Botan  2.19.1
Crypto and TLS for C++11
ccm.h
Go to the documentation of this file.
1 /*
2 * CCM Mode
3 * (C) 2013 Jack Lloyd
4 * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_AEAD_CCM_H_
10 #define BOTAN_AEAD_CCM_H_
11 
12 #include <botan/aead.h>
13 #include <botan/block_cipher.h>
14 
16 
17 namespace Botan {
18 
19 /**
20 * Base class for CCM encryption and decryption
21 * @see RFC 3610
22 */
23 class BOTAN_PUBLIC_API(2,0) CCM_Mode : public AEAD_Mode
24  {
25  public:
26  size_t process(uint8_t buf[], size_t sz) override;
27 
28  void set_associated_data(const uint8_t ad[], size_t ad_len) override;
29 
30  bool associated_data_requires_key() const override { return false; }
31 
32  std::string name() const override;
33 
34  size_t update_granularity() const override;
35 
36  Key_Length_Specification key_spec() const override;
37 
38  bool valid_nonce_length(size_t) const override;
39 
40  size_t default_nonce_length() const override;
41 
42  void clear() override;
43 
44  void reset() override;
45 
46  size_t tag_size() const override { return m_tag_size; }
47 
48  protected:
49  CCM_Mode(BlockCipher* cipher, size_t tag_size, size_t L);
50 
51  size_t L() const { return m_L; }
52 
53  const BlockCipher& cipher() const { return *m_cipher; }
54 
55  void encode_length(uint64_t len, uint8_t out[]);
56 
57  void inc(secure_vector<uint8_t>& C);
58 
59  const secure_vector<uint8_t>& ad_buf() const { return m_ad_buf; }
60 
61  secure_vector<uint8_t>& msg_buf() { return m_msg_buf; }
62 
63  secure_vector<uint8_t> format_b0(size_t msg_size);
64  secure_vector<uint8_t> format_c0();
65  private:
66  void start_msg(const uint8_t nonce[], size_t nonce_len) override;
67 
68  void key_schedule(const uint8_t key[], size_t length) override;
69 
70  const size_t m_tag_size;
71  const size_t m_L;
72 
73  std::unique_ptr<BlockCipher> m_cipher;
74  secure_vector<uint8_t> m_nonce, m_msg_buf, m_ad_buf;
75  };
76 
77 /**
78 * CCM Encryption
79 */
81  {
82  public:
83  /**
84  * @param cipher a 128-bit block cipher
85  * @param tag_size is how big the auth tag will be (even values
86  * between 4 and 16 are accepted)
87  * @param L length of L parameter. The total message length
88  * must be less than 2**L bytes, and the nonce is 15-L bytes.
89  */
90  CCM_Encryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) :
91  CCM_Mode(cipher, tag_size, L) {}
92 
93  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
94 
95  size_t output_length(size_t input_length) const override
96  { return input_length + tag_size(); }
97 
98  size_t minimum_final_size() const override { return 0; }
99  };
100 
101 /**
102 * CCM Decryption
103 */
105  {
106  public:
107  /**
108  * @param cipher a 128-bit block cipher
109  * @param tag_size is how big the auth tag will be (even values
110  * between 4 and 16 are accepted)
111  * @param L length of L parameter. The total message length
112  * must be less than 2**L bytes, and the nonce is 15-L bytes.
113  */
114  CCM_Decryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) :
115  CCM_Mode(cipher, tag_size, L) {}
116 
117  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
118 
119  size_t output_length(size_t input_length) const override
120  {
121  BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
122  return input_length - tag_size();
123  }
124 
125  size_t minimum_final_size() const override { return tag_size(); }
126  };
127 
128 }
129 
130 #endif
size_t output_length(size_t input_length) const override
Definition: ccm.h:95
CCCryptorRef m_cipher
size_t default_nonce_length() const override
Definition: aead.h:130
size_t L() const
Definition: ccm.h:51
int(* final)(unsigned char *, CTX *)
virtual size_t update_granularity() const =0
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
CCM_Decryption(BlockCipher *cipher, size_t tag_size=16, size_t L=3)
Definition: ccm.h:114
virtual void reset()=0
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:65
bool associated_data_requires_key() const override
Definition: ccm.h:30
virtual std::string name() const =0
const BlockCipher & cipher() const
Definition: ccm.h:53
virtual void clear()=0
Definition: alg_id.cpp:13
virtual Key_Length_Specification key_spec() const =0
virtual size_t process(uint8_t msg[], size_t msg_len)=0
size_t minimum_final_size() const override
Definition: ccm.h:98
size_t output_length(size_t input_length) const override
Definition: ccm.h:119
size_t minimum_final_size() const override
Definition: ccm.h:125
const secure_vector< uint8_t > & ad_buf() const
Definition: ccm.h:59
SIMD_8x32 C
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
CCM_Encryption(BlockCipher *cipher, size_t tag_size=16, size_t L=3)
Definition: ccm.h:90
secure_vector< uint8_t > & msg_buf()
Definition: ccm.h:61
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr)
Definition: compiler.h:136
virtual bool valid_nonce_length(size_t nonce_len) const =0
virtual void finish(secure_vector< uint8_t > &final_block, size_t offset=0)=0
size_t tag_size() const override
Definition: ccm.h:46