decryptString function
Decrypts a string using the hybrid PKE scheme It uses the private key (sk) to generate a shared secret and then uses AES-GCM to decrypt the ciphertext (ct)
Implementation
Future<String> decryptString(ASECombinedCipher cc, ASEPrivateKey sk) async {
var rRec = kemDecap(cc.kemCt, sk);
var flatR = Uint8List.fromList(rRec.vec[0].coeffs);
var aesKey = await deriveAesKeyWithSalt(flatR, cc.salt);
try {
final nonce = cc.nonce;
final tagLen = 16;
final ctLen = cc.ciphertext.length - tagLen;
final cipherText = cc.ciphertext.sublist(0, ctLen);
final mac = cc.ciphertext.sublist(ctLen);
final secretBox = SecretBox(
cipherText,
nonce: nonce,
mac: Mac(mac),
);
final clear = await aesGcm.decrypt(
secretBox,
secretKey: SecretKey(aesKey),
);
String result = utf8.decode(clear);
secureWipe(flatR);
secureWipe(aesKey);
return result;
} catch (e) {
secureWipe(flatR);
secureWipe(aesKey);
throw StateError('Decryption failed: authentication error');
}
}