Botan
1.11.15
|
#include <ccm.h>
Public Types | |
typedef SCAN_Name | Spec |
Public Member Functions | |
bool | authenticated () const override |
void | clear () override |
size_t | default_nonce_length () const override |
virtual void | finish (secure_vector< byte > &final_block, size_t offset=0)=0 |
Key_Length_Specification | key_spec () const override |
virtual size_t | minimum_final_size () const =0 |
std::string | name () const override |
virtual size_t | output_length (size_t input_length) const =0 |
virtual std::string | provider () const |
template<typename Alloc > | |
void | set_ad (const std::vector< byte, Alloc > &ad) |
void | set_associated_data (const byte ad[], size_t ad_len) override |
template<typename Alloc > | |
void | set_associated_data_vec (const std::vector< byte, Alloc > &ad) |
template<typename Alloc > | |
void | set_key (const std::vector< byte, Alloc > &key) |
void | set_key (const SymmetricKey &key) |
void | set_key (const byte key[], size_t length) |
template<typename Alloc > | |
secure_vector< byte > | start (const std::vector< byte, Alloc > &nonce) |
secure_vector< byte > | start (const byte nonce[], size_t nonce_len) |
secure_vector< byte > | start () |
template<typename Alloc > | |
secure_vector< byte > | start_vec (const std::vector< byte, Alloc > &nonce) |
size_t | tag_size () const |
void | update (secure_vector< byte > &blocks, size_t offset=0) override |
size_t | update_granularity () const |
bool | valid_keylength (size_t length) const |
bool | valid_nonce_length (size_t) const override |
Protected Member Functions | |
const secure_vector< byte > & | ad_buf () const |
CCM_Mode (BlockCipher *cipher, size_t tag_size, size_t L) | |
const BlockCipher & | cipher () const |
void | encode_length (size_t len, byte out[]) |
secure_vector< byte > | format_b0 (size_t msg_size) |
secure_vector< byte > | format_c0 () |
void | inc (secure_vector< byte > &C) |
size_t | L () const |
secure_vector< byte > & | msg_buf () |
Protected Attributes | |
const size_t | BS = 16 |
typedef SCAN_Name Botan::Transform::Spec [inherited] |
Definition at line 27 of file transform.h.
Botan::CCM_Mode::CCM_Mode | ( | BlockCipher * | cipher, |
size_t | tag_size, | ||
size_t | L | ||
) | [protected] |
Definition at line 19 of file ccm.cpp.
References BS, and Botan::ASN1::to_string().
: m_tag_size(tag_size), m_L(L), m_cipher(cipher) { if(m_cipher->block_size() != BS) throw std::invalid_argument(m_cipher->name() + " cannot be used with CCM mode"); if(L < 2 || L > 8) throw std::invalid_argument("Invalid CCM L value " + std::to_string(L)); if(tag_size < 4 || tag_size > 16 || tag_size % 2 != 0) throw std::invalid_argument("invalid CCM tag length " + std::to_string(tag_size)); }
const secure_vector<byte>& Botan::CCM_Mode::ad_buf | ( | ) | const [inline, protected] |
Definition at line 56 of file ccm.h.
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
{ return m_ad_buf; }
bool Botan::AEAD_Mode::authenticated | ( | ) | const [inline, override, virtual, inherited] |
Returns true iff this mode provides authentication as well as confidentiality.
Reimplemented from Botan::Cipher_Mode.
Definition at line 25 of file aead.h.
{ return true; }
const BlockCipher& Botan::CCM_Mode::cipher | ( | ) | const [inline, protected] |
Definition at line 50 of file ccm.h.
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
{ return *m_cipher; }
void Botan::CCM_Mode::clear | ( | ) | [override, virtual] |
Implements Botan::Transform.
Definition at line 34 of file ccm.cpp.
{ m_cipher.reset(); m_msg_buf.clear(); m_ad_buf.clear(); }
size_t Botan::CCM_Mode::default_nonce_length | ( | ) | const [override, virtual] |
Default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely).
Reimplemented from Botan::AEAD_Mode.
Definition at line 51 of file ccm.cpp.
References L().
{ return (15-L()); }
void Botan::CCM_Mode::encode_length | ( | size_t | len, |
byte | out[] | ||
) | [protected] |
Definition at line 115 of file ccm.cpp.
References BOTAN_ASSERT, Botan::get_byte(), and L().
Referenced by format_b0().
{ const size_t len_bytes = L(); BOTAN_ASSERT(len_bytes < sizeof(size_t), "Length field fits"); for(size_t i = 0; i != len_bytes; ++i) out[len_bytes-1-i] = get_byte(sizeof(size_t)-1-i, len); BOTAN_ASSERT((len >> (len_bytes*8)) == 0, "Message length fits in field"); }
virtual void Botan::Transform::finish | ( | secure_vector< byte > & | final_block, |
size_t | offset = 0 |
||
) | [pure virtual, inherited] |
Complete processing of a message.
final_block | in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output |
offset | an offset into final_block to begin processing |
Implemented in Botan::CTS_Decryption, Botan::OCB_Decryption, Botan::CCM_Decryption, Botan::EAX_Decryption, Botan::CBC_Decryption, Botan::GCM_Decryption, Botan::SIV_Decryption, Botan::OCB_Encryption, Botan::CCM_Encryption, Botan::ChaCha20Poly1305_Decryption, Botan::CTS_Encryption, Botan::Stream_Decompression, Botan::CFB_Decryption, Botan::EAX_Encryption, Botan::SIV_Encryption, Botan::ECB_Decryption, Botan::XTS_Decryption, Botan::GCM_Encryption, Botan::CBC_Encryption, Botan::CFB_Encryption, Botan::ChaCha20Poly1305_Encryption, Botan::Stream_Compression, Botan::XTS_Encryption, Botan::ECB_Encryption, and Botan::Stream_Cipher_Mode.
Referenced by botan_cipher_update().
secure_vector< byte > Botan::CCM_Mode::format_b0 | ( | size_t | msg_size | ) | [protected] |
Definition at line 134 of file ccm.cpp.
References BS, Botan::copy_mem(), encode_length(), L(), and tag_size().
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
secure_vector< byte > Botan::CCM_Mode::format_c0 | ( | ) | [protected] |
Definition at line 147 of file ccm.cpp.
References BS, Botan::copy_mem(), and L().
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
void Botan::CCM_Mode::inc | ( | secure_vector< byte > & | C | ) | [protected] |
Definition at line 127 of file ccm.cpp.
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
{ for(size_t i = 0; i != C.size(); ++i) if(++C[C.size()-i-1]) break; }
Key_Length_Specification Botan::CCM_Mode::key_spec | ( | ) | const [override, virtual] |
Implements Botan::Keyed_Transform.
Definition at line 67 of file ccm.cpp.
{
return m_cipher->key_spec();
}
size_t Botan::CCM_Mode::L | ( | ) | const [inline, protected] |
Definition at line 48 of file ccm.h.
Referenced by default_nonce_length(), encode_length(), format_b0(), format_c0(), name(), and valid_nonce_length().
{ return m_L; }
virtual size_t Botan::Transform::minimum_final_size | ( | ) | const [pure virtual, inherited] |
Implemented in Botan::CTS_Decryption, Botan::CCM_Decryption, Botan::OCB_Decryption, Botan::CBC_Decryption, Botan::SIV_Decryption, Botan::EAX_Decryption, Botan::GCM_Decryption, Botan::CCM_Encryption, Botan::OCB_Encryption, Botan::CTS_Encryption, Botan::ChaCha20Poly1305_Decryption, Botan::SIV_Encryption, Botan::ECB_Decryption, Botan::EAX_Encryption, Botan::CBC_Encryption, Botan::GCM_Encryption, Botan::ChaCha20Poly1305_Encryption, Botan::ECB_Encryption, Botan::Stream_Cipher_Mode, Botan::CFB_Mode, Botan::XTS_Mode, and Botan::Compressor_Transform.
Referenced by botan_cipher_update().
secure_vector<byte>& Botan::CCM_Mode::msg_buf | ( | ) | [inline, protected] |
Definition at line 58 of file ccm.h.
Referenced by Botan::CCM_Encryption::finish(), and Botan::CCM_Decryption::finish().
{ return m_msg_buf; }
std::string Botan::CCM_Mode::name | ( | ) | const [override, virtual] |
Implements Botan::Transform.
Definition at line 41 of file ccm.cpp.
References L(), tag_size(), and Botan::ASN1::to_string().
{ return (m_cipher->name() + "/CCM(" + std::to_string(tag_size()) + "," + std::to_string(L())) + ")"; }
virtual size_t Botan::Transform::output_length | ( | size_t | input_length | ) | const [pure virtual, inherited] |
Returns the size of the output if this transform is used to process a message with input_length bytes. Will throw if unable to give a precise answer.
Implemented in Botan::CCM_Decryption, Botan::OCB_Decryption, Botan::CBC_Decryption, Botan::SIV_Decryption, Botan::EAX_Decryption, Botan::CCM_Encryption, Botan::GCM_Decryption, Botan::OCB_Encryption, Botan::CTS_Encryption, Botan::SIV_Encryption, Botan::ECB_Decryption, Botan::ChaCha20Poly1305_Decryption, Botan::XTS_Decryption, Botan::EAX_Encryption, Botan::CBC_Encryption, Botan::GCM_Encryption, Botan::XTS_Encryption, Botan::ChaCha20Poly1305_Encryption, Botan::ECB_Encryption, Botan::CFB_Mode, Botan::Compressor_Transform, and Botan::Stream_Cipher_Mode.
virtual std::string Botan::Transform::provider | ( | ) | const [inline, virtual, inherited] |
Return some short name describing the provider of this tranformation. Useful in cases where multiple implementations are available (eg, different implementations of AES). Default "core" is used for the 'standard' implementation included in the library.
Definition at line 120 of file transform.h.
{ return "core"; }
void Botan::AEAD_Mode::set_ad | ( | const std::vector< byte, Alloc > & | ad | ) | [inline, inherited] |
Definition at line 48 of file aead.h.
{ set_associated_data(&ad[0], ad.size()); }
void Botan::CCM_Mode::set_associated_data | ( | const byte | ad[], |
size_t | ad_len | ||
) | [override, virtual] |
Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.
Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.
ad | the associated data |
ad_len | length of add in bytes |
Implements Botan::AEAD_Mode.
Definition at line 77 of file ccm.cpp.
References BOTAN_ASSERT, and BS.
{ m_ad_buf.clear(); if(length) { // FIXME: support larger AD using length encoding rules BOTAN_ASSERT(length < (0xFFFF - 0xFF), "Supported CCM AD length"); m_ad_buf.push_back(get_byte<u16bit>(0, length)); m_ad_buf.push_back(get_byte<u16bit>(1, length)); m_ad_buf += std::make_pair(ad, length); while(m_ad_buf.size() % BS) m_ad_buf.push_back(0); // pad with zeros to full block size } }
void Botan::AEAD_Mode::set_associated_data_vec | ( | const std::vector< byte, Alloc > & | ad | ) | [inline, inherited] |
Definition at line 42 of file aead.h.
{ set_associated_data(&ad[0], ad.size()); }
void Botan::Keyed_Transform::set_key | ( | const std::vector< byte, Alloc > & | key | ) | [inline, inherited] |
Definition at line 148 of file transform.h.
Referenced by botan_cipher_set_key().
{ set_key(&key[0], key.size()); }
void Botan::Keyed_Transform::set_key | ( | const SymmetricKey & | key | ) | [inline, inherited] |
Definition at line 153 of file transform.h.
References Botan::OctetString::begin(), and Botan::OctetString::length().
{ set_key(key.begin(), key.length()); }
void Botan::Keyed_Transform::set_key | ( | const byte | key[], |
size_t | length | ||
) | [inline, inherited] |
Set the symmetric key of this transform
key | contains the key material |
length | in bytes of key param |
Definition at line 163 of file transform.h.
{ if(!valid_keylength(length)) throw Invalid_Key_Length(name(), length); key_schedule(key, length); }
secure_vector<byte> Botan::Transform::start | ( | const std::vector< byte, Alloc > & | nonce | ) | [inline, inherited] |
Begin processing a message.
nonce | the per message nonce |
Definition at line 34 of file transform.h.
Referenced by botan_cipher_start().
{ return start(&nonce[0], nonce.size()); }
secure_vector<byte> Botan::Transform::start | ( | const byte | nonce[], |
size_t | nonce_len | ||
) | [inline, inherited] |
Begin processing a message.
nonce | the per message nonce |
nonce_len | length of nonce |
Definition at line 55 of file transform.h.
{ return start_raw(nonce, nonce_len); }
secure_vector<byte> Botan::Transform::start | ( | ) | [inline, inherited] |
Begin processing a message.
Definition at line 63 of file transform.h.
{ return start_raw(nullptr, 0); }
secure_vector<byte> Botan::Transform::start_vec | ( | const std::vector< byte, Alloc > & | nonce | ) | [inline, inherited] |
Begin processing a message.
nonce | the per message nonce |
Definition at line 45 of file transform.h.
{ return start(&nonce[0], nonce.size()); }
size_t Botan::CCM_Mode::tag_size | ( | ) | const [inline, virtual] |
Return the size of the authentication tag used (in bytes)
Reimplemented from Botan::Cipher_Mode.
Definition at line 41 of file ccm.h.
Referenced by Botan::CCM_Encryption::finish(), Botan::CCM_Decryption::finish(), format_b0(), and name().
{ return m_tag_size; }
void Botan::CCM_Mode::update | ( | secure_vector< byte > & | blocks, |
size_t | offset = 0 |
||
) | [override, virtual] |
Process some data. Input must be in size update_granularity() byte blocks.
blocks | in/out paramter which will possibly be resized |
offset | an offset into blocks to begin processing |
Implements Botan::Transform.
Definition at line 105 of file ccm.cpp.
References BOTAN_ASSERT.
{ BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane"); const size_t sz = buffer.size() - offset; byte* buf = &buffer[offset]; m_msg_buf.insert(m_msg_buf.end(), buf, buf + sz); buffer.resize(offset); // truncate msg }
size_t Botan::CCM_Mode::update_granularity | ( | ) | const [virtual] |
Implements Botan::Transform.
Definition at line 56 of file ccm.cpp.
{ /* This value does not particularly matter as regardless CCM_Mode::update buffers all input, so in theory this could be 1. However as for instance Transform_Filter creates update_granularity() byte buffers, use a somewhat large size to avoid bouncing on a tiny buffer. */ return m_cipher->parallel_bytes(); }
bool Botan::Keyed_Transform::valid_keylength | ( | size_t | length | ) | const [inline, inherited] |
Check whether a given key length is valid for this algorithm.
length | the key length to be checked. |
Definition at line 142 of file transform.h.
References Botan::Key_Length_Specification::valid_keylength().
{ return key_spec().valid_keylength(length); }
bool Botan::CCM_Mode::valid_nonce_length | ( | size_t | nonce_len | ) | const [override, virtual] |
const size_t Botan::CCM_Mode::BS = 16 [protected] |
Definition at line 44 of file ccm.h.
Referenced by CCM_Mode(), Botan::CCM_Encryption::finish(), Botan::CCM_Decryption::finish(), format_b0(), format_c0(), and set_associated_data().