Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::GHASH Class Reference

#include <gcm.h>

Inheritance diagram for Botan::GHASH:
Botan::SymmetricAlgorithm Botan::GMAC

Public Member Functions

void clear () override
 
secure_vector< uint8_t > final ()
 
Key_Length_Specification key_spec () const override
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
std::string name () const override
 
secure_vector< uint8_t > nonce_hash (const uint8_t nonce[], size_t len)
 
void reset ()
 
void set_associated_data (const uint8_t ad[], size_t ad_len)
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const uint8_t key[], size_t length)
 
void start (const uint8_t nonce[], size_t len)
 
void update (const uint8_t in[], size_t len)
 
bool valid_keylength (size_t length) const
 

Protected Member Functions

void add_final_block (secure_vector< uint8_t > &x, size_t ad_len, size_t pt_len)
 
void ghash_update (secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
 

Protected Attributes

size_t m_ad_len = 0
 
secure_vector< uint8_t > m_ghash
 
secure_vector< uint8_t > m_H
 
secure_vector< uint8_t > m_H_ad
 

Detailed Description

GCM's GHASH Maybe a Transform?

Definition at line 113 of file gcm.h.

Member Function Documentation

void Botan::GHASH::add_final_block ( secure_vector< uint8_t > &  x,
size_t  ad_len,
size_t  pt_len 
)
protected

Definition at line 120 of file gcm.cpp.

References ghash_update().

Referenced by final(), and nonce_hash().

122  {
123  secure_vector<uint8_t> final_block(GCM_BS);
124  store_be<uint64_t>(final_block.data(), 8*ad_len, 8*text_len);
125  ghash_update(hash, final_block.data(), final_block.size());
126  }
void ghash_update(secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
Definition: gcm.cpp:69
MechanismType hash
void Botan::GHASH::clear ( )
overridevirtual

Reset the state.

Implements Botan::SymmetricAlgorithm.

Definition at line 151 of file gcm.cpp.

References m_H, reset(), and Botan::zeroise().

Referenced by Botan::GMAC::clear().

152  {
153  zeroise(m_H);
154  reset();
155  }
void reset()
Definition: gcm.cpp:157
secure_vector< uint8_t > m_H
Definition: gcm.h:144
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:211
secure_vector< uint8_t > Botan::GHASH::final ( )

Definition at line 128 of file gcm.cpp.

References add_final_block(), m_ad_len, and m_ghash.

129  {
130  add_final_block(m_ghash, m_ad_len, m_text_len);
131 
132  secure_vector<uint8_t> mac;
133  mac.swap(m_ghash);
134 
135  mac ^= m_nonce;
136  m_text_len = 0;
137  return mac;
138  }
secure_vector< uint8_t > m_ghash
Definition: gcm.h:146
void add_final_block(secure_vector< uint8_t > &x, size_t ad_len, size_t pt_len)
Definition: gcm.cpp:120
size_t m_ad_len
Definition: gcm.h:147
void Botan::GHASH::ghash_update ( secure_vector< uint8_t > &  x,
const uint8_t  input[],
size_t  input_len 
)
protected

Definition at line 69 of file gcm.cpp.

References Botan::CT::min(), and Botan::xor_buf().

Referenced by add_final_block(), nonce_hash(), set_associated_data(), and update().

71  {
72  /*
73  This assumes if less than block size input then we're just on the
74  final block and should pad with zeros
75  */
76  while(length)
77  {
78  const size_t to_proc = std::min(length, GCM_BS);
79 
80  xor_buf(ghash.data(), input, to_proc);
81 
82  gcm_multiply(ghash);
83 
84  input += to_proc;
85  length -= to_proc;
86  }
87  }
void xor_buf(T out[], const T in[], size_t length)
Definition: mem_ops.h:115
T min(T a, T b)
Definition: ct_utils.h:180
Key_Length_Specification Botan::GHASH::key_spec ( ) const
inlineoverridevirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 129 of file gcm.h.

130  { return Key_Length_Specification(16); }
size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 39 of file sym_algo.h.

40  {
41  return key_spec().maximum_keylength();
42  }
size_t maximum_keylength() const
Definition: key_spec.h:69
virtual Key_Length_Specification key_spec() const =0
size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 47 of file sym_algo.h.

48  {
49  return key_spec().minimum_keylength();
50  }
size_t minimum_keylength() const
Definition: key_spec.h:61
virtual Key_Length_Specification key_spec() const =0
std::string Botan::GHASH::name ( ) const
inlineoverridevirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 136 of file gcm.h.

136 { return "GHASH"; }
secure_vector< uint8_t > Botan::GHASH::nonce_hash ( const uint8_t  nonce[],
size_t  len 
)

Definition at line 140 of file gcm.cpp.

References add_final_block(), BOTAN_ASSERT, ghash_update(), and m_ghash.

141  {
142  BOTAN_ASSERT(m_ghash.size() == 0, "nonce_hash called during wrong time");
143  secure_vector<uint8_t> y0(GCM_BS);
144 
145  ghash_update(y0, nonce, nonce_len);
146  add_final_block(y0, 0, nonce_len);
147 
148  return y0;
149  }
secure_vector< uint8_t > m_ghash
Definition: gcm.h:146
void add_final_block(secure_vector< uint8_t > &x, size_t ad_len, size_t pt_len)
Definition: gcm.cpp:120
void ghash_update(secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
Definition: gcm.cpp:69
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
void Botan::GHASH::reset ( )

Definition at line 157 of file gcm.cpp.

References m_ad_len, m_ghash, m_H_ad, and Botan::zeroise().

Referenced by clear().

158  {
159  zeroise(m_H_ad);
160  m_ghash.clear();
161  m_nonce.clear();
162  m_text_len = m_ad_len = 0;
163  }
secure_vector< uint8_t > m_ghash
Definition: gcm.h:146
secure_vector< uint8_t > m_H_ad
Definition: gcm.h:145
size_t m_ad_len
Definition: gcm.h:147
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:211
void Botan::GHASH::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)

Definition at line 103 of file gcm.cpp.

References ghash_update(), m_ad_len, m_H_ad, and Botan::zeroise().

104  {
105  zeroise(m_H_ad);
106 
107  ghash_update(m_H_ad, input, length);
108  m_ad_len = length;
109  }
void ghash_update(secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
Definition: gcm.cpp:69
secure_vector< uint8_t > m_H_ad
Definition: gcm.h:145
size_t m_ad_len
Definition: gcm.h:147
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:211
void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe SymmetricKey to be set.

Definition at line 66 of file sym_algo.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

Referenced by Botan::aont_package(), Botan::aont_unpackage(), botan_block_cipher_set_key(), botan_mac_set_key(), and Botan::pbkdf2().

67  {
68  set_key(key.begin(), key.length());
69  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 72 of file sym_algo.h.

73  {
74  set_key(key.data(), key.size());
75  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 82 of file sym_algo.h.

83  {
84  if(!valid_keylength(length))
85  throw Invalid_Key_Length(name(), length);
86  key_schedule(key, length);
87  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:57
virtual std::string name() const =0
void Botan::GHASH::start ( const uint8_t  nonce[],
size_t  len 
)

Definition at line 97 of file gcm.cpp.

References m_ghash, and m_H_ad.

98  {
99  m_nonce.assign(nonce, nonce + len);
100  m_ghash = m_H_ad;
101  }
secure_vector< uint8_t > m_ghash
Definition: gcm.h:146
secure_vector< uint8_t > m_H_ad
Definition: gcm.h:145
void Botan::GHASH::update ( const uint8_t  in[],
size_t  len 
)

Definition at line 111 of file gcm.cpp.

References BOTAN_ASSERT, ghash_update(), and m_ghash.

112  {
113  BOTAN_ASSERT(m_ghash.size() == GCM_BS, "Key was set");
114 
115  m_text_len += length;
116 
117  ghash_update(m_ghash, input, length);
118  }
secure_vector< uint8_t > m_ghash
Definition: gcm.h:146
void ghash_update(secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
Definition: gcm.cpp:69
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 57 of file sym_algo.h.

Referenced by Botan::aont_package(), and Botan::aont_unpackage().

58  {
59  return key_spec().valid_keylength(length);
60  }
bool valid_keylength(size_t length) const
Definition: key_spec.h:51
virtual Key_Length_Specification key_spec() const =0

Member Data Documentation

size_t Botan::GHASH::m_ad_len = 0
protected

Definition at line 147 of file gcm.h.

Referenced by final(), reset(), and set_associated_data().

secure_vector<uint8_t> Botan::GHASH::m_ghash
protected

Definition at line 146 of file gcm.h.

Referenced by Botan::GMAC::clear(), final(), nonce_hash(), reset(), start(), and update().

secure_vector<uint8_t> Botan::GHASH::m_H
protected

Definition at line 144 of file gcm.h.

Referenced by Botan::GMAC::clear(), and clear().

secure_vector<uint8_t> Botan::GHASH::m_H_ad
protected

Definition at line 145 of file gcm.h.

Referenced by Botan::GMAC::clear(), reset(), set_associated_data(), and start().


The documentation for this class was generated from the following files: