Botan  2.19.1
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::CCM_Mode Class Referenceabstract

#include <ccm.h>

Inheritance diagram for Botan::CCM_Mode:
Botan::AEAD_Mode Botan::Cipher_Mode Botan::SymmetricAlgorithm Botan::CCM_Decryption Botan::CCM_Encryption

Public Member Functions

bool associated_data_requires_key () const override
 
bool authenticated () const override
 
void clear () override
 
size_t default_nonce_length () const override
 
virtual void finish (secure_vector< uint8_t > &final_block, size_t offset=0)=0
 
Key_Length_Specification key_spec () const override
 
virtual size_t maximum_associated_data_inputs () const
 
size_t maximum_keylength () const
 
virtual size_t minimum_final_size () const =0
 
size_t minimum_keylength () const
 
std::string name () const override
 
virtual size_t output_length (size_t input_length) const =0
 
size_t process (uint8_t buf[], size_t sz) override
 
virtual std::string provider () const
 
void reset () override
 
template<typename Alloc >
void set_ad (const std::vector< uint8_t, Alloc > &ad)
 
void set_associated_data (const uint8_t ad[], size_t ad_len) override
 
virtual void set_associated_data_n (size_t i, const uint8_t ad[], size_t ad_len)
 
template<typename Alloc >
void set_associated_data_vec (const std::vector< uint8_t, Alloc > &ad)
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const uint8_t key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< uint8_t, Alloc > &nonce)
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start ()
 
size_t tag_size () const override
 
void update (secure_vector< uint8_t > &buffer, size_t offset=0)
 
size_t update_granularity () const override
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t) const override
 

Static Public Member Functions

static std::unique_ptr< AEAD_Modecreate (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::unique_ptr< AEAD_Modecreate_or_throw (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Protected Member Functions

const secure_vector< uint8_t > & ad_buf () const
 
 CCM_Mode (BlockCipher *cipher, size_t tag_size, size_t L)
 
const BlockCiphercipher () const
 
void encode_length (uint64_t len, uint8_t out[])
 
secure_vector< uint8_t > format_b0 (size_t msg_size)
 
secure_vector< uint8_t > format_c0 ()
 
void inc (secure_vector< uint8_t > &C)
 
size_t L () const
 
secure_vector< uint8_t > & msg_buf ()
 
void verify_key_set (bool cond) const
 

Detailed Description

Base class for CCM encryption and decryption

See also
RFC 3610

Definition at line 23 of file ccm.h.

Constructor & Destructor Documentation

Botan::CCM_Mode::CCM_Mode ( BlockCipher cipher,
size_t  tag_size,
size_t  L 
)
protected

Definition at line 20 of file ccm.cpp.

References Botan::ASN1::to_string().

20  :
21  m_tag_size(tag_size),
22  m_L(L),
23  m_cipher(cipher)
24  {
25  if(m_cipher->block_size() != CCM_BS)
26  throw Invalid_Argument(m_cipher->name() + " cannot be used with CCM mode");
27 
28  if(L < 2 || L > 8)
29  throw Invalid_Argument("Invalid CCM L value " + std::to_string(L));
30 
31  if(tag_size < 4 || tag_size > 16 || tag_size % 2 != 0)
32  throw Invalid_Argument("invalid CCM tag length " + std::to_string(tag_size));
33  }
size_t L() const
Definition: ccm.h:51
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
const BlockCipher & cipher() const
Definition: ccm.h:53
size_t tag_size() const override
Definition: ccm.h:46

Member Function Documentation

const secure_vector<uint8_t>& Botan::CCM_Mode::ad_buf ( ) const
inlineprotected

Definition at line 59 of file ccm.h.

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

59 { return m_ad_buf; }
bool Botan::CCM_Mode::associated_data_requires_key ( ) const
inlineoverridevirtual

Most AEADs require the key to be set prior to setting the AD A few allow the AD to be set even before the cipher is keyed. Such ciphers would return false from this function.

Reimplemented from Botan::AEAD_Mode.

Definition at line 30 of file ccm.h.

30 { return false; }
bool Botan::AEAD_Mode::authenticated ( ) const
inlineoverridevirtualinherited
Returns
true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 47 of file aead.h.

47 { return true; }
const BlockCipher& Botan::CCM_Mode::cipher ( ) const
inlineprotected

Definition at line 53 of file ccm.h.

References m_cipher.

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

53 { return *m_cipher; }
void Botan::CCM_Mode::clear ( )
overridevirtual

Reset the state.

Implements Botan::SymmetricAlgorithm.

Definition at line 35 of file ccm.cpp.

References reset().

36  {
37  m_cipher->clear();
38  reset();
39  }
void reset() override
Definition: ccm.cpp:41
std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode or a null pointer if not available

Definition at line 60 of file aead.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::BlockCipher::create(), Botan::ENCRYPTION, Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().

Referenced by Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::get_aead().

63  {
65 #if defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
66  if(algo == "ChaCha20Poly1305")
67  {
68  if(dir == ENCRYPTION)
69  return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Encryption);
70  else
71  return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Decryption);
72 
73  }
74 #endif
75 
76  if(algo.find('/') != std::string::npos)
77  {
78  const std::vector<std::string> algo_parts = split_on(algo, '/');
79  const std::string cipher_name = algo_parts[0];
80  const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
81 
82  if(mode_info.empty())
83  return std::unique_ptr<AEAD_Mode>();
84 
85  std::ostringstream alg_args;
86 
87  alg_args << '(' << cipher_name;
88  for(size_t i = 1; i < mode_info.size(); ++i)
89  alg_args << ',' << mode_info[i];
90  for(size_t i = 2; i < algo_parts.size(); ++i)
91  alg_args << ',' << algo_parts[i];
92  alg_args << ')';
93 
94  const std::string mode_name = mode_info[0] + alg_args.str();
95  return AEAD_Mode::create(mode_name, dir);
96  }
97 
98 #if defined(BOTAN_HAS_BLOCK_CIPHER)
99 
100  SCAN_Name req(algo);
101 
102  if(req.arg_count() == 0)
103  {
104  return std::unique_ptr<AEAD_Mode>();
105  }
106 
107  std::unique_ptr<BlockCipher> bc(BlockCipher::create(req.arg(0), provider));
108 
109  if(!bc)
110  {
111  return std::unique_ptr<AEAD_Mode>();
112  }
113 
114 #if defined(BOTAN_HAS_AEAD_CCM)
115  if(req.algo_name() == "CCM")
116  {
117  size_t tag_len = req.arg_as_integer(1, 16);
118  size_t L_len = req.arg_as_integer(2, 3);
119  if(dir == ENCRYPTION)
120  return std::unique_ptr<AEAD_Mode>(new CCM_Encryption(bc.release(), tag_len, L_len));
121  else
122  return std::unique_ptr<AEAD_Mode>(new CCM_Decryption(bc.release(), tag_len, L_len));
123  }
124 #endif
125 
126 #if defined(BOTAN_HAS_AEAD_GCM)
127  if(req.algo_name() == "GCM")
128  {
129  size_t tag_len = req.arg_as_integer(1, 16);
130  if(dir == ENCRYPTION)
131  return std::unique_ptr<AEAD_Mode>(new GCM_Encryption(bc.release(), tag_len));
132  else
133  return std::unique_ptr<AEAD_Mode>(new GCM_Decryption(bc.release(), tag_len));
134  }
135 #endif
136 
137 #if defined(BOTAN_HAS_AEAD_OCB)
138  if(req.algo_name() == "OCB")
139  {
140  size_t tag_len = req.arg_as_integer(1, 16);
141  if(dir == ENCRYPTION)
142  return std::unique_ptr<AEAD_Mode>(new OCB_Encryption(bc.release(), tag_len));
143  else
144  return std::unique_ptr<AEAD_Mode>(new OCB_Decryption(bc.release(), tag_len));
145  }
146 #endif
147 
148 #if defined(BOTAN_HAS_AEAD_EAX)
149  if(req.algo_name() == "EAX")
150  {
151  size_t tag_len = req.arg_as_integer(1, bc->block_size());
152  if(dir == ENCRYPTION)
153  return std::unique_ptr<AEAD_Mode>(new EAX_Encryption(bc.release(), tag_len));
154  else
155  return std::unique_ptr<AEAD_Mode>(new EAX_Decryption(bc.release(), tag_len));
156  }
157 #endif
158 
159 #if defined(BOTAN_HAS_AEAD_SIV)
160  if(req.algo_name() == "SIV")
161  {
162  if(dir == ENCRYPTION)
163  return std::unique_ptr<AEAD_Mode>(new SIV_Encryption(bc.release()));
164  else
165  return std::unique_ptr<AEAD_Mode>(new SIV_Decryption(bc.release()));
166  }
167 #endif
168 
169 #endif
170 
171  return std::unique_ptr<AEAD_Mode>();
172  }
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:148
virtual std::string provider() const
Definition: cipher_mode.h:180
static std::unique_ptr< AEAD_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: aead.cpp:60
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:95
#define BOTAN_UNUSED(...)
Definition: assert.h:142
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")
std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create_or_throw ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode, or throw

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode, or throw an exception

Definition at line 50 of file aead.cpp.

References Botan::AEAD_Mode::create().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::TLS::Session::decrypt(), Botan::TLS::Session::encrypt(), Botan::mceies_decrypt(), and Botan::mceies_encrypt().

53  {
54  if(auto aead = AEAD_Mode::create(algo, dir, provider))
55  return aead;
56 
57  throw Lookup_Error("AEAD", algo, provider);
58  }
virtual std::string provider() const
Definition: cipher_mode.h:180
static std::unique_ptr< AEAD_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: aead.cpp:60
size_t Botan::CCM_Mode::default_nonce_length ( ) const
overridevirtual
Returns
default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely)

Reimplemented from Botan::AEAD_Mode.

Definition at line 58 of file ccm.cpp.

References L().

59  {
60  return (15-L());
61  }
size_t L() const
Definition: ccm.h:51
void Botan::CCM_Mode::encode_length ( uint64_t  len,
uint8_t  out[] 
)
protected

Definition at line 117 of file ccm.cpp.

References BOTAN_ASSERT_NOMSG, Botan::get_byte(), and L().

Referenced by format_b0().

118  {
119  const size_t len_bytes = L();
120 
121  BOTAN_ASSERT_NOMSG(len_bytes >= 2 && len_bytes <= 8);
122 
123  for(size_t i = 0; i != len_bytes; ++i)
124  out[len_bytes-1-i] = get_byte(sizeof(uint64_t)-1-i, len);
125 
126  if(len_bytes < 8 && (len >> (len_bytes*8)) > 0)
127  throw Encoding_Error("CCM message length too long to encode in L field");
128  }
size_t L() const
Definition: ccm.h:51
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:41
#define BOTAN_ASSERT_NOMSG(expr)
Definition: assert.h:68
virtual void Botan::Cipher_Mode::finish ( secure_vector< uint8_t > &  final_block,
size_t  offset = 0 
)
pure virtualinherited
secure_vector< uint8_t > Botan::CCM_Mode::format_b0 ( size_t  msg_size)
protected

Definition at line 137 of file ccm.cpp.

References Botan::copy_mem(), encode_length(), L(), and tag_size().

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

138  {
139  if(m_nonce.size() != 15-L())
140  throw Invalid_State("CCM mode must set nonce");
141  secure_vector<uint8_t> B0(CCM_BS);
142 
143  const uint8_t b_flags =
144  static_cast<uint8_t>((m_ad_buf.size() ? 64 : 0) + (((tag_size()/2)-1) << 3) + (L()-1));
145 
146  B0[0] = b_flags;
147  copy_mem(&B0[1], m_nonce.data(), m_nonce.size());
148  encode_length(sz, &B0[m_nonce.size()+1]);
149 
150  return B0;
151  }
size_t L() const
Definition: ccm.h:51
void encode_length(uint64_t len, uint8_t out[])
Definition: ccm.cpp:117
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:133
size_t tag_size() const override
Definition: ccm.h:46
secure_vector< uint8_t > Botan::CCM_Mode::format_c0 ( )
protected

Definition at line 153 of file ccm.cpp.

References Botan::C, Botan::copy_mem(), and L().

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

154  {
155  if(m_nonce.size() != 15-L())
156  throw Invalid_State("CCM mode must set nonce");
157  secure_vector<uint8_t> C(CCM_BS);
158 
159  const uint8_t a_flags = static_cast<uint8_t>(L() - 1);
160 
161  C[0] = a_flags;
162  copy_mem(&C[1], m_nonce.data(), m_nonce.size());
163 
164  return C;
165  }
size_t L() const
Definition: ccm.h:51
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:133
SIMD_8x32 C
void Botan::CCM_Mode::inc ( secure_vector< uint8_t > &  C)
protected

Definition at line 130 of file ccm.cpp.

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

131  {
132  for(size_t i = 0; i != C.size(); ++i)
133  if(++C[C.size()-i-1])
134  break;
135  }
SIMD_8x32 C
Key_Length_Specification Botan::CCM_Mode::key_spec ( ) const
overridevirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 74 of file ccm.cpp.

75  {
76  return m_cipher->key_spec();
77  }
size_t Botan::CCM_Mode::L ( ) const
inlineprotected

Definition at line 51 of file ccm.h.

Referenced by default_nonce_length(), encode_length(), format_b0(), format_c0(), name(), and valid_nonce_length().

51 { return m_L; }
virtual size_t Botan::AEAD_Mode::maximum_associated_data_inputs ( ) const
inlinevirtualinherited

Returns the maximum supported number of associated data inputs which can be provided to set_associated_data_n

If returns 0, then no associated data is supported.

Reimplemented in Botan::SIV_Mode.

Definition at line 87 of file aead.h.

87 { return 1; }
size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 120 of file sym_algo.h.

121  {
122  return key_spec().maximum_keylength();
123  }
size_t maximum_keylength() const
Definition: sym_algo.h:70
virtual Key_Length_Specification key_spec() const =0
virtual size_t Botan::Cipher_Mode::minimum_final_size ( ) const
pure virtualinherited
size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 128 of file sym_algo.h.

Referenced by botan_block_cipher_get_keyspec(), and botan_mac_get_keyspec().

129  {
130  return key_spec().minimum_keylength();
131  }
size_t minimum_keylength() const
Definition: sym_algo.h:62
virtual Key_Length_Specification key_spec() const =0
secure_vector<uint8_t>& Botan::CCM_Mode::msg_buf ( )
inlineprotected

Definition at line 61 of file ccm.h.

Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

61 { return m_msg_buf; }
std::string Botan::CCM_Mode::name ( ) const
overridevirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 48 of file ccm.cpp.

References L(), tag_size(), and Botan::ASN1::to_string().

49  {
50  return (m_cipher->name() + "/CCM(" + std::to_string(tag_size()) + "," + std::to_string(L())) + ")";
51  }
size_t L() const
Definition: ccm.h:51
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
size_t tag_size() const override
Definition: ccm.h:46
virtual size_t Botan::Cipher_Mode::output_length ( size_t  input_length) const
pure virtualinherited
size_t Botan::CCM_Mode::process ( uint8_t  msg[],
size_t  msg_len 
)
overridevirtual

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).

Parameters
msgthe message to be processed
msg_lenlength of the message in bytes

Implements Botan::Cipher_Mode.

Definition at line 110 of file ccm.cpp.

References BOTAN_STATE_CHECK.

111  {
112  BOTAN_STATE_CHECK(m_nonce.size() > 0);
113  m_msg_buf.insert(m_msg_buf.end(), buf, buf + sz);
114  return 0; // no output until finished
115  }
#define BOTAN_STATE_CHECK(expr)
Definition: assert.h:49
virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 180 of file cipher_mode.h.

Referenced by Botan::AEAD_Mode::create(), and Botan::Cipher_Mode::create().

180 { return "base"; }
std::vector< std::string > Botan::Cipher_Mode::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available
Parameters
algo_specalgorithm name

Definition at line 190 of file cipher_mode.cpp.

References Botan::Cipher_Mode::create(), and Botan::ENCRYPTION.

191  {
192  const std::vector<std::string>& possible = { "base", "openssl", "commoncrypto" };
193  std::vector<std::string> providers;
194  for(auto&& prov : possible)
195  {
196  std::unique_ptr<Cipher_Mode> mode = Cipher_Mode::create(algo_spec, ENCRYPTION, prov);
197  if(mode)
198  {
199  providers.push_back(prov); // available
200  }
201  }
202  return providers;
203  }
static std::unique_ptr< Cipher_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: cipher_mode.cpp:54
static std::vector< std::string > providers(const std::string &algo_spec)
void Botan::CCM_Mode::reset ( )
overridevirtual

Resets just the message specific state and allows encrypting again under the existing key

Implements Botan::Cipher_Mode.

Definition at line 41 of file ccm.cpp.

Referenced by clear(), Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().

42  {
43  m_nonce.clear();
44  m_msg_buf.clear();
45  m_ad_buf.clear();
46  }
template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 121 of file aead.h.

Referenced by Botan::TLS::write_record().

122  {
123  set_associated_data(ad.data(), ad.size());
124  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
void Botan::CCM_Mode::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)
overridevirtual

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters
adthe associated data
ad_lenlength of add in bytes

Implements Botan::AEAD_Mode.

Definition at line 84 of file ccm.cpp.

References BOTAN_ARG_CHECK, and Botan::get_byte().

85  {
86  m_ad_buf.clear();
87 
88  if(length)
89  {
90  // FIXME: support larger AD using length encoding rules
91  BOTAN_ARG_CHECK(length < (0xFFFF - 0xFF), "Supported CCM AD length");
92 
93  m_ad_buf.push_back(get_byte(0, static_cast<uint16_t>(length)));
94  m_ad_buf.push_back(get_byte(1, static_cast<uint16_t>(length)));
95  m_ad_buf += std::make_pair(ad, length);
96  while(m_ad_buf.size() % CCM_BS)
97  m_ad_buf.push_back(0); // pad with zeros to full block size
98  }
99  }
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:41
#define BOTAN_ARG_CHECK(expr, msg)
Definition: assert.h:37
void Botan::AEAD_Mode::set_associated_data_n ( size_t  i,
const uint8_t  ad[],
size_t  ad_len 
)
virtualinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Some AEADs (namely SIV) support multiple AD inputs. For all other modes only nominal AD input 0 is supported; all other values of i will cause an exception.

Parameters
adthe associated data
ad_lenlength of add in bytes

Reimplemented in Botan::SIV_Mode.

Definition at line 42 of file aead.cpp.

References Botan::SymmetricAlgorithm::name(), and Botan::AEAD_Mode::set_associated_data().

Referenced by Botan::SIV_Mode::set_associated_data().

43  {
44  if(i == 0)
45  this->set_associated_data(ad, ad_len);
46  else
47  throw Invalid_Argument("AEAD '" + name() + "' does not support multiple associated data");
48  }
virtual std::string name() const =0
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 106 of file aead.h.

107  {
108  set_associated_data(ad.data(), ad.size());
109  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited
template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 153 of file sym_algo.h.

154  {
155  set_key(key.data(), key.size());
156  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:147
void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 17 of file sym_algo.cpp.

References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().

18  {
19  if(!valid_keylength(length))
20  throw Invalid_Key_Length(name(), length);
21  key_schedule(key, length);
22  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:138
virtual std::string name() const =0
template<typename Alloc >
void Botan::Cipher_Mode::start ( const std::vector< uint8_t, Alloc > &  nonce)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce

Definition at line 69 of file cipher_mode.h.

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

70  {
71  start_msg(nonce.data(), nonce.size());
72  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
void Botan::Cipher_Mode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 79 of file cipher_mode.h.

80  {
81  start_msg(nonce, nonce_len);
82  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

Definition at line 87 of file cipher_mode.h.

88  {
89  return start_msg(nullptr, 0);
90  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
size_t Botan::CCM_Mode::tag_size ( ) const
inlineoverridevirtual
Returns
the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 46 of file ccm.h.

Referenced by Botan::CCM_Encryption::finish(), Botan::CCM_Decryption::finish(), format_b0(), Botan::CCM_Decryption::minimum_final_size(), name(), Botan::CCM_Encryption::output_length(), and Botan::CCM_Decryption::output_length().

46 { return m_tag_size; }
void Botan::Cipher_Mode::update ( secure_vector< uint8_t > &  buffer,
size_t  offset = 0 
)
inlineinherited

Process some data. Input must be in size update_granularity() uint8_t blocks.

Parameters
bufferin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 112 of file cipher_mode.h.

References BOTAN_ASSERT.

Referenced by botan_cipher_update(), Botan::XTS_Encryption::finish(), Botan::ChaCha20Poly1305_Encryption::finish(), Botan::CFB_Encryption::finish(), Botan::CBC_Encryption::finish(), Botan::EAX_Encryption::finish(), Botan::XTS_Decryption::finish(), Botan::CFB_Decryption::finish(), Botan::CTS_Encryption::finish(), Botan::CBC_Decryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::CTS_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

113  {
114  BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
115  uint8_t* buf = buffer.data() + offset;
116  const size_t buf_size = buffer.size() - offset;
117 
118  const size_t written = process(buf, buf_size);
119  buffer.resize(offset + written);
120  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
virtual size_t process(uint8_t msg[], size_t msg_len)=0
size_t Botan::CCM_Mode::update_granularity ( ) const
overridevirtual
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 63 of file ccm.cpp.

64  {
65  /*
66  This value does not particularly matter as regardless CCM_Mode::update
67  buffers all input, so in theory this could be 1. However as for instance
68  Transform_Filter creates update_granularity() uint8_t buffers, use a
69  somewhat large size to avoid bouncing on a tiny buffer.
70  */
71  return m_cipher->parallel_bytes();
72  }
bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 138 of file sym_algo.h.

Referenced by Botan::aont_package(), Botan::aont_unpackage(), and Botan::SymmetricAlgorithm::set_key().

139  {
140  return key_spec().valid_keylength(length);
141  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:52
virtual Key_Length_Specification key_spec() const =0
bool Botan::CCM_Mode::valid_nonce_length ( size_t  nonce_len) const
overridevirtual
Returns
true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 53 of file ccm.cpp.

References L().

54  {
55  return (n == (15-L()));
56  }
size_t L() const
Definition: ccm.h:51
void Botan::SymmetricAlgorithm::verify_key_set ( bool  cond) const
inlineprotectedinherited

Definition at line 171 of file sym_algo.h.

Referenced by Botan::Salsa20::cipher(), Botan::CTR_BE::cipher(), Botan::RC4::cipher(), Botan::SHAKE_128_Cipher::cipher(), Botan::ChaCha::cipher(), Botan::XTEA::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::CAST_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::DES::decrypt_n(), Botan::AES_128::decrypt_n(), Botan::DESX::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::MISTY1::decrypt_n(), Botan::SM4::decrypt_n(), Botan::KASUMI::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::Lion::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::KASUMI::encrypt_n(), Botan::AES_128::encrypt_n(), Botan::MISTY1::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::SEED::encrypt_n(), Botan::CAST_256::encrypt_n(), Botan::DES::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::DESX::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::XTEA::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::Lion::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::OCB_Encryption::finish(), Botan::OCB_Decryption::finish(), Botan::GHASH::ghash_update(), Botan::CFB_Encryption::process(), Botan::CFB_Decryption::process(), Botan::Salsa20::seek(), Botan::CTR_BE::seek(), Botan::ChaCha::seek(), Botan::OCB_Mode::set_associated_data(), Botan::Salsa20::set_iv(), Botan::ChaCha::set_iv(), Botan::GHASH::update(), Botan::GHASH::update_associated_data(), and Botan::ChaCha::write_keystream().

172  {
173  if(cond == false)
174  throw_key_not_set_error();
175  }

The documentation for this class was generated from the following files: