Example #1
0
        public PgpMessage DecryptMessage(PgpPrivateKey privateKey)
        {
            if (privateKey == null)
            {
                throw new ArgumentNullException(nameof(privateKey));
            }

            foreach (var keyData in publicKeyEncSessionPackets)
            {
                if (keyData.KeyId == privateKey.KeyId)
                {
                    byte[] sessionData = CryptoPool.Rent(keyData.SessionKey.Length);
                    try
                    {
                        privateKey.TryDecryptSessionInfo(keyData.SessionKey, sessionData, out int bytesWritten);

                        if (!ConfirmCheckSum(sessionData.AsSpan(0, bytesWritten)))
                        {
                            throw new PgpException("Checksum validation failed");
                        }

                        // Note: the oracle attack on the "quick check" bytes is deemed
                        // a security risk for typical public key encryption usages.
                        return(ReadMessage(packetReader.CreateNestedReader(GetDataStream(sessionData.AsSpan(0, bytesWritten - 2), verifyIntegrity: false))));
                    }
                    finally
                    {
                        CryptoPool.Return(sessionData);
                    }
                }
            }

            throw new PgpException("No matching key data found");
        }
Example #2
0
 public IPacketReader CreateNestedReader(Stream stream)
 {
     return(new SigningPacketReader(innerReader.CreateNestedReader(stream), hashTransform));
 }
Example #3
0
 public PgpMessage ReadMessage()
 {
     return(ReadMessage(packetReader.CreateNestedReader(GetDataStream())));
 }