Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::MessageAuthenticationCode Class Referenceabstract

#include <mac.h>

Inheritance diagram for Botan::MessageAuthenticationCode:
Botan::Buffered_Computation Botan::SymmetricAlgorithm Botan::ANSI_X919_MAC Botan::CBC_MAC Botan::CMAC Botan::GMAC Botan::HMAC Botan::Poly1305 Botan::SipHash

Public Member Functions

virtual void clear ()=0
 
virtual MessageAuthenticationCodeclone () const =0
 
void final (uint8_t out[])
 
secure_vector< uint8_t > final ()
 
template<typename Alloc >
void final (std::vector< uint8_t, Alloc > &out)
 
std::vector< uint8_t > final_stdvec ()
 
virtual Key_Length_Specification key_spec () const =0
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
virtual std::string name () const =0
 
virtual size_t output_length () const =0
 
secure_vector< uint8_t > process (const uint8_t in[], size_t length)
 
secure_vector< uint8_t > process (const secure_vector< uint8_t > &in)
 
secure_vector< uint8_t > process (const std::vector< uint8_t > &in)
 
secure_vector< uint8_t > process (const std::string &in)
 
virtual std::string provider () const
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const uint8_t key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< uint8_t, Alloc > &nonce)
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start ()
 
virtual void start_msg (const uint8_t nonce[], size_t nonce_len)
 
void update (const uint8_t in[], size_t length)
 
void update (const secure_vector< uint8_t > &in)
 
void update (const std::vector< uint8_t > &in)
 
void update (const std::string &str)
 
void update (uint8_t in)
 
template<typename T >
void update_be (const T in)
 
bool valid_keylength (size_t length) const
 
virtual bool verify_mac (const uint8_t in[], size_t length)
 
virtual bool verify_mac (const std::vector< uint8_t > &in)
 
virtual bool verify_mac (const secure_vector< uint8_t > &in)
 
virtual ~MessageAuthenticationCode ()=default
 

Static Public Member Functions

static std::unique_ptr< MessageAuthenticationCodecreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< MessageAuthenticationCodecreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Detailed Description

This class represents Message Authentication Code (MAC) objects.

Definition at line 20 of file mac.h.

Constructor & Destructor Documentation

virtual Botan::MessageAuthenticationCode::~MessageAuthenticationCode ( )
virtualdefault

Member Function Documentation

virtual void Botan::SymmetricAlgorithm::clear ( )
pure virtualinherited
virtual MessageAuthenticationCode* Botan::MessageAuthenticationCode::clone ( ) const
pure virtual

Get a new object representing the same algorithm as *this

Implemented in Botan::GMAC, Botan::ANSI_X919_MAC, Botan::Poly1305, Botan::CMAC, Botan::HMAC, Botan::CBC_MAC, and Botan::SipHash.

std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
static

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 43 of file mac.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), and Botan::BlockCipher::create().

Referenced by botan_mac_init(), Botan::PBKDF::create(), Botan::KDF::create(), create_or_throw(), Botan::TLS::Session::decrypt(), Botan::TLS::Session::encrypt(), Botan::get_mac(), Botan::TLS::Hello_Verify_Request::Hello_Verify_Request(), Botan::make_message_auth(), and Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator().

45  {
46  const SCAN_Name req(algo_spec);
47 
48 #if defined(BOTAN_HAS_GMAC)
49  if(req.algo_name() == "GMAC" && req.arg_count() == 1)
50  {
51  if(provider.empty() || provider == "base")
52  {
53  if(auto bc = BlockCipher::create(req.arg(0)))
54  return std::unique_ptr<MessageAuthenticationCode>(new GMAC(bc.release()));
55  }
56  }
57 #endif
58 
59 #if defined(BOTAN_HAS_HMAC)
60  if(req.algo_name() == "HMAC" && req.arg_count() == 1)
61  {
62  // TODO OpenSSL
63  if(provider.empty() || provider == "base")
64  {
65  if(auto h = HashFunction::create(req.arg(0)))
66  return std::unique_ptr<MessageAuthenticationCode>(new HMAC(h.release()));
67  }
68  }
69 #endif
70 
71 #if defined(BOTAN_HAS_POLY1305)
72  if(req.algo_name() == "Poly1305" && req.arg_count() == 0)
73  {
74  if(provider.empty() || provider == "base")
75  return std::unique_ptr<MessageAuthenticationCode>(new Poly1305);
76  }
77 #endif
78 
79 #if defined(BOTAN_HAS_SIPHASH)
80  if(req.algo_name() == "SipHash")
81  {
82  if(provider.empty() || provider == "base")
83  {
84  return std::unique_ptr<MessageAuthenticationCode>(
85  new SipHash(req.arg_as_integer(0, 2), req.arg_as_integer(1, 4)));
86  }
87  }
88 #endif
89 
90 #if defined(BOTAN_HAS_CMAC)
91  if((req.algo_name() == "CMAC" || req.algo_name() == "OMAC") && req.arg_count() == 1)
92  {
93  // TODO: OpenSSL CMAC
94  if(provider.empty() || provider == "base")
95  {
96  if(auto bc = BlockCipher::create(req.arg(0)))
97  return std::unique_ptr<MessageAuthenticationCode>(new CMAC(bc.release()));
98  }
99  }
100 #endif
101 
102 
103 #if defined(BOTAN_HAS_CBC_MAC)
104  if(req.algo_name() == "CBC-MAC" && req.arg_count() == 1)
105  {
106  if(provider.empty() || provider == "base")
107  {
108  if(auto bc = BlockCipher::create(req.arg(0)))
109  return std::unique_ptr<MessageAuthenticationCode>(new CBC_MAC(bc.release()));
110  }
111  }
112 #endif
113 
114 #if defined(BOTAN_HAS_ANSI_X919_MAC)
115  if(req.algo_name() == "X9.19-MAC")
116  {
117  if(provider.empty() || provider == "base")
118  {
119  return std::unique_ptr<MessageAuthenticationCode>(new ANSI_X919_MAC);
120  }
121  }
122 #endif
123 
124  BOTAN_UNUSED(req);
126 
127  return nullptr;
128  }
virtual std::string provider() const
Definition: mac.h:139
#define BOTAN_UNUSED(v)
Definition: assert.h:92
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:93
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")
std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
static

Definition at line 138 of file mac.cpp.

References create().

Referenced by Botan::AutoSeeded_RNG::AutoSeeded_RNG(), Botan::ECIES_System_Params::create_mac(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode().

140  {
141  if(auto mac = MessageAuthenticationCode::create(algo, provider))
142  {
143  return mac;
144  }
145  throw Lookup_Error("MAC", algo, provider);
146  }
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:43
virtual std::string provider() const
Definition: mac.h:139
void Botan::Buffered_Computation::final ( uint8_t  out[])
inlineinherited

Complete the computation and retrieve the final result.

Parameters
outThe byte array to be filled with the result. Must be of length output_length()

Definition at line 89 of file buf_comp.h.

Referenced by botan_hash_final(), botan_mac_final(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), Botan::mgf1_mask(), and Botan::pbkdf2().

89 { final_result(out); }
secure_vector<uint8_t> Botan::Buffered_Computation::final ( )
inlineinherited

Complete the computation and retrieve the final result.

Returns
secure_vector holding the result

Definition at line 96 of file buf_comp.h.

97  {
98  secure_vector<uint8_t> output(output_length());
99  final_result(output.data());
100  return output;
101  }
virtual size_t output_length() const =0
template<typename Alloc >
void Botan::Buffered_Computation::final ( std::vector< uint8_t, Alloc > &  out)
inlineinherited

Definition at line 111 of file buf_comp.h.

112  {
113  out.resize(output_length());
114  final_result(out.data());
115  }
virtual size_t output_length() const =0
std::vector<uint8_t> Botan::Buffered_Computation::final_stdvec ( )
inlineinherited

Definition at line 103 of file buf_comp.h.

104  {
105  std::vector<uint8_t> output(output_length());
106  final_result(output.data());
107  return output;
108  }
virtual size_t output_length() const =0
virtual Key_Length_Specification Botan::SymmetricAlgorithm::key_spec ( ) const
pure virtualinherited
size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 39 of file sym_algo.h.

40  {
41  return key_spec().maximum_keylength();
42  }
size_t maximum_keylength() const
Definition: key_spec.h:69
virtual Key_Length_Specification key_spec() const =0
size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 47 of file sym_algo.h.

48  {
49  return key_spec().minimum_keylength();
50  }
size_t minimum_keylength() const
Definition: key_spec.h:61
virtual Key_Length_Specification key_spec() const =0
virtual std::string Botan::SymmetricAlgorithm::name ( ) const
pure virtualinherited
virtual size_t Botan::Buffered_Computation::output_length ( ) const
pure virtualinherited
secure_vector<uint8_t> Botan::Buffered_Computation::process ( const uint8_t  in[],
size_t  length 
)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a byte array
lengththe length of the byte array
Returns
the result of the call to final()

Definition at line 124 of file buf_comp.h.

Referenced by Botan::RTSS_Share::split().

125  {
126  add_data(in, length);
127  return final();
128  }
secure_vector<uint8_t> Botan::Buffered_Computation::process ( const secure_vector< uint8_t > &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process
Returns
the result of the call to final()

Definition at line 136 of file buf_comp.h.

137  {
138  add_data(in.data(), in.size());
139  return final();
140  }
secure_vector<uint8_t> Botan::Buffered_Computation::process ( const std::vector< uint8_t > &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process
Returns
the result of the call to final()

Definition at line 148 of file buf_comp.h.

149  {
150  add_data(in.data(), in.size());
151  return final();
152  }
secure_vector<uint8_t> Botan::Buffered_Computation::process ( const std::string &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a string
Returns
the result of the call to final()

Definition at line 160 of file buf_comp.h.

161  {
162  update(in);
163  return final();
164  }
void update(const uint8_t in[], size_t length)
Definition: buf_comp.h:34
virtual std::string Botan::MessageAuthenticationCode::provider ( ) const
inlinevirtual
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Definition at line 139 of file mac.h.

139 { return "base"; }
std::vector< std::string > Botan::MessageAuthenticationCode::providers ( const std::string &  algo_spec)
static
Returns
list of available providers for this algorithm, empty if not available

Definition at line 131 of file mac.cpp.

Referenced by Botan::get_mac_providers().

132  {
133  return probe_providers_of<MessageAuthenticationCode>(algo_spec, {"base", "openssl"});
134  }
void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe SymmetricKey to be set.

Definition at line 66 of file sym_algo.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

Referenced by Botan::aont_package(), Botan::aont_unpackage(), botan_block_cipher_set_key(), botan_mac_set_key(), and Botan::pbkdf2().

67  {
68  set_key(key.begin(), key.length());
69  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 72 of file sym_algo.h.

73  {
74  set_key(key.data(), key.size());
75  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 82 of file sym_algo.h.

83  {
84  if(!valid_keylength(length))
85  throw Invalid_Key_Length(name(), length);
86  key_schedule(key, length);
87  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:57
virtual std::string name() const =0
template<typename Alloc >
void Botan::MessageAuthenticationCode::start ( const std::vector< uint8_t, Alloc > &  nonce)
inline

Begin processing a message with a nonce

Parameters
noncethe per message nonce

Definition at line 79 of file mac.h.

80  {
81  start_msg(nonce.data(), nonce.size());
82  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)
Definition: mac.h:66
void Botan::MessageAuthenticationCode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inline

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 89 of file mac.h.

90  {
91  start_msg(nonce, nonce_len);
92  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)
Definition: mac.h:66
void Botan::MessageAuthenticationCode::start ( )
inline

Begin processing a message.

Definition at line 97 of file mac.h.

98  {
99  return start_msg(nullptr, 0);
100  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)
Definition: mac.h:66
virtual void Botan::MessageAuthenticationCode::start_msg ( const uint8_t  nonce[],
size_t  nonce_len 
)
inlinevirtual

Prepare for processing a message under the specified nonce

Most MACs neither require nor support a nonce; for these algorithms calling start_msg is optional and calling it with anything other than an empty string is an error. One MAC which requires a per-message nonce be specified is GMAC.

Parameters
noncethe message nonce bytes
nonce_lenthe size of len in bytes Default implementation simply rejects all non-empty nonces since most hash/MAC algorithms do not support randomization

Definition at line 66 of file mac.h.

References BOTAN_UNUSED.

67  {
68  BOTAN_UNUSED(nonce);
69  if(nonce_len > 0)
70  throw Invalid_IV_Length(name(), nonce_len);
71  }
virtual std::string name() const =0
#define BOTAN_UNUSED(v)
Definition: assert.h:92
void Botan::Buffered_Computation::update ( const uint8_t  in[],
size_t  length 
)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a byte array
lengthof param in in bytes

Definition at line 34 of file buf_comp.h.

Referenced by botan_hash_update(), botan_mac_update(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), Botan::mgf1_mask(), and Botan::pbkdf2().

34 { add_data(in, length); }
void Botan::Buffered_Computation::update ( const secure_vector< uint8_t > &  in)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a secure_vector

Definition at line 40 of file buf_comp.h.

41  {
42  add_data(in.data(), in.size());
43  }
void Botan::Buffered_Computation::update ( const std::vector< uint8_t > &  in)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a std::vector

Definition at line 49 of file buf_comp.h.

50  {
51  add_data(in.data(), in.size());
52  }
void Botan::Buffered_Computation::update ( const std::string &  str)
inlineinherited

Add new input to process.

Parameters
strthe input to process as a std::string. Will be interpreted as a byte array based on the strings encoding.

Definition at line 72 of file buf_comp.h.

73  {
74  add_data(reinterpret_cast<const uint8_t*>(str.data()), str.size());
75  }
void Botan::Buffered_Computation::update ( uint8_t  in)
inlineinherited

Process a single byte.

Parameters
inthe byte to process

Definition at line 81 of file buf_comp.h.

81 { add_data(&in, 1); }
template<typename T >
void Botan::Buffered_Computation::update_be ( const T  in)
inlineinherited

Add an integer in big-endian order

Parameters
inthe value

Definition at line 58 of file buf_comp.h.

References Botan::get_byte().

Referenced by Botan::mgf1_mask(), and Botan::pbkdf2().

59  {
60  for(size_t i = 0; i != sizeof(T); ++i)
61  {
62  uint8_t b = get_byte(i, in);
63  add_data(&b, 1);
64  }
65  }
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:47
bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 57 of file sym_algo.h.

Referenced by Botan::aont_package(), and Botan::aont_unpackage().

58  {
59  return key_spec().valid_keylength(length);
60  }
bool valid_keylength(size_t length) const
Definition: key_spec.h:51
virtual Key_Length_Specification key_spec() const =0
bool Botan::MessageAuthenticationCode::verify_mac ( const uint8_t  in[],
size_t  length 
)
virtual

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
lengththe length of param in
Returns
true if the MAC is valid, false otherwise

Definition at line 151 of file mac.cpp.

References Botan::same_mem().

152  {
153  secure_vector<uint8_t> our_mac = final();
154 
155  if(our_mac.size() != length)
156  return false;
157 
158  return same_mem(our_mac.data(), mac, length);
159  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:98
virtual bool Botan::MessageAuthenticationCode::verify_mac ( const std::vector< uint8_t > &  in)
inlinevirtual

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
Returns
true if the MAC is valid, false otherwise

Definition at line 115 of file mac.h.

116  {
117  return verify_mac(in.data(), in.size());
118  }
virtual bool verify_mac(const uint8_t in[], size_t length)
Definition: mac.cpp:151
virtual bool Botan::MessageAuthenticationCode::verify_mac ( const secure_vector< uint8_t > &  in)
inlinevirtual

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
Returns
true if the MAC is valid, false otherwise

Definition at line 125 of file mac.h.

126  {
127  return verify_mac(in.data(), in.size());
128  }
virtual bool verify_mac(const uint8_t in[], size_t length)
Definition: mac.cpp:151

The documentation for this class was generated from the following files: