Botan: Botan::EAX_Decryption Class Reference

size_t Botan::EAX_Mode::block_size ( ) const

inlineprotectedinherited

Definition at line 50 of file eax.h.

Referenced by Botan::EAX_Mode::key_schedule(), Botan::EAX_Mode::set_associated_data(), and Botan::EAX_Mode::start().

50 { return m_cipher->block_size(); }

void Botan::EAX_Mode::clear ( )

virtualinherited

Zeroize internal state

Implements Botan::Algorithm.

Definition at line 48 of file eax.cpp.

References Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cipher, Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, and Botan::zeroise().

    {
    m_cipher.reset();
    m_ctr.reset();
    m_cmac.reset();
    zeroise(m_ad_mac);
    zeroise(m_nonce_mac);
    }

void Botan::EAX_Decryption::finish	(	secure_vector< byte > &	final_block,
		size_t	offset
	)

overridevirtual

Complete processing of a message. For decryption, may throw an exception due to authentication failure.

Parameters

final_block	in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offset	an offset into final_block to begin processing

Implements Botan::AEAD_Mode.

Definition at line 142 of file eax.cpp.

References BOTAN_ASSERT, Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, Botan::same_mem(), and Botan::EAX_Mode::tag_size().

    {
    BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
    const size_t sz = buffer.size() - offset;
    byte* buf = &buffer[offset];
 
    BOTAN_ASSERT(sz >= tag_size(), "Have the tag as part of final input");
 
    const size_t remaining = sz - tag_size();
 
    if(remaining)
       {
       m_cmac->update(buf, remaining);
       m_ctr->cipher(buf, buf, remaining);
       }
 
    const byte* included_tag = &buf[remaining];
 
    secure_vector<byte> mac = m_cmac->final();
    mac ^= m_nonce_mac;
    mac ^= m_ad_mac;
 
    if(!same_mem(&mac[0], included_tag, tag_size()))
       throw Integrity_Failure("EAX tag check failed");
 
    buffer.resize(offset + remaining);
    }

void Botan::EAX_Mode::key_schedule	(	const byte	key[],
		size_t	length
	)

overrideprotectedvirtualinherited

Run the key schedule

Parameters

key	the key
length	of key

Implements Botan::SymmetricAlgorithm.

Definition at line 75 of file eax.cpp.

References Botan::EAX_Mode::block_size(), Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cmac, and Botan::EAX_Mode::m_ctr.

    {
    /*
    * These could share the key schedule, which is one nice part of EAX,
    * but it's much easier to ignore that here...
    */
    m_ctr->set_key(key, length);
    m_cmac->set_key(key, length);
 
    m_ad_mac = eax_prf(1, block_size(), *m_cmac, nullptr, 0);
    }

Key_Length_Specification Botan::EAX_Mode::key_spec ( ) const

overridevirtualinherited

Returns: object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 67 of file eax.cpp.

References Botan::EAX_Mode::m_cipher.

    {
    return m_cipher->key_spec();
    }

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const

inlineinherited

Returns: minimum allowed key length

Definition at line 33 of file sym_algo.h.

References Botan::Key_Length_Specification::maximum_keylength().

Referenced by Botan::PBE_PKCS5v20::PBE_PKCS5v20(), and Botan::time_algorithm_ops().

          {
          return key_spec().maximum_keylength();
          }

size_t Botan::EAX_Decryption::minimum_final_size ( ) const

inlineoverridevirtual

Returns: required minimium size to finalize() - may be any length larger than this.

Implements Botan::AEAD_Mode.

Definition at line 105 of file eax.h.

105 { return tag_size(); }

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const

inlineinherited

Returns: maxmium allowed key length

Definition at line 41 of file sym_algo.h.

          {
          return key_spec().minimum_keylength();
          }

std::string Botan::EAX_Mode::name ( ) const

overridevirtualinherited

Returns: name of this algorithm

Implements Botan::Algorithm.

Definition at line 57 of file eax.cpp.

References Botan::EAX_Mode::m_cipher.

Referenced by Botan::EAX_Mode::EAX_Mode(), and Botan::EAX_Mode::start().

    {
    return (m_cipher->name() + "/EAX");
    }

size_t Botan::EAX_Decryption::output_length ( size_t input_length ) const

inlineoverridevirtual

Returns the size of the output if this mode is used to process a message with input_length bytes. Typically this will be input_length plus or minus the length of the tag.

Implements Botan::AEAD_Mode.

Definition at line 99 of file eax.h.

References BOTAN_ASSERT.

          {
          BOTAN_ASSERT(input_length > tag_size(), "Sufficient input");
          return input_length - tag_size();
          }

void Botan::EAX_Mode::set_associated_data	(	const byte	ad[],
		size_t	ad_len
	)

overridevirtualinherited

Returns: Random nonce appropriate for passing to start Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before finish.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters

ad	the associated data
ad_len	length of add in bytes

Implements Botan::AEAD_Mode.

Definition at line 90 of file eax.cpp.

References Botan::EAX_Mode::block_size(), Botan::EAX_Mode::m_ad_mac, and Botan::EAX_Mode::m_cmac.

    {
    m_ad_mac = eax_prf(1, block_size(), *m_cmac, ad, length);
    }

template<typename Alloc >

void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< byte, Alloc > & ad )

inlineinherited

Definition at line 63 of file aead.h.

References Botan::AEAD_Mode::set_associated_data().

          {
          set_associated_data(&ad[0], ad.size());
          }

void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey & key )

inlineinherited

Set the symmetric key of this object.

Parameters

key	the SymmetricKey to be set.

Definition at line 60 of file sym_algo.h.

References Botan::OctetString::begin(), Botan::OctetString::length(), and Botan::SymmetricAlgorithm::set_key().

Referenced by Botan::aont_package(), Botan::aont_unpackage(), Botan::Lion::decrypt_n(), Botan::ECB_Decryption::ECB_Decryption(), Botan::ECB_Encryption::ECB_Encryption(), Botan::Lion::encrypt_n(), Botan::HMAC_RNG::HMAC_RNG(), Botan::PKCS5_PBKDF2::key_derivation(), Botan::MAC_Filter::MAC_Filter(), Botan::HMAC_RNG::reseed(), Botan::XTS_Encryption::set_key(), Botan::XTS_Decryption::set_key(), Botan::SymmetricAlgorithm::set_key(), Botan::StreamCipher_Filter::StreamCipher_Filter(), and Botan::time_algorithm_ops().

61 { set_key(key.begin(), key.length()); }

void Botan::SymmetricAlgorithm::set_key	(	const byte	key[],
		size_t	length
	)

inlineinherited

Set the symmetric key of this object.

Parameters

key	the to be set as a byte array.
length	in bytes of key param

Definition at line 68 of file sym_algo.h.

          {
          if(!valid_keylength(length))
             throw Invalid_Key_Length(name(), length);
          key_schedule(key, length);
          }

secure_vector< byte > Botan::EAX_Mode::start	(	const byte	nonce[],
		size_t	nonce_len
	)

overridevirtualinherited

Begin processing a message.

Parameters

nonce	the per message nonce
nonce_len	length of nonce

Implements Botan::AEAD_Mode.

Definition at line 95 of file eax.cpp.

References Botan::EAX_Mode::block_size(), Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, Botan::EAX_Mode::name(), and Botan::EAX_Mode::valid_nonce_length().

    {
    if(!valid_nonce_length(nonce_len))
       throw Invalid_IV_Length(name(), nonce_len);
 
    m_nonce_mac = eax_prf(0, block_size(), *m_cmac, nonce, nonce_len);
 
    m_ctr->set_iv(&m_nonce_mac[0], m_nonce_mac.size());
 
    for(size_t i = 0; i != block_size() - 1; ++i)
       m_cmac->update(0);
    m_cmac->update(2);
 
    return secure_vector<byte>();
    }

template<typename Alloc >

secure_vector<byte> Botan::AEAD_Mode::start_vec ( const std::vector< byte, Alloc > & nonce )

inlineinherited

Definition at line 79 of file aead.h.

