Botan  1.11.15
Public Types | Public Member Functions | Protected Member Functions
Botan::SIV_Decryption Class Reference

#include <siv.h>

Inheritance diagram for Botan::SIV_Decryption:
Botan::SIV_Mode Botan::AEAD_Mode Botan::Cipher_Mode Botan::Keyed_Transform Botan::Transform

List of all members.

Public Types

typedef SCAN_Name Spec

Public Member Functions

bool authenticated () const override
void clear () override
size_t default_nonce_length () const override
void finish (secure_vector< byte > &final_block, size_t offset=0) override
Key_Length_Specification key_spec () const override
size_t minimum_final_size () const override
std::string name () const override
size_t output_length (size_t input_length) const override
virtual std::string provider () const
template<typename Alloc >
void set_ad (const std::vector< byte, Alloc > &ad)
void set_associated_data (const byte ad[], size_t ad_len) override
void set_associated_data_n (size_t n, const byte ad[], size_t ad_len)
template<typename Alloc >
void set_associated_data_vec (const std::vector< byte, Alloc > &ad)
template<typename Alloc >
void set_key (const std::vector< byte, Alloc > &key)
void set_key (const SymmetricKey &key)
void set_key (const byte key[], size_t length)
 SIV_Decryption (BlockCipher *cipher)
template<typename Alloc >
secure_vector< bytestart (const std::vector< byte, Alloc > &nonce)
secure_vector< bytestart (const byte nonce[], size_t nonce_len)
secure_vector< bytestart ()
template<typename Alloc >
secure_vector< bytestart_vec (const std::vector< byte, Alloc > &nonce)
size_t tag_size () const override
void update (secure_vector< byte > &blocks, size_t offset=0) override
size_t update_granularity () const override
bool valid_keylength (size_t length) const
bool valid_nonce_length (size_t) const override

Protected Member Functions

StreamCipherctr ()
secure_vector< byte > & msg_buf ()
secure_vector< byteS2V (const byte text[], size_t text_len)
void set_ctr_iv (secure_vector< byte > V)

Detailed Description

SIV Decryption

Definition at line 89 of file siv.h.


Member Typedef Documentation

typedef SCAN_Name Botan::Transform::Spec [inherited]

Definition at line 27 of file transform.h.


Constructor & Destructor Documentation

Parameters:
ciphera 128-bit block cipher

Definition at line 95 of file siv.h.

: SIV_Mode(cipher) {}

Member Function Documentation

bool Botan::AEAD_Mode::authenticated ( ) const [inline, override, virtual, inherited]

Returns true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 25 of file aead.h.

{ return true; }
void Botan::SIV_Mode::clear ( ) [override, virtual, inherited]

Implements Botan::Transform.

Definition at line 25 of file siv.cpp.

   {
   m_ctr.reset();
   m_nonce.clear();
   m_msg_buf.clear();
   m_ad_macs.clear();
   }
StreamCipher& Botan::SIV_Mode::ctr ( ) [inline, protected, inherited]

Definition at line 48 of file siv.h.

Referenced by Botan::SIV_Encryption::finish(), finish(), and Botan::SIV_Mode::set_ctr_iv().

{ return *m_ctr; }
size_t Botan::AEAD_Mode::default_nonce_length ( ) const [inline, override, virtual, inherited]

Default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely).

Implements Botan::Transform.

Reimplemented in Botan::CCM_Mode.

Definition at line 57 of file aead.h.

{ return 12; }
void Botan::SIV_Decryption::finish ( secure_vector< byte > &  final_block,
size_t  offset = 0 
) [override, virtual]

Complete processing of a message.

Parameters:
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Implements Botan::Transform.

Definition at line 155 of file siv.cpp.

References BOTAN_ASSERT, Botan::StreamCipher::cipher(), Botan::SIV_Mode::ctr(), Botan::SIV_Mode::msg_buf(), Botan::SIV_Mode::S2V(), Botan::SIV_Mode::set_ctr_iv(), and Botan::SIV_Mode::tag_size().

   {
   BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");

   buffer.insert(buffer.begin() + offset, msg_buf().begin(), msg_buf().end());

   const size_t sz = buffer.size() - offset;

   BOTAN_ASSERT(sz >= tag_size(), "We have the tag");

   secure_vector<byte> V(&buffer[offset], &buffer[offset + 16]);

   set_ctr_iv(V);

   ctr().cipher(&buffer[offset + V.size()],
                &buffer[offset],
                buffer.size() - offset - V.size());

   secure_vector<byte> T = S2V(&buffer[offset], buffer.size() - offset - V.size());

   if(T != V)
      throw Integrity_Failure("SIV tag check failed");

   buffer.resize(buffer.size() - tag_size());
   }
Key_Length_Specification Botan::SIV_Mode::key_spec ( ) const [override, virtual, inherited]
Returns:
object describing limits on key size

Implements Botan::Keyed_Transform.

Definition at line 54 of file siv.cpp.

   {
   return m_cmac->key_spec().multiple(2);
   }
size_t Botan::SIV_Decryption::minimum_final_size ( ) const [inline, override, virtual]
Returns:
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Transform.

Definition at line 105 of file siv.h.

{ return tag_size(); }
secure_vector<byte>& Botan::SIV_Mode::msg_buf ( ) [inline, protected, inherited]

Definition at line 52 of file siv.h.

Referenced by Botan::SIV_Encryption::finish(), and finish().

{ return m_msg_buf; }
std::string Botan::SIV_Mode::name ( ) const [override, virtual, inherited]

Implements Botan::Transform.

Definition at line 33 of file siv.cpp.

   {
   return m_name;
   }
size_t Botan::SIV_Decryption::output_length ( size_t  input_length) const [inline, override, virtual]

Returns the size of the output if this transform is used to process a message with input_length bytes. Will throw if unable to give a precise answer.

Implements Botan::Transform.

Definition at line 99 of file siv.h.

References BOTAN_ASSERT.

         {
         BOTAN_ASSERT(input_length > tag_size(), "Sufficient input");
         return input_length - tag_size();
         }
virtual std::string Botan::Transform::provider ( ) const [inline, virtual, inherited]

Return some short name describing the provider of this tranformation. Useful in cases where multiple implementations are available (eg, different implementations of AES). Default "core" is used for the 'standard' implementation included in the library.

Definition at line 120 of file transform.h.

{ return "core"; }
secure_vector< byte > Botan::SIV_Mode::S2V ( const byte  text[],
size_t  text_len 
) [protected, inherited]

Definition at line 100 of file siv.cpp.

References Botan::CMAC::poly_double(), and Botan::xor_buf().

Referenced by Botan::SIV_Encryption::finish(), and finish().

   {
   const byte zero[16] = { 0 };

   secure_vector<byte> V = m_cmac->process(zero, 16);

   for(size_t i = 0; i != m_ad_macs.size(); ++i)
      {
      V = CMAC::poly_double(V);
      V ^= m_ad_macs[i];
      }

   if(m_nonce.size())
      {
      V = CMAC::poly_double(V);
      V ^= m_nonce;
      }

   if(text_len < 16)
      {
      V = CMAC::poly_double(V);
      xor_buf(&V[0], text, text_len);
      V[text_len] ^= 0x80;
      return m_cmac->process(V);
      }

   m_cmac->update(text, text_len - 16);
   xor_buf(&V[0], &text[text_len - 16], 16);
   m_cmac->update(V);

   return m_cmac->final();
   }
template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< byte, Alloc > &  ad) [inline, inherited]

Definition at line 48 of file aead.h.

         {
         set_associated_data(&ad[0], ad.size());
         }
void Botan::SIV_Mode::set_associated_data ( const byte  ad[],
size_t  ad_len 
) [inline, override, virtual, inherited]

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters:
adthe associated data
ad_lenlength of add in bytes

Implements Botan::AEAD_Mode.

Definition at line 28 of file siv.h.

         {
         set_associated_data_n(0, ad, ad_len);
         }
void Botan::SIV_Mode::set_associated_data_n ( size_t  n,
const byte  ad[],
size_t  ad_len 
) [inherited]

Definition at line 67 of file siv.cpp.

References n.

   {
   if(n >= m_ad_macs.size())
      m_ad_macs.resize(n+1);

   m_ad_macs[n] = m_cmac->process(ad, length);
   }
template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< byte, Alloc > &  ad) [inline, inherited]

Definition at line 42 of file aead.h.

         {
         set_associated_data(&ad[0], ad.size());
         }
void Botan::SIV_Mode::set_ctr_iv ( secure_vector< byte V) [protected, inherited]

Definition at line 133 of file siv.cpp.

References Botan::SIV_Mode::ctr(), and Botan::StreamCipher::set_iv().

Referenced by Botan::SIV_Encryption::finish(), and finish().

   {
   V[8] &= 0x7F;
   V[12] &= 0x7F;

   ctr().set_iv(&V[0], V.size());
   }
template<typename Alloc >
void Botan::Keyed_Transform::set_key ( const std::vector< byte, Alloc > &  key) [inline, inherited]

Definition at line 148 of file transform.h.

Referenced by botan_cipher_set_key().

         {
         set_key(&key[0], key.size());
         }
void Botan::Keyed_Transform::set_key ( const SymmetricKey key) [inline, inherited]

Definition at line 153 of file transform.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

         {
         set_key(key.begin(), key.length());
         }
void Botan::Keyed_Transform::set_key ( const byte  key[],
size_t  length 
) [inline, inherited]

Set the symmetric key of this transform

Parameters:
keycontains the key material
lengthin bytes of key param

Definition at line 163 of file transform.h.

         {
         if(!valid_keylength(length))
            throw Invalid_Key_Length(name(), length);
         key_schedule(key, length);
         }
template<typename Alloc >
secure_vector<byte> Botan::Transform::start ( const std::vector< byte, Alloc > &  nonce) [inline, inherited]

Begin processing a message.

Parameters:
noncethe per message nonce

Definition at line 34 of file transform.h.

Referenced by botan_cipher_start().

         {
         return start(&nonce[0], nonce.size());
         }
secure_vector<byte> Botan::Transform::start ( const byte  nonce[],
size_t  nonce_len 
) [inline, inherited]

Begin processing a message.

Parameters:
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 55 of file transform.h.

         {
         return start_raw(nonce, nonce_len);
         }
secure_vector<byte> Botan::Transform::start ( ) [inline, inherited]

Begin processing a message.

Definition at line 63 of file transform.h.

         {
         return start_raw(nullptr, 0);
         }
template<typename Alloc >
secure_vector<byte> Botan::Transform::start_vec ( const std::vector< byte, Alloc > &  nonce) [inline, inherited]

Begin processing a message.

Parameters:
noncethe per message nonce

Definition at line 45 of file transform.h.

         {
         return start(&nonce[0], nonce.size());
         }
size_t Botan::SIV_Mode::tag_size ( ) const [inline, override, virtual, inherited]

Return the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 43 of file siv.h.

Referenced by finish().

{ return 16; }
void Botan::SIV_Mode::update ( secure_vector< byte > &  blocks,
size_t  offset = 0 
) [override, virtual, inherited]

Process some data. Input must be in size update_granularity() byte blocks.

Parameters:
blocksin/out paramter which will possibly be resized
offsetan offset into blocks to begin processing

Implements Botan::Transform.

Definition at line 90 of file siv.cpp.

References BOTAN_ASSERT.

   {
   BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
   const size_t sz = buffer.size() - offset;
   byte* buf = &buffer[offset];

   m_msg_buf.insert(m_msg_buf.end(), buf, buf + sz);
   buffer.resize(offset); // truncate msg
   }
size_t Botan::SIV_Mode::update_granularity ( ) const [override, virtual, inherited]
Returns:
size of required blocks to update

Implements Botan::Transform.

Definition at line 43 of file siv.cpp.

   {
   /*
   This value does not particularly matter as regardless SIV_Mode::update
   buffers all input, so in theory this could be 1. However as for instance
   Transform_Filter creates update_granularity() byte buffers, use a
   somewhat large size to avoid bouncing on a tiny buffer.
   */
   return 128;
   }
bool Botan::Keyed_Transform::valid_keylength ( size_t  length) const [inline, inherited]

Check whether a given key length is valid for this algorithm.

Parameters:
lengththe key length to be checked.
Returns:
true if the key length is valid.

Definition at line 142 of file transform.h.

References Botan::Key_Length_Specification::valid_keylength().

         {
         return key_spec().valid_keylength(length);
         }
bool Botan::SIV_Mode::valid_nonce_length ( size_t  nonce_len) const [override, virtual, inherited]

Return true iff nonce_len is a valid length for the nonce

Implements Botan::Transform.

Definition at line 38 of file siv.cpp.

   {
   return true;
   }

The documentation for this class was generated from the following files: