Botan  2.1.0
Crypto and TLS for C++11
Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption Class Referencefinal

#include <tls_cbc.h>

Inheritance diagram for Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption:
Botan::TLS::TLS_CBC_HMAC_AEAD_Mode Botan::AEAD_Mode Botan::Cipher_Mode

Public Member Functions

bool authenticated () const override
 
void clear () overridefinal
 
size_t default_nonce_length () const overridefinal
 
void finish (secure_vector< uint8_t > &final_block, size_t offset=0) override
 
Key_Length_Specification key_spec () const overridefinal
 
size_t minimum_final_size () const override
 
std::string name () const overridefinal
 
size_t output_length (size_t input_length) const override
 
size_t process (uint8_t buf[], size_t sz) overridefinal
 
virtual std::string provider () const
 
void reset () overridefinal
 
template<typename Alloc >
void set_ad (const std::vector< uint8_t, Alloc > &ad)
 
void set_associated_data (const uint8_t ad[], size_t ad_len) override
 
template<typename Alloc >
void set_associated_data_vec (const std::vector< uint8_t, Alloc > &ad)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const SymmetricKey &key)
 
void set_key (const uint8_t key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< uint8_t, Alloc > &nonce)
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start ()
 
size_t tag_size () const overridefinal
 
 TLS_CBC_HMAC_AEAD_Decryption (const std::string &cipher_algo, const size_t cipher_keylen, const std::string &mac_algo, const size_t mac_keylen, bool use_explicit_iv, bool use_encrypt_then_mac)
 
void update (secure_vector< uint8_t > &buffer, size_t offset=0)
 
size_t update_granularity () const overridefinal
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t nl) const overridefinal
 

Protected Member Functions

std::vector< uint8_t > & assoc_data ()
 
std::vector< uint8_t > assoc_data_with_len (uint16_t len)
 
size_t block_size () const
 
secure_vector< uint8_t > & cbc_state ()
 
BlockCiphercipher () const
 
size_t cipher_keylen () const
 
size_t iv_size () const
 
MessageAuthenticationCodemac () const
 
size_t mac_keylen () const
 
secure_vector< uint8_t > & msg ()
 
bool use_encrypt_then_mac () const
 

Detailed Description

TLS_CBC_HMAC_AEAD Decryption

Definition at line 138 of file tls_cbc.h.

Constructor & Destructor Documentation

Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::TLS_CBC_HMAC_AEAD_Decryption ( const std::string &  cipher_algo,
const size_t  cipher_keylen,
const std::string &  mac_algo,
const size_t  mac_keylen,
bool  use_explicit_iv,
bool  use_encrypt_then_mac 
)
inline

Definition at line 143 of file tls_cbc.h.

148  :
149  TLS_CBC_HMAC_AEAD_Mode(cipher_algo,
151  mac_algo,
152  mac_keylen,
153  use_explicit_iv,
155  {}
TLS_CBC_HMAC_AEAD_Mode(const std::string &cipher_name, size_t cipher_keylen, const std::string &mac_name, size_t mac_keylen, bool use_explicit_iv, bool use_encrypt_then_mac)
Definition: tls_cbc.cpp:25
bool use_encrypt_then_mac() const
Definition: tls_cbc.h:60
size_t cipher_keylen() const
Definition: tls_cbc.h:55

Member Function Documentation

std::vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data ( )
inlineprotectedinherited
std::vector< uint8_t > Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data_with_len ( uint16_t  len)
protectedinherited

Definition at line 114 of file tls_cbc.cpp.

References BOTAN_ASSERT, and Botan::get_byte().

Referenced by finish().

115  {
116  std::vector<uint8_t> ad = m_ad;
117  BOTAN_ASSERT(ad.size() == 13, "Expected AAD size");
118  ad[11] = get_byte(0, len);
119  ad[12] = get_byte(1, len);
120  return ad;
121  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:47
bool Botan::AEAD_Mode::authenticated ( ) const
inlineoverridevirtualinherited
Returns
true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 25 of file aead.h.

25 { return true; }
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size ( ) const
inlineprotectedinherited
secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state ( )
inlineprotectedinherited

Definition at line 74 of file tls_cbc.h.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

74 { return m_cbc_state; }
BlockCipher& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher ( ) const
inlineprotectedinherited

Definition at line 62 of file tls_cbc.h.

