diff options
author | Jack Lloyd <[email protected]> | 2016-02-28 02:43:57 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-03-20 09:38:17 -0400 |
commit | ada363473a9491a3b07e3bb6fa2b5fd9f12aec98 (patch) | |
tree | 0dc7eefb24c3d9983e45dd6e2e7f0876179c8c11 /src/lib/pubkey/dlies/dlies.cpp | |
parent | f70a9de37d22282d8cca465632efd0044ab9008c (diff) |
Add PK_Decryptor::decrypt_or_random
Performs content checks on the value (expected length, expected bytes)
and in constant time returns either the decrypted value or a random value.
Diffstat (limited to 'src/lib/pubkey/dlies/dlies.cpp')
-rw-r--r-- | src/lib/pubkey/dlies/dlies.cpp | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/pubkey/dlies/dlies.cpp b/src/lib/pubkey/dlies/dlies.cpp index ba890ac3d..2c98966b0 100644 --- a/src/lib/pubkey/dlies/dlies.cpp +++ b/src/lib/pubkey/dlies/dlies.cpp @@ -6,6 +6,7 @@ */ #include <botan/dlies.h> +#include <botan/internal/ct_utils.h> namespace Botan { @@ -97,7 +98,8 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key, /* * DLIES Decryption */ -secure_vector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const +secure_vector<byte> DLIES_Decryptor::do_decrypt(byte& valid_mask, + const byte msg[], size_t length) const { if(length < m_my_key.size() + m_mac->output_length()) throw Decoding_Error("DLIES decryption: ciphertext is too short"); @@ -124,8 +126,8 @@ secure_vector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const for(size_t j = 0; j != 8; ++j) m_mac->update(0); secure_vector<byte> T2 = m_mac->final(); - if(T != T2) - throw Decoding_Error("DLIES: message authentication failed"); + + valid_mask = CT::expand_mask<byte>(same_mem(T.data(), T2.data(), T.size())); xor_buf(C, K.data() + m_mac_keylen, C.size()); |