public static CBORObject decodeEncryptMessage()

in java/remoteprovisioning/CborUtil.java [198:221]

• 24 lines of code
• 2 McCabe index (conditional complexity)

  public static CBORObject decodeEncryptMessage(
      byte[] cborProtectedData, KeyPair eek) throws CborException, CryptoException {
    CBORObject encMsg = CBORObject.DecodeFromBytes(cborProtectedData);
    checkArray(encMsg, COSE_ENCRYPT_LENGTH, "ProtectedData");
    byte[] serializedProtectedHeaders =
        encMsg.get(COSE_ENCRYPT_PROTECTED_HEADERS_INDEX).GetByteString();
    byte[] aad = buildEncStructure(serializedProtectedHeaders, null /* externalAad */);
    CBORObject protectedHeaders = CBORObject.DecodeFromBytes(serializedProtectedHeaders);
    CBORObject unprotectedHeaders = encMsg.get(COSE_ENCRYPT_UNPROTECTED_HEADERS_INDEX);
    byte[] content = encMsg.get(COSE_ENCRYPT_CIPHERTEXT_INDEX).GetByteString();
    CBORObject recipient = getRecipient(encMsg.get(COSE_ENCRYPT_RECIPIENTS_INDEX));
    CBORObject unprotectedHeadersRecip = recipient.get(COSE_RECIPIENT_UNPROTECTED_HEADERS_INDEX);
    CBORObject ephemeralPublicKeyCbor = unprotectedHeadersRecip.get(HeaderKeys.ECDH_EPK.AsCBOR());
    try {
      ECPublicKey ephemeralPublicKey =
          (ECPublicKey) CryptoUtil.oneKeyToP256PublicKey(new OneKey(ephemeralPublicKeyCbor));
      byte[] derivedKey = CryptoUtil.deriveSharedKeyReceive(eek, ephemeralPublicKey);
      byte[] iv = unprotectedHeaders.get(HeaderKeys.IV.AsCBOR()).GetByteString();
      return CBORObject.DecodeFromBytes(CryptoUtil.decrypt(content, aad, derivedKey, iv));
    } catch (CoseException e) {
      throw new CborException("Failed to decode ephemeral public key in recipients.", e,
          CborException.DESERIALIZATION_ERROR);
    }
  }