encryption.
719  * @param encap_key the encapsulated key
720  * @param encap_key_len size of the encapsulated key in bytes
721  * @param desired_shared_key_len desired size of the shared key in bytes
722  * @param salt a salt value used in the KDF
723  * @param salt_len size of the salt value in bytes
724  * @return the shared data encryption key
725  */
726  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
727  size_t encap_key_len,
728  size_t desired_shared_key_len,
729  const uint8_t salt[],
730  size_t salt_len);
731 
732  /**
733  * Decrypts the shared key for data encryption.
734  * @param encap_key the encapsulated key
735  * @param encap_key_len size of the encapsulated key in bytes
736  * @param desired_shared_key_len desired size of the shared key in bytes
737  * @return the shared data encryption key
738  */
739  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
740  size_t encap_key_len,
741  size_t desired_shared_key_len)
742  {
743  return this->decrypt(encap_key, encap_key_len,
744  desired_shared_key_len,
745  nullptr, 0);
746  }
747 
748  /**
749  * Decrypts the shared key for data encryption.
750  * @param encap_key the encapsulated key
751  * @param desired_shared_key_len desired size of the shared key in bytes
752  * @param salt a salt value used in the KDF
753  * @return the shared data encryption key
754  */
755  template<typename Alloc1, typename Alloc2>
756  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc1>& encap_key,
757  size_t desired_shared_key_len,
758  const std::vector<uint8_t, Alloc2>& salt)
759  {
760  return this->decrypt(encap_key.data(), encap_key.size(),
761  desired_shared_key_len,
762  salt.data(), salt.size());
763  }
764 
765  private:
766  std::unique_ptr<PK_Ops::KEM_Decryption> m_op;
767  };
768 
769 }
770 
771 #endif
std::vector< uint8_t > encrypt(const uint8_t in[], size_t length, RandomNumberGenerator &rng) const
Definition: pubkey.h:44
RandomNumberGenerator & system_rng()
Definition: system_rng.cpp:225
secure_vector< uint8_t > decrypt(const std::vector< uint8_t, Alloc1 > &encap_key, size_t desired_shared_key_len, const std::vector< uint8_t, Alloc2 > &salt)
Definition: pubkey.h:756
bool check_signature(const std::vector< uint8_t, Alloc > &sig)
Definition: pubkey.h:378
bool verify_message(const std::vector< uint8_t, Alloc > &msg, const std::vector< uint8_t, Alloc2 > &sig)
Definition: pubkey.h:323
SymmetricKey derive_key(size_t key_len, const std::vector< uint8_t > &in, const uint8_t params[], size_t params_len) const
Definition: pubkey.h:460
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
Signature_Format
Definition: pubkey.h:27
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:131
std::vector< uint8_t > encrypt(const std::vector< uint8_t, Alloc > &in, RandomNumberGenerator &rng) const
Definition: pubkey.h:57
void update(const std::vector< uint8_t > &in)
Definition: pubkey.h:350
void update(uint8_t in)
Definition: pubkey.h:335
std::vector< uint8_t > sign_message(const uint8_t in[], size_t length, RandomNumberGenerator &rng)
Definition: pubkey.h:207
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
Definition: cryptobox.cpp:162
void update(const std::vector< uint8_t > &in)
Definition: pubkey.h:251
std::vector< uint8_t > sign_message(const secure_vector< uint8_t > &in, RandomNumberGenerator &rng)
Definition: pubkey.h:230
secure_vector< uint8_t > decrypt(const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len)
Definition: pubkey.h:739
void update(uint8_t in)
Definition: pubkey.h:238
SymmetricKey derive_key(size_t key_len, const std::vector< uint8_t > &in, const std::string &params="") const
Definition: pubkey.h:491
size_t salt_len
Definition: x509_obj.cpp:26
secure_vector< uint8_t > decrypt(const std::vector< uint8_t, Alloc > &in) const
Definition: pubkey.h:103
Definition: alg_id.cpp:13
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const std::vector< uint8_t, Alloc > &salt)
Definition: pubkey.h:648
void update(const std::string &in)
Definition: pubkey.h:357
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const std::string &params="") const
Definition: pubkey.h:476
std::vector< uint8_t > sign_message(const std::vector< uint8_t > &in, RandomNumberGenerator &rng)
Definition: pubkey.h:220
void set_output_format(Signature_Format format)
Definition: pubkey.h:274
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
void update(const std::string &in)
Definition: pubkey.h:257
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
Definition: cryptobox.cpp:43
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng)
Definition: pubkey.h:669