Botan
1.11.15
|
00001 /* 00002 * CCM Mode 00003 * (C) 2013 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #ifndef BOTAN_AEAD_CCM_H__ 00009 #define BOTAN_AEAD_CCM_H__ 00010 00011 #include <botan/aead.h> 00012 #include <botan/block_cipher.h> 00013 #include <botan/stream_cipher.h> 00014 #include <botan/mac.h> 00015 00016 namespace Botan { 00017 00018 /** 00019 * Base class for CCM encryption and decryption 00020 * @see RFC 3610 00021 */ 00022 class BOTAN_DLL CCM_Mode : public AEAD_Mode 00023 { 00024 public: 00025 void update(secure_vector<byte>& blocks, size_t offset = 0) override; 00026 00027 void set_associated_data(const byte ad[], size_t ad_len) override; 00028 00029 std::string name() const override; 00030 00031 size_t update_granularity() const; 00032 00033 Key_Length_Specification key_spec() const override; 00034 00035 bool valid_nonce_length(size_t) const override; 00036 00037 size_t default_nonce_length() const override; 00038 00039 void clear() override; 00040 00041 size_t tag_size() const { return m_tag_size; } 00042 00043 protected: 00044 const size_t BS = 16; // intrinsic to CCM definition 00045 00046 CCM_Mode(BlockCipher* cipher, size_t tag_size, size_t L); 00047 00048 size_t L() const { return m_L; } 00049 00050 const BlockCipher& cipher() const { return *m_cipher; } 00051 00052 void encode_length(size_t len, byte out[]); 00053 00054 void inc(secure_vector<byte>& C); 00055 00056 const secure_vector<byte>& ad_buf() const { return m_ad_buf; } 00057 00058 secure_vector<byte>& msg_buf() { return m_msg_buf; } 00059 00060 secure_vector<byte> format_b0(size_t msg_size); 00061 secure_vector<byte> format_c0(); 00062 private: 00063 secure_vector<byte> start_raw(const byte nonce[], size_t nonce_len) override; 00064 00065 void key_schedule(const byte key[], size_t length) override; 00066 00067 const size_t m_tag_size; 00068 const size_t m_L; 00069 00070 std::unique_ptr<BlockCipher> m_cipher; 00071 secure_vector<byte> m_nonce, m_msg_buf, m_ad_buf; 00072 }; 00073 00074 /** 00075 * CCM Encryption 00076 */ 00077 class BOTAN_DLL CCM_Encryption : public CCM_Mode 00078 { 00079 public: 00080 /** 00081 * @param cipher a 128-bit block cipher 00082 * @param tag_size is how big the auth tag will be (even values 00083 * between 4 and 16 are accepted) 00084 * @param L length of L parameter. The total message length 00085 * must be less than 2**L bytes, and the nonce is 15-L bytes. 00086 */ 00087 CCM_Encryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) : 00088 CCM_Mode(cipher, tag_size, L) {} 00089 00090 void finish(secure_vector<byte>& final_block, size_t offset = 0) override; 00091 00092 size_t output_length(size_t input_length) const override 00093 { return input_length + tag_size(); } 00094 00095 size_t minimum_final_size() const override { return 0; } 00096 }; 00097 00098 /** 00099 * CCM Decryption 00100 */ 00101 class BOTAN_DLL CCM_Decryption : public CCM_Mode 00102 { 00103 public: 00104 /** 00105 * @param cipher a 128-bit block cipher 00106 * @param tag_size is how big the auth tag will be (even values 00107 * between 4 and 16 are accepted) 00108 * @param L length of L parameter. The total message length 00109 * must be less than 2**L bytes, and the nonce is 15-L bytes. 00110 */ 00111 CCM_Decryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) : 00112 CCM_Mode(cipher, tag_size, L) {} 00113 00114 void finish(secure_vector<byte>& final_block, size_t offset = 0) override; 00115 00116 size_t output_length(size_t input_length) const override 00117 { 00118 BOTAN_ASSERT(input_length > tag_size(), "Sufficient input"); 00119 return input_length - tag_size(); 00120 } 00121 00122 size_t minimum_final_size() const override { return tag_size(); } 00123 }; 00124 00125 } 00126 00127 #endif