Botan  2.11.0
Crypto and TLS for C++11
pubkey.h
Go to the documentation of this file.
1 /*
2 * Public Key Interface
3 * (C) 1999-2010 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_PUBKEY_H_
9 #define BOTAN_PUBKEY_H_
10 
11 #include <botan/pk_keys.h>
12 #include <botan/pk_ops_fwd.h>
13 #include <botan/symkey.h>
14 #include <string>
15 
16 #if defined(BOTAN_HAS_SYSTEM_RNG)
17  #include <botan/system_rng.h>
18  #define BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS
19 #endif
20 
21 namespace Botan {
22 
23 class RandomNumberGenerator;
24 
25 /**
26 * The two types of signature format supported by Botan.
27 */
28 enum Signature_Format { IEEE_1363, DER_SEQUENCE };
29 
30 /**
31 * Public Key Encryptor
32 * This is the primary interface for public key encryption
33 */
34 class BOTAN_PUBLIC_API(2,0) PK_Encryptor
35  {
36  public:
37 
38  /**
39  * Encrypt a message.
40  * @param in the message as a byte array
41  * @param length the length of the above byte array
42  * @param rng the random number source to use
43  * @return encrypted message
44  */
45  std::vector<uint8_t> encrypt(const uint8_t in[], size_t length,
46  RandomNumberGenerator& rng) const
47  {
48  return enc(in, length, rng);
49  }
50 
51  /**
52  * Encrypt a message.
53  * @param in the message
54  * @param rng the random number source to use
55  * @return encrypted message
56  */
57  template<typename Alloc>
58  std::vector<uint8_t> encrypt(const std::vector<uint8_t, Alloc>& in,
59  RandomNumberGenerator& rng) const
60  {
61  return enc(in.data(), in.size(), rng);
62  }
63 
64  /**
65  * Return the maximum allowed message size in bytes.
66  * @return maximum message size in bytes
67  */
68  virtual size_t maximum_input_size() const = 0;
69 
70  /**
71  * Return an upper bound on the ciphertext length
72  */
73  virtual size_t ciphertext_length(size_t ctext_len) const = 0;
74 
75  PK_Encryptor() = default;
76  virtual ~PK_Encryptor() = default;
77 
78  PK_Encryptor(const PK_Encryptor&) = delete;
79  PK_Encryptor& operator=(const PK_Encryptor&) = delete;
80 
81  private:
82  virtual std::vector<uint8_t> enc(const uint8_t[], size_t,
83  RandomNumberGenerator&) const = 0;
84  };
85 
86 /**
87 * Public Key Decryptor
88 */
89 class BOTAN_PUBLIC_API(2,0) PK_Decryptor
90  {
91  public:
92  /**
93  * Decrypt a ciphertext, throwing an exception if the input
94  * seems to be invalid (eg due to an accidental or malicious
95  * error in the ciphertext).
96  *
97  * @param in the ciphertext as a byte array
98  * @param length the length of the above byte array
99  * @return decrypted message
100  */
101  secure_vector<uint8_t> decrypt(const uint8_t in[], size_t length) const;
102 
103  /**
104  * Same as above, but taking a vector
105  * @param in the ciphertext
106  * @return decrypted message
107  */
108  template<typename Alloc>
109  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc>& in) const
110  {
111  return decrypt(in.data(), in.size());
112  }
113 
114  /**
115  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
116  * invalid padding) or is not the expected length, instead
117  * returns a random string of the expected length. Use to avoid
118  * oracle attacks, especially against PKCS #1 v1.5 decryption.
119  */
120  secure_vector<uint8_t>
121  decrypt_or_random(const uint8_t in[],
122  size_t length,
123  size_t expected_pt_len,
124  RandomNumberGenerator& rng) const;
125 
126  /**
127  * Decrypt a ciphertext. If the ciphertext is invalid (eg due to
128  * invalid padding) or is not the expected length, instead
129  * returns a random string of the expected length. Use to avoid
130  * oracle attacks, especially against PKCS #1 v1.5 decryption.
131  *
132  * Additionally checks (also in const time) that:
133  * contents[required_content_offsets[i]] == required_content_bytes[i]
134  * for 0 <= i < required_contents
135  *
136  * Used for example in TLS, which encodes the client version in
137  * the content bytes: if there is any timing variation the version
138  * check can be used as an oracle to recover the key.
139  */
140  secure_vector<uint8_t>
141  decrypt_or_random(const uint8_t in[],
142  size_t length,
143  size_t expected_pt_len,
144  RandomNumberGenerator& rng,
145  const uint8_t required_content_bytes[],
146  const uint8_t required_content_offsets[],
147  size_t required_contents) const;
148 
149  /**
150  * Return an upper bound on the plaintext length for a particular
151  * ciphertext input length
152  */
153  virtual size_t plaintext_length(size_t ctext_len) const = 0;
154 
155  PK_Decryptor() = default;
156  virtual ~PK_Decryptor() = default;
157 
158  PK_Decryptor(const PK_Decryptor&) = delete;
159  PK_Decryptor& operator=(const PK_Decryptor&) = delete;
160 
161  private:
162  virtual secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
163  const uint8_t in[], size_t in_len) const = 0;
164  };
165 
166 /**
167 * Public Key Signer. Use the sign_message() functions for small
168 * messages. Use multiple calls update() to process large messages and
169 * generate the signature by finally calling signature().
170 */
171 class BOTAN_PUBLIC_API(2,0) PK_Signer final
172  {
173  public:
174 
175  /**
176  * Construct a PK Signer.
177  * @param key the key to use inside this signer
178  * @param rng the random generator to use
179  * @param emsa the EMSA to use
180  * An example would be "EMSA1(SHA-224)".
181  * @param format the signature format to use
182  * @param provider the provider to use
183  */
184  PK_Signer(const Private_Key& key,
185  RandomNumberGenerator& rng,
186  const std::string& emsa,
187  Signature_Format format = IEEE_1363,
188  const std::string& provider = "");
189 
190 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
191  /**
192  * Construct a PK Signer.
193  * @param key the key to use inside this signer
194  * @param emsa the EMSA to use
195  * An example would be "EMSA1(SHA-224)".
196  * @param format the signature format to use
197  */
198  BOTAN_DEPRECATED("Use constructor taking a RNG object")
199  PK_Signer(const Private_Key& key,
200  const std::string& emsa,
201  Signature_Format format = IEEE_1363,
202  const std::string& provider = "") :
203  PK_Signer(key, system_rng(), emsa, format, provider)
204  {}
205 #endif
206 
207  ~PK_Signer();
208 
209  PK_Signer(const PK_Signer&) = delete;
210  PK_Signer& operator=(const PK_Signer&) = delete;
211 
212  /**
213  * Sign a message all in one go
214  * @param in the message to sign as a byte array
215  * @param length the length of the above byte array
216  * @param rng the rng to use
217  * @return signature
218  */
219  std::vector<uint8_t> sign_message(const uint8_t in[], size_t length,
220  RandomNumberGenerator& rng)
221  {
222  this->update(in, length);
223  return this->signature(rng);
224  }
225 
226  /**
227  * Sign a message.
228  * @param in the message to sign
229  * @param rng the rng to use
230  * @return signature
231  */
232  template<typename Alloc>
233  std::vector<uint8_t> sign_message(const std::vector<uint8_t, Alloc>& in,
234  RandomNumberGenerator& rng)
235  {
236  return sign_message(in.data(), in.size(), rng);
237  }
238 
239  /**
240  * Add a message part (single byte).
241  * @param in the byte to add
242  */
243  void update(uint8_t in) { update(&in, 1); }
244 
245  /**
246  * Add a message part.
247  * @param in the message part to add as a byte array
248  * @param length the length of the above byte array
249  */
250  void update(const uint8_t in[], size_t length);
251 
252  /**
253  * Add a message part.
254  * @param in the message part to add
255  */
256  template<typename Alloc>
257  void update(const std::vector<uint8_t, Alloc>& in)
258  {
259  update(in.data(), in.size());
260  }
261 
262  /**
263  * Add a message part.
264  * @param in the message part to add
265  */
266  void update(const std::string& in)
267  {
268  update(cast_char_ptr_to_uint8(in.data()), in.size());
269  }
270 
271  /**
272  * Get the signature of the so far processed message (provided by the
273  * calls to update()).
274  * @param rng the rng to use
275  * @return signature of the total message
276  */
277  std::vector<uint8_t> signature(RandomNumberGenerator& rng);
278 
279 
280  /**
281  * Set the output format of the signature.
282  * @param format the signature format to use
283  */
284  void set_output_format(Signature_Format format) { m_sig_format = format; }
285 
286  /**
287  * Return an upper bound on the length of the signatures this
288  * PK_Signer will produce
289  */
290  size_t signature_length() const;
291 
292  private:
293  std::unique_ptr<PK_Ops::Signature> m_op;
294  Signature_Format m_sig_format;
295  size_t m_parts, m_part_size;
296  };
297 
298 /**
299 * Public Key Verifier. Use the verify_message() functions for small
300 * messages. Use multiple calls update() to process large messages and
301 * verify the signature by finally calling check_signature().
302 */
303 class BOTAN_PUBLIC_API(2,0) PK_Verifier final
304  {
305  public:
306  /**
307  * Construct a PK Verifier.
308  * @param pub_key the public key to verify against
309  * @param emsa the EMSA to use (eg "EMSA3(SHA-1)")
310  * @param format the signature format to use
311  * @param provider the provider to use
312  */
313  PK_Verifier(const Public_Key& pub_key,
314  const std::string& emsa,
315  Signature_Format format = IEEE_1363,
316  const std::string& provider = "");
317 
318  ~PK_Verifier();
319 
320  PK_Verifier& operator=(const PK_Verifier&) = delete;
321  PK_Verifier(const PK_Verifier&) = delete;
322 
323  /**
324  * Verify a signature.
325  * @param msg the message that the signature belongs to, as a byte array
326  * @param msg_length the length of the above byte array msg
327  * @param sig the signature as a byte array
328  * @param sig_length the length of the above byte array sig
329  * @return true if the signature is valid
330  */
331  bool verify_message(const uint8_t msg[], size_t msg_length,
332  const uint8_t sig[], size_t sig_length);
333  /**
334  * Verify a signature.
335  * @param msg the message that the signature belongs to
336  * @param sig the signature
337  * @return true if the signature is valid
338  */
339  template<typename Alloc, typename Alloc2>
340  bool verify_message(const std::vector<uint8_t, Alloc>& msg,
341  const std::vector<uint8_t, Alloc2>& sig)
342  {
343  return verify_message(msg.data(), msg.size(),
344  sig.data(), sig.size());
345  }
346 
347  /**
348  * Add a message part (single byte) of the message corresponding to the
349  * signature to be verified.
350  * @param in the byte to add
351  */
352  void update(uint8_t in) { update(&in, 1); }
353 
354  /**
355  * Add a message part of the message corresponding to the
356  * signature to be verified.
357  * @param msg_part the new message part as a byte array
358  * @param length the length of the above byte array
359  */
360  void update(const uint8_t msg_part[], size_t length);
361 
362  /**
363  * Add a message part of the message corresponding to the
364  * signature to be verified.
365  * @param in the new message part
366  */
367  template<typename Alloc>
368  void update(const std::vector<uint8_t, Alloc>& in)
369  {
370  update(in.data(), in.size());
371  }
372 
373  /**
374  * Add a message part of the message corresponding to the
375  * signature to be verified.
376  */
377  void update(const std::string& in)
378  {
379  update(cast_char_ptr_to_uint8(in.data()), in.size());
380  }
381 
382  /**
383  * Check the signature of the buffered message, i.e. the one build
384  * by successive calls to update.
385  * @param sig the signature to be verified as a byte array
386  * @param length the length of the above byte array
387  * @return true if the signature is valid, false otherwise
388  */
389  bool check_signature(const uint8_t sig[], size_t length);
390 
391  /**
392  * Check the signature of the buffered message, i.e. the one build
393  * by successive calls to update.
394  * @param sig the signature to be verified
395  * @return true if the signature is valid, false otherwise
396  */
397  template<typename Alloc>
398  bool check_signature(const std::vector<uint8_t, Alloc>& sig)
399  {
400  return check_signature(sig.data(), sig.size());
401  }
402 
403  /**
404  * Set the format of the signatures fed to this verifier.
405  * @param format the signature format to use
406  */
407  void set_input_format(Signature_Format format);
408 
409  private:
410  std::unique_ptr<PK_Ops::Verification> m_op;
411  Signature_Format m_sig_format;
412  size_t m_parts, m_part_size;
413  };
414 
415 /**
416 * Object used for key agreement
417 */
418 class BOTAN_PUBLIC_API(2,0) PK_Key_Agreement final
419  {
420  public:
421 
422  /**
423  * Construct a PK Key Agreement.
424  * @param key the key to use
425  * @param rng the random generator to use
426  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
427  * @param provider the algo provider to use (or empty for default)
428  */
429  PK_Key_Agreement(const Private_Key& key,
430  RandomNumberGenerator& rng,
431  const std::string& kdf,
432  const std::string& provider = "");
433 
434 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
435  /**
436  * Construct a PK Key Agreement.
437  * @param key the key to use
438  * @param kdf name of the KDF to use (or 'Raw' for no KDF)
439  * @param provider the algo provider to use (or empty for default)
440  */
441  BOTAN_DEPRECATED("Use constructor taking a RNG object")
442  PK_Key_Agreement(const Private_Key& key,
443  const std::string& kdf,
444  const std::string& provider = "") :
445  PK_Key_Agreement(key, system_rng(), kdf, provider)
446  {}
447 #endif
448 
449  ~PK_Key_Agreement();
450 
451  // For ECIES
452  PK_Key_Agreement& operator=(PK_Key_Agreement&&);
453  PK_Key_Agreement(PK_Key_Agreement&&);
454 
455  PK_Key_Agreement& operator=(const PK_Key_Agreement&) = delete;
456  PK_Key_Agreement(const PK_Key_Agreement&) = delete;
457 
458  /**
459  * Perform Key Agreement Operation
460  * @param key_len the desired key output size
461  * @param in the other parties key
462  * @param in_len the length of in in bytes
463  * @param params extra derivation params
464  * @param params_len the length of params in bytes
465  */
466  SymmetricKey derive_key(size_t key_len,
467  const uint8_t in[],
468  size_t in_len,
469  const uint8_t params[],
470  size_t params_len) const;
471 
472  /**
473  * Perform Key Agreement Operation
474  * @param key_len the desired key output size
475  * @param in the other parties key
476  * @param params extra derivation params
477  * @param params_len the length of params in bytes
478  */
479  SymmetricKey derive_key(size_t key_len,
480  const std::vector<uint8_t>& in,
481  const uint8_t params[],
482  size_t params_len) const
483  {
484  return derive_key(key_len, in.data(), in.size(),
485  params, params_len);
486  }
487 
488  /**
489  * Perform Key Agreement Operation
490  * @param key_len the desired key output size
491  * @param in the other parties key
492  * @param in_len the length of in in bytes
493  * @param params extra derivation params
494  */
495  SymmetricKey derive_key(size_t key_len,
496  const uint8_t in[], size_t in_len,
497  const std::string& params = "") const
498  {
499  return derive_key(key_len, in, in_len,
500  cast_char_ptr_to_uint8(params.data()),
501  params.length());
502  }
503 
504  /**
505  * Perform Key Agreement Operation
506  * @param key_len the desired key output size
507  * @param in the other parties key
508  * @param params extra derivation params
509  */
510  SymmetricKey derive_key(size_t key_len,
511  const std::vector<uint8_t>& in,
512  const std::string& params = "") const
513  {
514  return derive_key(key_len, in.data(), in.size(),
515  cast_char_ptr_to_uint8(params.data()),
516  params.length());
517  }
518 
519  /**
520  * Return the underlying size of the value that is agreed.
521  * If derive_key is called with a length of 0 with a "Raw"
522  * KDF, it will return a value of this size.
523  */
524  size_t agreed_value_size() const;
525 
526  private:
527  std::unique_ptr<PK_Ops::Key_Agreement> m_op;
528  };
529 
530 /**
531 * Encryption using a standard message recovery algorithm like RSA or
532 * ElGamal, paired with an encoding scheme like OAEP.
533 */
534 class BOTAN_PUBLIC_API(2,0) PK_Encryptor_EME final : public PK_Encryptor
535  {
536  public:
537  size_t maximum_input_size() const override;
538 
539  /**
540  * Construct an instance.
541  * @param key the key to use inside the encryptor
542  * @param rng the RNG to use
543  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
544  * @param provider the provider to use
545  */
546  PK_Encryptor_EME(const Public_Key& key,
547  RandomNumberGenerator& rng,
548  const std::string& padding,
549  const std::string& provider = "");
550 
551 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
552  /**
553  * Construct an instance.
554  * @param key the key to use inside the encryptor
555  * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
556  */
557  BOTAN_DEPRECATED("Use constructor taking a RNG object")
558  PK_Encryptor_EME(const Public_Key& key,
559  const std::string& padding,
560  const std::string& provider = "") :
561  PK_Encryptor_EME(key, system_rng(), padding, provider) {}
562 #endif
563 
564  ~PK_Encryptor_EME();
565 
566  PK_Encryptor_EME& operator=(const PK_Encryptor_EME&) = delete;
567  PK_Encryptor_EME(const PK_Encryptor_EME&) = delete;
568 
569  /**
570  * Return an upper bound on the ciphertext length for a particular
571  * plaintext input length
572  */
573  size_t ciphertext_length(size_t ptext_len) const override;
574  private:
575  std::vector<uint8_t> enc(const uint8_t[], size_t,
576  RandomNumberGenerator& rng) const override;
577 
578  std::unique_ptr<PK_Ops::Encryption> m_op;
579  };
580 
581 /**
582 * Decryption with an MR algorithm and an EME.
583 */
584 class BOTAN_PUBLIC_API(2,0) PK_Decryptor_EME final : public PK_Decryptor
585  {
586  public:
587  /**
588  * Construct an instance.
589  * @param key the key to use inside the decryptor
590  * @param rng the random generator to use
591  * @param eme the EME to use
592  * @param provider the provider to use
593  */
594  PK_Decryptor_EME(const Private_Key& key,
595  RandomNumberGenerator& rng,
596  const std::string& eme,
597  const std::string& provider = "");
598 
599 
600 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
601  /**
602  * Construct an instance.
603  * @param key the key to use inside the decryptor
604  * @param eme the message encoding scheme to use (eg "OAEP(SHA-256)")
605  */
606  BOTAN_DEPRECATED("Use constructor taking a RNG object")
607  PK_Decryptor_EME(const Private_Key& key,
608  const std::string& eme,
609  const std::string& provider = "") :
610  PK_Decryptor_EME(key, system_rng(), eme, provider) {}
611 #endif
612 
613  size_t plaintext_length(size_t ptext_len) const override;
614 
615  ~PK_Decryptor_EME();
616  PK_Decryptor_EME& operator=(const PK_Decryptor_EME&) = delete;
617  PK_Decryptor_EME(const PK_Decryptor_EME&) = delete;
618  private:
619  secure_vector<uint8_t> do_decrypt(uint8_t& valid_mask,
620  const uint8_t in[],
621  size_t in_len) const override;
622 
623  std::unique_ptr<PK_Ops::Decryption> m_op;
624  };
625 
626 /**
627 * Public Key Key Encapsulation Mechanism Encryption.
628 */
629 class BOTAN_PUBLIC_API(2,0) PK_KEM_Encryptor final
630  {
631  public:
632  /**
633  * Construct an instance.
634  * @param key the key to use inside the encryptor
635  * @param rng the RNG to use
636  * @param kem_param additional KEM parameters
637  * @param provider the provider to use
638  */
639  PK_KEM_Encryptor(const Public_Key& key,
640  RandomNumberGenerator& rng,
641  const std::string& kem_param = "",
642  const std::string& provider = "");
643 
644 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
645  BOTAN_DEPRECATED("Use constructor taking a RNG object")
646  PK_KEM_Encryptor(const Public_Key& key,
647  const std::string& kem_param = "",
648  const std::string& provider = "") :
649  PK_KEM_Encryptor(key, system_rng(), kem_param, provider) {}
650 #endif
651 
652  ~PK_KEM_Encryptor();
653 
654  PK_KEM_Encryptor& operator=(const PK_KEM_Encryptor&) = delete;
655  PK_KEM_Encryptor(const PK_KEM_Encryptor&) = delete;
656 
657  /**
658  * Generate a shared key for data encryption.
659  * @param out_encapsulated_key the generated encapsulated key
660  * @param out_shared_key the generated shared key
661  * @param desired_shared_key_len desired size of the shared key in bytes
662  * @param rng the RNG to use
663  * @param salt a salt value used in the KDF
664  * @param salt_len size of the salt value in bytes
665  */
666  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
667  secure_vector<uint8_t>& out_shared_key,
668  size_t desired_shared_key_len,
669  Botan::RandomNumberGenerator& rng,
670  const uint8_t salt[],
671  size_t salt_len);
672 
673  /**
674  * Generate a shared key for data encryption.
675  * @param out_encapsulated_key the generated encapsulated key
676  * @param out_shared_key the generated shared key
677  * @param desired_shared_key_len desired size of the shared key in bytes
678  * @param rng the RNG to use
679  * @param salt a salt value used in the KDF
680  */
681  template<typename Alloc>
682  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
683  secure_vector<uint8_t>& out_shared_key,
684  size_t desired_shared_key_len,
685  Botan::RandomNumberGenerator& rng,
686  const std::vector<uint8_t, Alloc>& salt)
687  {
688  this->encrypt(out_encapsulated_key,
689  out_shared_key,
690  desired_shared_key_len,
691  rng,
692  salt.data(), salt.size());
693  }
694 
695 
696  /**
697  * Generate a shared key for data encryption.
698  * @param out_encapsulated_key the generated encapsulated key
699  * @param out_shared_key the generated shared key
700  * @param desired_shared_key_len desired size of the shared key in bytes
701  * @param rng the RNG to use
702  */
703  void encrypt(secure_vector<uint8_t>& out_encapsulated_key,
704  secure_vector<uint8_t>& out_shared_key,
705  size_t desired_shared_key_len,
706  Botan::RandomNumberGenerator& rng)
707  {
708  this->encrypt(out_encapsulated_key,
709  out_shared_key,
710  desired_shared_key_len,
711  rng,
712  nullptr,
713  0);
714  }
715 
716  private:
717  std::unique_ptr<PK_Ops::KEM_Encryption> m_op;
718  };
719 
720 /**
721 * Public Key Key Encapsulation Mechanism Decryption.
722 */
723 class BOTAN_PUBLIC_API(2,0) PK_KEM_Decryptor final
724  {
725  public:
726  /**
727  * Construct an instance.
728  * @param key the key to use inside the decryptor
729  * @param rng the RNG to use
730  * @param kem_param additional KEM parameters
731  * @param provider the provider to use
732  */
733  PK_KEM_Decryptor(const Private_Key& key,
734  RandomNumberGenerator& rng,
735  const std::string& kem_param = "",
736  const std::string& provider = "");
737 
738 #if defined(BOTAN_PUBKEY_INCLUDE_DEPRECATED_CONSTRUCTORS)
739  BOTAN_DEPRECATED("Use constructor taking a RNG object")
740  PK_KEM_Decryptor(const Private_Key& key,
741  const std::string& kem_param = "",
742  const std::string& provider = "") :
743  PK_KEM_Decryptor(key, system_rng(), kem_param, provider)
744  {}
745 #endif
746 
747  ~PK_KEM_Decryptor();
748  PK_KEM_Decryptor& operator=(const PK_KEM_Decryptor&) = delete;
749  PK_KEM_Decryptor(const PK_KEM_Decryptor&) = delete;
750 
751  /**
752  * Decrypts the shared key for data encryption.
753  * @param encap_key the encapsulated key
754  * @param encap_key_len size of the encapsulated key in bytes
755  * @param desired_shared_key_len desired size of the shared key in bytes
756  * @param salt a salt value used in the KDF
757  * @param salt_len size of the salt value in bytes
758  * @return the shared data encryption key
759  */
760  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
761  size_t encap_key_len,
762  size_t desired_shared_key_len,
763  const uint8_t salt[],
764  size_t salt_len);
765 
766  /**
767  * Decrypts the shared key for data encryption.
768  * @param encap_key the encapsulated key
769  * @param encap_key_len size of the encapsulated key in bytes
770  * @param desired_shared_key_len desired size of the shared key in bytes
771  * @return the shared data encryption key
772  */
773  secure_vector<uint8_t> decrypt(const uint8_t encap_key[],
774  size_t encap_key_len,
775  size_t desired_shared_key_len)
776  {
777  return this->decrypt(encap_key, encap_key_len,
778  desired_shared_key_len,
779  nullptr, 0);
780  }
781 
782  /**
783  * Decrypts the shared key for data encryption.
784  * @param encap_key the encapsulated key
785  * @param desired_shared_key_len desired size of the shared key in bytes
786  * @param salt a salt value used in the KDF
787  * @return the shared data encryption key
788  */
789  template<typename Alloc1, typename Alloc2>
790  secure_vector<uint8_t> decrypt(const std::vector<uint8_t, Alloc1>& encap_key,
791  size_t desired_shared_key_len,
792  const std::vector<uint8_t, Alloc2>& salt)
793  {
794  return this->decrypt(encap_key.data(), encap_key.size(),
795  desired_shared_key_len,
796  salt.data(), salt.size());
797  }
798 
799  private:
800  std::unique_ptr<PK_Ops::KEM_Decryption> m_op;
801  };
802 
803 }
804 
805 #endif
Botan::rng
bool RandomNumberGenerator & rng
Definition: numthry.h:176
padding
botan_pubkey_t const char * padding
Definition: ffi.h:1341
final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:28
Botan::Signature_Format
Signature_Format
Definition: pubkey.h:28
Botan::cast_char_ptr_to_uint8
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:159
std
Definition: bigint.h:1136
Botan::in
void const uint8_t in[]
Definition: mgf1.h:26
sig
const uint8_t sig[]
Definition: ffi.h:1425
Botan::CryptoBox::decrypt
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
Definition: cryptobox.cpp:162
Botan::key
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t key[]
Definition: argon2.h:87
Botan
Definition: alg_id.cpp:13
Botan::SymmetricKey
OctetString SymmetricKey
Definition: symkey.h:141
Botan::BOTAN_PUBLIC_API
class BOTAN_PUBLIC_API(2, 0) AlgorithmIdentifier final bool BOTAN_PUBLIC_API(2, 0) operator
Name Constraints.
Definition: asn1_obj.h:66
update
int(* update)(CTX *, const void *, CC_LONG len)
Definition: commoncrypto_hash.cpp:27
Botan::salt
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t salt[]
Definition: argon2.h:87
Botan::key_len
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t size_t key_len
Definition: argon2.h:87
Botan::in_len
void const uint8_t size_t in_len
Definition: mgf1.h:26
Botan::system_rng
RandomNumberGenerator & system_rng()
Definition: system_rng.cpp:279
ctext_len
size_t size_t * ctext_len
Definition: ffi.h:1351
ptext_len
size_t ptext_len
Definition: ffi.h:1351
Botan::CryptoBox::encrypt
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
Definition: cryptobox.cpp:43
Botan::params
secure_vector< uint8_t > const std::string const std::vector< uint8_t > & params
Definition: pbes2.h:80
Botan::salt_len
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t salt_len
Definition: argon2.h:87
Generated by   doxygen 1.8.15