References BOTAN_ASSERT_NONNULL.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

63  {
64  BOTAN_ASSERT_NONNULL(m_cipher);
65  return *m_cipher;
66  }
#define BOTAN_ASSERT_NONNULL(ptr)
Definition: assert.h:79
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher_keylen ( ) const
inlineprotectedinherited

Definition at line 55 of file tls_cbc.h.

55 { return m_cipher_keylen; }
void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear ( )
finaloverridevirtualinherited

Zeroise all state See also reset_msg()

Implements Botan::Cipher_Mode.

Definition at line 46 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher(), Botan::SymmetricAlgorithm::clear(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

47  {
48  cipher().clear();
49  mac().clear();
50  reset();
51  }
BlockCipher & cipher() const
Definition: tls_cbc.h:62
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:68
virtual void clear()=0
void reset() overridefinal
Definition: tls_cbc.cpp:53
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::default_nonce_length ( ) const
inlinefinaloverridevirtualinherited
Returns
default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely)

Reimplemented from Botan::AEAD_Mode.

Definition at line 41 of file tls_cbc.h.

41 { return m_iv_size; }
void Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish ( secure_vector< uint8_t > &  final_block,
size_t  offset = 0 
)
overridevirtual

Complete processing of a message.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Implements Botan::Cipher_Mode.

Definition at line 369 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data_with_len(), Botan::TLS::Alert::BAD_RECORD_MAC, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state(), Botan::Buffered_Computation::final(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg(), Botan::CT::poison(), Botan::same_mem(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), Botan::CT::unpoison(), Botan::Buffered_Computation::update(), Botan::Cipher_Mode::update(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

370  {
371  update(buffer, offset);
372  buffer.resize(offset);
373 
374  const size_t record_len = msg().size();
375  uint8_t* record_contents = msg().data();
376 
377  // This early exit does not leak info because all the values compared are public
378  if(record_len < tag_size() ||
379  (record_len - (use_encrypt_then_mac() ? tag_size() : 0)) % block_size() != 0)
380  {
381  throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure");
382  }
383 
385  {
386  const size_t enc_size = record_len - tag_size();
387 
388  mac().update(assoc_data_with_len(iv_size() + enc_size));
389  if(iv_size() > 0)
390  {
391  mac().update(cbc_state());
392  }
393  mac().update(record_contents, enc_size);
394 
395  std::vector<uint8_t> mac_buf(tag_size());
396  mac().final(mac_buf.data());
397 
398  const size_t mac_offset = enc_size;
399 
400  const bool mac_ok = same_mem(&record_contents[mac_offset], mac_buf.data(), tag_size());
401 
402  if(!mac_ok)
403  {
404  throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure");
405  }
406 
407  cbc_decrypt_record(record_contents, enc_size);
408 
409  // 0 if padding was invalid, otherwise 1 + padding_bytes
410  uint16_t pad_size = check_tls_padding(record_contents, enc_size);
411 
412  // No oracle here, whoever sent us this had the key since MAC check passed
413  if(pad_size == 0)
414  {
415  throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure");
416  }
417 
418  const uint8_t* plaintext_block = &record_contents[0];
419  const uint16_t plaintext_length = enc_size - pad_size;
420 
421  buffer.insert(buffer.end(), plaintext_block, plaintext_block + plaintext_length);
422  }
423  else
424  {
425  CT::poison(record_contents, record_len);
426 
427  cbc_decrypt_record(record_contents, record_len);
428 
429  // 0 if padding was invalid, otherwise 1 + padding_bytes
430  uint16_t pad_size = check_tls_padding(record_contents, record_len);
431 
432  /*
433  This mask is zero if there is not enough room in the packet to get a valid MAC.
434 
435  We have to accept empty packets, since otherwise we are not compatible
436  with how OpenSSL's countermeasure for fixing BEAST in TLS 1.0 CBC works
437  (sending empty records, instead of 1/(n-1) splitting)
438  */
439 
440  const uint16_t size_ok_mask = CT::is_lte<uint16_t>(static_cast<uint16_t>(tag_size() + pad_size), static_cast<uint16_t>(record_len + 1));
441  pad_size &= size_ok_mask;
442 
443  CT::unpoison(record_contents, record_len);
444 
445  /*
446  This is unpoisoned sooner than it should. The pad_size leaks to plaintext_length and
447  then to the timing channel in the MAC computation described in the Lucky 13 paper.
448  */
449  CT::unpoison(pad_size);
450 
451  const uint8_t* plaintext_block = &record_contents[0];
452  const uint16_t plaintext_length = static_cast<uint16_t>(record_len - tag_size() - pad_size);
453 
454  mac().update(assoc_data_with_len(plaintext_length));
455  mac().update(plaintext_block, plaintext_length);
456 
457  std::vector<uint8_t> mac_buf(tag_size());
458  mac().final(mac_buf.data());
459 
460  const size_t mac_offset = record_len - (tag_size() + pad_size);
461 
462  const bool mac_ok = same_mem(&record_contents[mac_offset], mac_buf.data(), tag_size());
463 
464  const uint16_t ok_mask = size_ok_mask & CT::expand_mask<uint16_t>(mac_ok) & CT::expand_mask<uint16_t>(pad_size);
465 
466  CT::unpoison(ok_mask);
467 
468  if(ok_mask)
469  {
470  buffer.insert(buffer.end(), plaintext_block, plaintext_block + plaintext_length);
471  }
472  else
473  {
474  perform_additional_compressions(record_len, pad_size);
475  throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure");
476  }
477  }
478  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:98
void update(secure_vector< uint8_t > &buffer, size_t offset=0)
Definition: cipher_mode.h:81
size_t tag_size() const overridefinal
Definition: tls_cbc.h:39
void poison(const T *p, size_t n)
Definition: ct_utils.h:46
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:68
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:74
void final(uint8_t out[])
Definition: buf_comp.h:89
bool use_encrypt_then_mac() const
Definition: tls_cbc.h:60
std::vector< uint8_t > assoc_data_with_len(uint16_t len)
Definition: tls_cbc.cpp:114
void update(const uint8_t in[], size_t length)
Definition: buf_comp.h:34
void unpoison(const T *p, size_t n)
Definition: ct_utils.h:57
secure_vector< uint8_t > & msg()
Definition: tls_cbc.h:76
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size ( ) const
inlineprotectedinherited
Key_Length_Specification Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::key_spec ( ) const
finaloverridevirtualinherited
Returns
object describing limits on key size

Implements Botan::Cipher_Mode.

Definition at line 77 of file tls_cbc.cpp.

78  {
79  return Key_Length_Specification(m_cipher_keylen + m_mac_keylen);
80  }
MessageAuthenticationCode& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac ( ) const
inlineprotectedinherited

Definition at line 68 of file tls_cbc.h.

References BOTAN_ASSERT_NONNULL, and m_mac.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), and finish().

69  {
71  return *m_mac;
72  }
std::unique_ptr< MessageAuthenticationCode > m_mac
Definition: fpe_fe1.cpp:88
#define BOTAN_ASSERT_NONNULL(ptr)
Definition: assert.h:79
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac_keylen ( ) const
inlineprotectedinherited

Definition at line 56 of file tls_cbc.h.

56 { return m_mac_keylen; }
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::minimum_final_size ( ) const
inlineoverridevirtual
Returns
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Cipher_Mode.

Definition at line 159 of file tls_cbc.h.

159 { return tag_size(); }
size_t tag_size() const overridefinal
Definition: tls_cbc.h:39
secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg ( )
inlineprotectedinherited

Definition at line 76 of file tls_cbc.h.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), and finish().

76 { return m_msg; }
std::string Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::name ( ) const
finaloverridevirtualinherited

Implements Botan::Cipher_Mode.

Definition at line 60 of file tls_cbc.cpp.

61  {
62  return "TLS_CBC(" + m_cipher_name + "," + m_mac_name + ")";
63  }
std::string m_cipher_name
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::output_length ( size_t  input_length) const
overridevirtual

Returns the size of the output if this transform is used to process a message with input_length bytes. Will throw if unable to give a precise answer.

Implements Botan::Cipher_Mode.

Definition at line 282 of file tls_cbc.cpp.

283  {
284  /*
285  * We don't know this because the padding is arbitrary
286  */
287  return 0;
288  }
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::process ( uint8_t  msg[],
size_t  msg_len 
)
finaloverridevirtualinherited

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).

Parameters
msgthe message to be processed
msg_lenlength of the message in bytes

Implements Botan::Cipher_Mode.

Definition at line 108 of file tls_cbc.cpp.

109  {
110  m_msg.insert(m_msg.end(), buf, buf + sz);
111  return 0;
112  }
virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 202 of file cipher_mode.h.

