Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::Salsa20 Class Referencefinal

#include <salsa20.h>

Inheritance diagram for Botan::Salsa20:
Botan::StreamCipher Botan::SymmetricAlgorithm

Public Member Functions

void cipher (const uint8_t in[], uint8_t out[], size_t length) override
 
void cipher1 (uint8_t buf[], size_t len)
 
void clear () override
 
StreamCipherclone () const override
 
template<typename Alloc >
void decrypt (std::vector< uint8_t, Alloc > &inout)
 
template<typename Alloc >
void encipher (std::vector< uint8_t, Alloc > &inout)
 
template<typename Alloc >
void encrypt (std::vector< uint8_t, Alloc > &inout)
 
Key_Length_Specification key_spec () const override
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
std::string name () const override
 
virtual std::string provider () const
 
void seek (uint64_t offset) override
 
void set_iv (const uint8_t iv[], size_t iv_len) override
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const uint8_t key[], size_t length)
 
bool valid_iv_length (size_t iv_len) const override
 
bool valid_keylength (size_t length) const
 

Static Public Member Functions

static std::unique_ptr< StreamCiphercreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< StreamCiphercreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Detailed Description

DJB's Salsa20 (and XSalsa20)

Definition at line 18 of file salsa20.h.

Member Function Documentation

void Botan::Salsa20::cipher ( const uint8_t  in[],
uint8_t  out[],
size_t  len 
)
overridevirtual

Encrypt or decrypt a message

Parameters
inthe plaintext
outthe byte array to hold the output, i.e. the ciphertext
lenthe length of both in and out in bytes

Implements Botan::StreamCipher.

Definition at line 104 of file salsa20.cpp.

References Botan::xor_buf().

105  {
106  while(length >= m_buffer.size() - m_position)
107  {
108  xor_buf(out, in, &m_buffer[m_position], m_buffer.size() - m_position);
109  length -= (m_buffer.size() - m_position);
110  in += (m_buffer.size() - m_position);
111  out += (m_buffer.size() - m_position);
112  salsa20(m_buffer.data(), m_state.data());
113 
114  ++m_state[8];
115  m_state[9] += (m_state[8] == 0);
116 
117  m_position = 0;
118  }
119 
120  xor_buf(out, in, &m_buffer[m_position], length);
121 
122  m_position += length;
123  }
void xor_buf(T out[], const T in[], size_t length)
Definition: mem_ops.h:115
void Botan::StreamCipher::cipher1 ( uint8_t  buf[],
size_t  len 
)
inlineinherited

Encrypt or decrypt a message The message is encrypted/decrypted in place.

Parameters
bufthe plaintext / ciphertext
lenthe length of buf in bytes

Definition at line 65 of file stream_cipher.h.

Referenced by Botan::SIV_Encryption::finish().

66  { cipher(buf, buf, len); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0
void Botan::Salsa20::clear ( )
overridevirtual

Reset the state.

Implements Botan::SymmetricAlgorithm.

Definition at line 228 of file salsa20.cpp.

References Botan::zap().

229  {
230  zap(m_state);
231  zap(m_buffer);
232  m_position = 0;
233  }
void zap(std::vector< T, Alloc > &vec)
Definition: secmem.h:221
StreamCipher* Botan::Salsa20::clone ( ) const
inlineoverridevirtual
Returns
a new object representing the same algorithm as *this

Implements Botan::StreamCipher.

Definition at line 35 of file salsa20.h.

35 { return new Salsa20; }
std::unique_ptr< StreamCipher > Botan::StreamCipher::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 41 of file stream_cipher.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, and Botan::BlockCipher::create().

Referenced by Botan::BlockCipher::create(), Botan::StreamCipher::create_or_throw(), Botan::get_cipher_mode(), and Botan::get_stream_cipher().

43  {
44  const SCAN_Name req(algo_spec);
45 
46 #if defined(BOTAN_HAS_CTR_BE)
47  if(req.algo_name() == "CTR-BE" && req.arg_count() == 1)
48  {
49  if(provider.empty() || provider == "base")
50  {
51  if(auto c = BlockCipher::create(req.arg(0)))
52  return std::unique_ptr<StreamCipher>(new CTR_BE(c.release()));
53  }
54  }
55 #endif
56 
57 #if defined(BOTAN_HAS_CHACHA)
58  if(req.algo_name() == "ChaCha")
59  {
60  if(provider.empty() || provider == "base")
61  return std::unique_ptr<StreamCipher>(new ChaCha(req.arg_as_integer(0, 20)));
62  }
63 #endif
64 
65 #if defined(BOTAN_HAS_SALSA20)
66  if(req.algo_name() == "Salsa20")
67  {
68  if(provider.empty() || provider == "base")
69  return std::unique_ptr<StreamCipher>(new Salsa20);
70  }
71 #endif
72 
73 #if defined(BOTAN_HAS_SHAKE_CIPHER)
74  if(req.algo_name() == "SHAKE-128")
75  {
76  if(provider.empty() || provider == "base")
77  return std::unique_ptr<StreamCipher>(new SHAKE_128_Cipher);
78  }
79 #endif
80 
81 #if defined(BOTAN_HAS_OFB)
82  if(req.algo_name() == "OFB" && req.arg_count() == 1)
83  {
84  if(provider.empty() || provider == "base")
85  {
86  if(auto c = BlockCipher::create(req.arg(0)))
87  return std::unique_ptr<StreamCipher>(new OFB(c.release()));
88  }
89  }
90 #endif
91 
92 #if defined(BOTAN_HAS_RC4)
93 
94  if(req.algo_name() == "RC4" ||
95  req.algo_name() == "ARC4" ||
96  req.algo_name() == "MARK-4")
97  {
98  const size_t skip = (req.algo_name() == "MARK-4") ? 256 : req.arg_as_integer(0, 0);
99 
100 #if defined(BOTAN_HAS_OPENSSL)
101  if(provider.empty() || provider == "openssl")
102  {
103  return std::unique_ptr<StreamCipher>(make_openssl_rc4(skip));
104  }
105 #endif
106 
107  if(provider.empty() || provider == "base")
108  {
109  return std::unique_ptr<StreamCipher>(new RC4(skip));
110  }
111  }
112 
113 #endif
114 
115  BOTAN_UNUSED(req);
117 
118  return nullptr;
119  }
virtual std::string provider() const
#define BOTAN_UNUSED(v)
Definition: assert.h:92
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")
std::unique_ptr< StreamCipher > Botan::StreamCipher::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use Throws a Lookup_Error if the algo/provider combination cannot be found

Definition at line 123 of file stream_cipher.cpp.

References Botan::StreamCipher::create().

Referenced by Botan::make_stream_cipher().

125  {
126  if(auto sc = StreamCipher::create(algo, provider))
127  {
128  return sc;
129  }
130  throw Lookup_Error("Stream cipher", algo, provider);
131  }
virtual std::string provider() const
static std::unique_ptr< StreamCipher > create(const std::string &algo_spec, const std::string &provider="")
template<typename Alloc >
void Botan::StreamCipher::decrypt ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Decrypt a message in place The message is decrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 92 of file stream_cipher.h.

93  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0
template<typename Alloc >
void Botan::StreamCipher::encipher ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Encrypt a message The message is encrypted/decrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 74 of file stream_cipher.h.

75  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0
template<typename Alloc >
void Botan::StreamCipher::encrypt ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Encrypt a message The message is encrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 83 of file stream_cipher.h.

84  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0
Key_Length_Specification Botan::Salsa20::key_spec ( ) const
inlineoverridevirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 28 of file salsa20.h.

29  {
30  return Key_Length_Specification(16, 32, 16);
31  }
size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 39 of file sym_algo.h.

40  {
41  return key_spec().maximum_keylength();
42  }
size_t maximum_keylength() const
Definition: key_spec.h:69
virtual Key_Length_Specification key_spec() const =0
size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 47 of file sym_algo.h.

48  {
49  return key_spec().minimum_keylength();
50  }
size_t minimum_keylength() const
Definition: key_spec.h:61
virtual Key_Length_Specification key_spec() const =0
std::string Botan::Salsa20::name ( ) const
overridevirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 220 of file salsa20.cpp.

Referenced by set_iv().

221  {
222  return "Salsa20";
223  }
virtual std::string Botan::StreamCipher::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::ChaCha.

Definition at line 123 of file stream_cipher.h.

123 { return "base"; }
std::vector< std::string > Botan::StreamCipher::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 133 of file stream_cipher.cpp.

Referenced by Botan::get_stream_cipher_providers().

134  {
135  return probe_providers_of<StreamCipher>(algo_spec, {"base", "openssl"});
136  }
void Botan::Salsa20::seek ( uint64_t  offset)
overridevirtual

Set the offset and the state used later to generate the keystream

Parameters
offsetthe offset where we begin to generate the keystream

Implements Botan::StreamCipher.

Definition at line 235 of file salsa20.cpp.

236  {
237  throw Not_Implemented("Salsa20::seek");
238  }
void Botan::Salsa20::set_iv ( const uint8_t  iv[],
size_t  iv_len 
)
overridevirtual

Resync the cipher using the IV

Parameters
ivthe initialization vector
iv_lenthe length of the IV in bytes

Implements Botan::StreamCipher.

Definition at line 167 of file salsa20.cpp.

References Botan::load_le< uint32_t >(), name(), and valid_iv_length().

168  {
169  if(!valid_iv_length(length))
170  throw Invalid_IV_Length(name(), length);
171 
172  if(length == 0)
173  {
174  // Salsa20 null IV
175  m_state[6] = 0;
176  m_state[7] = 0;
177  }
178  else if(length == 8)
179  {
180  // Salsa20
181  m_state[6] = load_le<uint32_t>(iv, 0);
182  m_state[7] = load_le<uint32_t>(iv, 1);
183  }
184  else
185  {
186  // XSalsa20
187  m_state[6] = load_le<uint32_t>(iv, 0);
188  m_state[7] = load_le<uint32_t>(iv, 1);
189  m_state[8] = load_le<uint32_t>(iv, 2);
190  m_state[9] = load_le<uint32_t>(iv, 3);
191 
192  secure_vector<uint32_t> hsalsa(8);
193  hsalsa20(hsalsa.data(), m_state.data());
194 
195  m_state[ 1] = hsalsa[0];
196  m_state[ 2] = hsalsa[1];
197  m_state[ 3] = hsalsa[2];
198  m_state[ 4] = hsalsa[3];
199  m_state[ 6] = load_le<uint32_t>(iv, 4);
200  m_state[ 7] = load_le<uint32_t>(iv, 5);
201  m_state[11] = hsalsa[4];
202  m_state[12] = hsalsa[5];
203  m_state[13] = hsalsa[6];
204  m_state[14] = hsalsa[7];
205  }
206 
207  m_state[8] = 0;
208  m_state[9] = 0;
209 
210  salsa20(m_buffer.data(), m_state.data());
211  ++m_state[8];
212  m_state[9] += (m_state[8] == 0);
213 
214  m_position = 0;
215  }
std::string name() const override
Definition: salsa20.cpp:220
uint32_t load_le< uint32_t >(const uint8_t in[], size_t off)
Definition: loadstor.h:204
bool valid_iv_length(size_t iv_len) const override
Definition: salsa20.h:25
void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe SymmetricKey to be set.

Definition at line 66 of file sym_algo.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

Referenced by Botan::aont_package(), Botan::aont_unpackage(), botan_block_cipher_set_key(), botan_mac_set_key(), and Botan::pbkdf2().

67  {
68  set_key(key.begin(), key.length());
69  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 72 of file sym_algo.h.

73  {
74  set_key(key.data(), key.size());
75  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66
void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 82 of file sym_algo.h.

83  {
84  if(!valid_keylength(length))
85  throw Invalid_Key_Length(name(), length);
86  key_schedule(key, length);
87  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:57
virtual std::string name() const =0
bool Botan::Salsa20::valid_iv_length ( size_t  iv_len) const
inlineoverridevirtual
Parameters
iv_lenthe length of the IV in bytes
Returns
if the length is valid for this algorithm

Reimplemented from Botan::StreamCipher.

Definition at line 25 of file salsa20.h.

Referenced by set_iv().

26  { return (iv_len == 0 || iv_len == 8 || iv_len == 24); }
bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 57 of file sym_algo.h.

Referenced by Botan::aont_package(), and Botan::aont_unpackage().

58  {
59  return key_spec().valid_keylength(length);
60  }
bool valid_keylength(size_t length) const
Definition: key_spec.h:51
virtual Key_Length_Specification key_spec() const =0

The documentation for this class was generated from the following files: