From ada363473a9491a3b07e3bb6fa2b5fd9f12aec98 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <lloyd@randombit.net>
Date: Sun, 28 Feb 2016 02:43:57 -0500
Subject: Add PK_Decryptor::decrypt_or_random

Performs content checks on the value (expected length, expected bytes)
and in constant time returns either the decrypted value or a random value.
---
 src/lib/pk_pad/eme.h | 55 +++++++++++++++++-----------------------------------
 1 file changed, 18 insertions(+), 37 deletions(-)

(limited to 'src/lib/pk_pad/eme.h')

diff --git a/src/lib/pk_pad/eme.h b/src/lib/pk_pad/eme.h
index 7318ec480..f4c85da70 100644
--- a/src/lib/pk_pad/eme.h
+++ b/src/lib/pk_pad/eme.h
@@ -22,6 +22,8 @@ class BOTAN_DLL EME
    public:
       typedef SCAN_Name Spec;
 
+      virtual ~EME() = default;
+
       /**
       * Return the maximum input size in bytes we can support
       * @param keybits the size of the key in bits
@@ -38,9 +40,9 @@ class BOTAN_DLL EME
       * @return encoded plaintext
       */
       secure_vector<byte> encode(const byte in[],
-                                size_t in_length,
-                                size_t key_length,
-                                RandomNumberGenerator& rng) const;
+                                 size_t in_length,
+                                 size_t key_length,
+                                 RandomNumberGenerator& rng) const;
 
       /**
       * Encode an input
@@ -50,31 +52,21 @@ class BOTAN_DLL EME
       * @return encoded plaintext
       */
       secure_vector<byte> encode(const secure_vector<byte>& in,
-                                size_t key_length,
-                                RandomNumberGenerator& rng) const;
+                                 size_t key_length,
+                                 RandomNumberGenerator& rng) const;
 
       /**
       * Decode an input
+      * @param valid_mask written to specifies if output is valid
       * @param in the encoded plaintext
-      * @param in_length length of encoded plaintext in bytes
-      * @param key_length length of the key in bits
-      * @return plaintext
+      * @param in_len length of encoded plaintext in bytes
+      * @return bytes of out[] written to along with
+      *         validity mask (0xFF if valid, else 0x00)
       */
-      secure_vector<byte> decode(const byte in[],
-                                size_t in_length,
-                                size_t key_length) const;
-
-      /**
-      * Decode an input
-      * @param in the encoded plaintext
-      * @param key_length length of the key in bits
-      * @return plaintext
-      */
-      secure_vector<byte> decode(const secure_vector<byte>& in,
-                                size_t key_length) const;
-
-      virtual ~EME() {}
-   private:
+      virtual secure_vector<byte> unpad(byte& valid_mask,
+                                        const byte in[],
+                                        size_t in_len,
+                                        size_t key_length) const = 0;
       /**
       * Encode an input
       * @param in the plaintext
@@ -84,20 +76,9 @@ class BOTAN_DLL EME
       * @return encoded plaintext
       */
       virtual secure_vector<byte> pad(const byte in[],
-                                     size_t in_length,
-                                     size_t key_length,
-                                     RandomNumberGenerator& rng) const = 0;
-
-      /**
-      * Decode an input
-      * @param in the encoded plaintext
-      * @param in_length length of encoded plaintext in bytes
-      * @param key_length length of the key in bits
-      * @return plaintext
-      */
-      virtual secure_vector<byte> unpad(const byte in[],
-                                       size_t in_length,
-                                       size_t key_length) const = 0;
+                                      size_t in_length,
+                                      size_t key_length,
+                                      RandomNumberGenerator& rng) const = 0;
    };
 
 /**
-- 
cgit v1.2.3