Class Block.cipher_padded_decrypt
Like Cryptokit.Block.cipher
, but removes padding on the output data as specified by the first argument. The output block size of the returned transform is 1; the input block size is the block size of the block cipher.
method put_substring : bytes -> int -> int -> unit
put_substring b pos len
processeslen
characters of byte sequenceb
, starting at character numberpos
, through the transform.
method put_string : string -> unit
put_string str
processes all characters of stringstr
through the transform.
method put_byte : int -> unit
put_byte b
processes the character having codeb
through the transform.b
must be between0
and255
inclusive.
method finish : unit
Call method
finish
to indicate that no further data will be processed through the transform. This causes the transform to flush its internal buffers and perform all appropriate finalization actions, e.g. add final padding. RaiseError Wrong_data_length
if the total length of input data provided via theput_*
methods is not an integral number of the input block size (seeCryptokit.transform.input_block_size
). After callingfinish
, the transform can no longer accept additional data. Hence, do not call any of theput_*
methods norflush
after callingfinish
.
method flush : unit
flush
causes the transform to flush its internal buffers and make all output processed up to this point available through theget_*
methods. RaiseError Wrong_data_length
if the total length of input data provided via theput_*
methods is not an integral number of the input block size (seeCryptokit.transform.input_block_size
). (For padded block ciphers, the input block size used here is that of the underlying block cipher, without the padding.) Unlike methodfinish
, methodflush
does not add final padding and leaves the transform in a state where it can still accept more input.
method available_output : int
Return the number of characters of output currently available. The output can be recovered with the
get_*
methods.
method get_string : string
Return a character string containing all output characters available at this point. The internal output buffer is emptied; in other terms, all currently available output is consumed (and returned to the caller) by a call to
get_string
.
method get_substring : bytes * int * int
Return a triple
(buf,pos,len)
, wherebuf
is the internal output buffer for the transform,pos
the position of the first character of available output, andlen
the number of characters of available output. The byte arraybuf
will be modified later, so the caller must immediately copy characterspos
topos+len-1
ofbuf
to some other location. The internal output buffer is emptied; in other terms, all currently available output is consumed (and returned to the caller) by a call toget_substring
.
method get_char : char
Return the first character of output, and remove it from the internal output buffer. Raise
End_of_file
if no output is currently available.
method get_byte : int
Return the code of the first character of output, and remove it from the internal output buffer. Raise
End_of_file
if no output is currently available.
method input_block_size : int
Some transforms (e.g. unpadded block ciphers) process input data by blocks of several characters. This method returns the size of input blocks for the current transform. If
input_block_size > 1
, the user of the transform must ensure that the total length of input data provided between calls toflush
andfinish
is an integral multiple ofinput_block_size
. Ifinput_block_size = 1
, the transform can accept input data of arbitrary length.
method output_block_size : int
Some transforms (e.g. block ciphers) always produce output data by blocks of several characters. This method returns the size of output blocks for the current transform. If
output_block_size > 1
, the total length of output data produced by the transform is always an integral multiple ofoutput_block_size
. Ifoutput_block_size = 1
, the transform produces output data of arbitrary length.
method wipe : unit
Erase all internal buffers and data structures of this transform, overwriting them with zeroes. A transform may contain sensitive data such as secret key-derived material, or parts of the input or output data. Calling
wipe
ensures that this sensitive data will not remain in memory longer than strictly necessary, thus making invasive attacks more difficult. It is thus prudent practice to callwipe
on every transform that the program no longer needs. After callingwipe
, the transform is no longer in a working state: do not call any other methods after callingwipe
.