202 { return "base"; }
void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset ( )
finaloverridevirtualinherited

Resets just the message specific state and allows encrypting again under the existing key

Implements Botan::Cipher_Mode.

Definition at line 53 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

54  {
55  cbc_state().clear();
56  m_ad.clear();
57  m_msg.clear();
58  }
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:74
template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 66 of file aead.h.

Referenced by Botan::TLS::write_record().

67  {
68  set_associated_data(ad.data(), ad.size());
69  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)
overridevirtualinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters
adthe associated data
ad_lenlength of add in bytes

Implements Botan::AEAD_Mode.

Reimplemented in Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption.

Definition at line 123 of file tls_cbc.cpp.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data().

124  {
125  if(ad_len != 13)
126  throw Exception("Invalid TLS AEAD associated data length");
127  m_ad.assign(ad, ad + ad_len);
128  }
template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 51 of file aead.h.

52  {
53  set_associated_data(ad.data(), ad.size());
54  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
template<typename Alloc >
void Botan::Cipher_Mode::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material

Definition at line 172 of file cipher_mode.h.

Referenced by botan_cipher_set_key().

173  {
174  set_key(key.data(), key.size());
175  }
void set_key(const std::vector< uint8_t, Alloc > &key)
Definition: cipher_mode.h:172
void Botan::Cipher_Mode::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material

Definition at line 181 of file cipher_mode.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

182  {
183  set_key(key.begin(), key.length());
184  }
void set_key(const std::vector< uint8_t, Alloc > &key)
Definition: cipher_mode.h:172
void Botan::Cipher_Mode::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material
lengthin bytes of key param

Definition at line 191 of file cipher_mode.h.

192  {
193  if(!valid_keylength(length))
194  throw Invalid_Key_Length(name(), length);
195  key_schedule(key, length);
196  }
virtual std::string name() const =0
bool valid_keylength(size_t length) const
Definition: cipher_mode.h:162
template<typename Alloc >
void Botan::Cipher_Mode::start ( const std::vector< uint8_t, Alloc > &  nonce)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce

Definition at line 38 of file cipher_mode.h.

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

39  {
40  start_msg(nonce.data(), nonce.size());
41  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
void Botan::Cipher_Mode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 48 of file cipher_mode.h.

49  {
50  start_msg(nonce, nonce_len);
51  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

Definition at line 56 of file cipher_mode.h.

57  {
58  return start_msg(nullptr, 0);
59  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size ( ) const
inlinefinaloverridevirtualinherited
Returns
the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 39 of file tls_cbc.h.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length().

39 { return m_tag_size; }
void Botan::Cipher_Mode::update ( secure_vector< uint8_t > &  buffer,
size_t  offset = 0 
)
inlineinherited

Process some data. Input must be in size update_granularity() uint8_t blocks.

Parameters
bufferin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 81 of file cipher_mode.h.

References BOTAN_ASSERT.

Referenced by botan_cipher_update(), Botan::XTS_Encryption::finish(), Botan::ChaCha20Poly1305_Encryption::finish(), Botan::CBC_Encryption::finish(), Botan::CFB_Encryption::finish(), Botan::EAX_Encryption::finish(), Botan::XTS_Decryption::finish(), Botan::CFB_Decryption::finish(), Botan::CTS_Encryption::finish(), Botan::CBC_Decryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::CTS_Decryption::finish(), and finish().

82  {
83  BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
84  uint8_t* buf = buffer.data() + offset;
85  const size_t buf_size = buffer.size() - offset;
86 
87  const size_t written = process(buf, buf_size);
88  buffer.resize(offset + written);
89  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
virtual size_t process(uint8_t msg[], size_t msg_len)=0
size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::update_granularity ( ) const
finaloverridevirtualinherited
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 65 of file tls_cbc.cpp.

66  {
67  return 1; // just buffers anyway
68  }
bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac ( ) const
inlineprotectedinherited
bool Botan::Cipher_Mode::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 162 of file cipher_mode.h.

163  {
164  return key_spec().valid_keylength(length);
165  }
bool valid_keylength(size_t length) const
Definition: key_spec.h:51
virtual Key_Length_Specification key_spec() const =0
bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::valid_nonce_length ( size_t  nonce_len) const
finaloverridevirtualinherited
Returns
true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 70 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size().

71  {
72  if(m_cbc_state.empty())
73  return nl == block_size();
74  return nl == iv_size();
75  }

The documentation for this class was generated from the following files: