Botan  2.1.0
Crypto and TLS for C++11
ocb.h
Go to the documentation of this file.
1 /*
2 * OCB Mode
3 * (C) 2013,2014 Jack Lloyd
4 * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_AEAD_OCB_H__
10 #define BOTAN_AEAD_OCB_H__
11 
12 #include <botan/aead.h>
13 #include <botan/block_cipher.h>
14 
15 namespace Botan {
16 
17 class L_computer;
18 
19 /**
20 * OCB Mode (base class for OCB_Encryption and OCB_Decryption). Note
21 * that OCB is patented, but is freely licensed in some circumstances.
22 *
23 * @see "The OCB Authenticated-Encryption Algorithm" internet draft
24  http://tools.ietf.org/html/draft-irtf-cfrg-ocb-03
25 * @see Free Licenses http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm
26 * @see OCB home page http://www.cs.ucdavis.edu/~rogaway/ocb
27 */
28 class BOTAN_DLL OCB_Mode : public AEAD_Mode
29  {
30  public:
31  void set_associated_data(const uint8_t ad[], size_t ad_len) override;
32 
33  std::string name() const override;
34 
35  size_t update_granularity() const override;
36 
37  Key_Length_Specification key_spec() const override;
38 
39  bool valid_nonce_length(size_t) const override;
40 
41  size_t tag_size() const override { return m_tag_size; }
42 
43  void clear() override;
44 
45  void reset() override;
46 
47  ~OCB_Mode();
48  protected:
49  /**
50  * @param cipher the 128-bit block cipher to use
51  * @param tag_size is how big the auth tag will be
52  */
53  OCB_Mode(BlockCipher* cipher, size_t tag_size);
54 
55  // fixme make these private
56  std::unique_ptr<BlockCipher> m_cipher;
57  std::unique_ptr<L_computer> m_L;
58 
59  size_t m_block_index = 0;
60 
64  private:
65  void start_msg(const uint8_t nonce[], size_t nonce_len) override;
66 
67  void key_schedule(const uint8_t key[], size_t length) override;
68 
69  secure_vector<uint8_t> update_nonce(const uint8_t nonce[], size_t nonce_len);
70 
71  size_t m_tag_size = 0;
72  secure_vector<uint8_t> m_last_nonce;
73  secure_vector<uint8_t> m_stretch;
74  };
75 
76 class BOTAN_DLL OCB_Encryption final : public OCB_Mode
77  {
78  public:
79  /**
80  * @param cipher the 128-bit block cipher to use
81  * @param tag_size is how big the auth tag will be
82  */
83  OCB_Encryption(BlockCipher* cipher, size_t tag_size = 16) :
84  OCB_Mode(cipher, tag_size) {}
85 
86  size_t output_length(size_t input_length) const override
87  { return input_length + tag_size(); }
88 
89  size_t minimum_final_size() const override { return 0; }
90 
91  size_t process(uint8_t buf[], size_t size) override;
92 
93  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
94  private:
95  void encrypt(uint8_t input[], size_t blocks);
96  };
97 
98 class BOTAN_DLL OCB_Decryption final : public OCB_Mode
99  {
100  public:
101  /**
102  * @param cipher the 128-bit block cipher to use
103  * @param tag_size is how big the auth tag will be
104  */
105  OCB_Decryption(BlockCipher* cipher, size_t tag_size = 16) :
106  OCB_Mode(cipher, tag_size) {}
107 
108  size_t output_length(size_t input_length) const override
109  {
110  BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
111  return input_length - tag_size();
112  }
113 
114  size_t minimum_final_size() const override { return tag_size(); }
115 
116  size_t process(uint8_t buf[], size_t size) override;
117 
118  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
119  private:
120  void decrypt(uint8_t input[], size_t blocks);
121  };
122 
123 }
124 
125 #endif
std::unique_ptr< BlockCipher > m_cipher
Definition: ocb.h:56
size_t output_length(size_t input_length) const override
Definition: ocb.h:108
size_t tag_size() const override
Definition: ocb.h:41
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
Definition: cryptobox.cpp:42
OCB_Decryption(BlockCipher *cipher, size_t tag_size=16)
Definition: ocb.h:105
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
OCB_Encryption(BlockCipher *cipher, size_t tag_size=16)
Definition: ocb.h:83
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
Definition: cryptobox.cpp:102
Definition: alg_id.cpp:13
std::unique_ptr< L_computer > m_L
Definition: ocb.h:57
size_t output_length(size_t input_length) const override
Definition: ocb.h:86
secure_vector< uint8_t > m_ad_hash
Definition: ocb.h:63
size_t minimum_final_size() const override
Definition: ocb.h:114
secure_vector< uint8_t > m_checksum
Definition: ocb.h:61
size_t minimum_final_size() const override
Definition: ocb.h:89
secure_vector< uint8_t > m_offset
Definition: ocb.h:62