public PgpMessage DecryptMessage(PgpPrivateKey privateKey) { if (privateKey == null) { throw new ArgumentNullException(nameof(privateKey)); } foreach (var keyData in publicKeyEncSessionPackets) { if (keyData.KeyId == privateKey.KeyId) { byte[] sessionData = CryptoPool.Rent(keyData.SessionKey.Length); try { privateKey.TryDecryptSessionInfo(keyData.SessionKey, sessionData, out int bytesWritten); if (!ConfirmCheckSum(sessionData.AsSpan(0, bytesWritten))) { throw new PgpException("Checksum validation failed"); } // Note: the oracle attack on the "quick check" bytes is deemed // a security risk for typical public key encryption usages. return(ReadMessage(packetReader.CreateNestedReader(GetDataStream(sessionData.AsSpan(0, bytesWritten - 2), verifyIntegrity: false)))); } finally { CryptoPool.Return(sessionData); } } } throw new PgpException("No matching key data found"); }
public IPacketReader CreateNestedReader(Stream stream) { return(new SigningPacketReader(innerReader.CreateNestedReader(stream), hashTransform)); }
public PgpMessage ReadMessage() { return(ReadMessage(packetReader.CreateNestedReader(GetDataStream()))); }