References Botan::AEAD_Mode::start().

          {
          return start(&nonce[0], nonce.size());
          }

size_t Botan::EAX_Mode::tag_size ( ) const

inlineprotectedinherited

Definition at line 48 of file eax.h.

Referenced by Botan::EAX_Encryption::finish(), and finish().

48 { return m_tag_size; }

void Botan::EAX_Decryption::update	(	secure_vector< byte > &	blocks,
		size_t	offset
	)

overridevirtual

Update (encrypt or decrypt) some data. Input must be in size update_granularity() byte blocks.

Parameters

blocks in/out paramter which will possibly be resized

Implements Botan::AEAD_Mode.

Definition at line 132 of file eax.cpp.

References BOTAN_ASSERT, Botan::EAX_Mode::m_cmac, and Botan::EAX_Mode::m_ctr.

    {
    BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
    const size_t sz = buffer.size() - offset;
    byte* buf = &buffer[offset];
 
    m_cmac->update(buf, sz);
    m_ctr->cipher(buf, buf, sz);
    }

size_t Botan::EAX_Mode::update_granularity ( ) const

virtualinherited

Returns: size of required blocks to update

Implements Botan::AEAD_Mode.

Definition at line 62 of file eax.cpp.

References Botan::EAX_Mode::m_cipher.

    {
    return 8 * m_cipher->parallel_bytes();
    }

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t length ) const

inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters

length the key length to be checked.

Returns: true if the key length is valid.

Definition at line 51 of file sym_algo.h.

Referenced by Botan::aont_package(), Botan::aont_unpackage(), Botan::HMAC_RNG::HMAC_RNG(), Botan::Lion::Lion(), and Botan::Randpool::Randpool().

          {
          return key_spec().valid_keylength(length);
          }

bool Botan::EAX_Mode::valid_nonce_length ( size_t ) const

inlineoverridevirtualinherited

Implements Botan::AEAD_Mode.

Definition at line 36 of file eax.h.

Referenced by Botan::EAX_Mode::start().

36 { return true; }

secure_vector<byte> Botan::EAX_Mode::m_ad_mac

protectedinherited

Definition at line 58 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), Botan::EAX_Encryption::finish(), finish(), Botan::EAX_Mode::key_schedule(), and Botan::EAX_Mode::set_associated_data().

std::unique_ptr<BlockCipher> Botan::EAX_Mode::m_cipher

protectedinherited

Definition at line 54 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), Botan::EAX_Mode::key_spec(), Botan::EAX_Mode::name(), and Botan::EAX_Mode::update_granularity().

std::unique_ptr<MessageAuthenticationCode> Botan::EAX_Mode::m_cmac

protectedinherited

Definition at line 56 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), Botan::EAX_Mode::EAX_Mode(), Botan::EAX_Encryption::finish(), finish(), Botan::EAX_Mode::key_schedule(), Botan::EAX_Mode::set_associated_data(), Botan::EAX_Mode::start(), Botan::EAX_Encryption::update(), and update().

std::unique_ptr<StreamCipher> Botan::EAX_Mode::m_ctr

protectedinherited

Definition at line 55 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), finish(), Botan::EAX_Mode::key_schedule(), Botan::EAX_Mode::start(), Botan::EAX_Encryption::update(), and update().

secure_vector<byte> Botan::EAX_Mode::m_nonce_mac

protectedinherited

Definition at line 60 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), Botan::EAX_Encryption::finish(), finish(), and Botan::EAX_Mode::start().

size_t Botan::EAX_Mode::m_tag_size

protectedinherited

Definition at line 52 of file eax.h.

Protected Member Functions
size_t	block_size () const

void	key_schedule (const byte key[], size_t length) override

size_t	tag_size () const

Public Member Functions

Protected Member Functions

Protected Attributes

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation

Member Data Documentation

Public Member Functions
void	clear ()

	EAX_Decryption (BlockCipher *cipher, size_t tag_size=16)

void	finish (secure_vector< byte > &final_block, size_t offset) override

Key_Length_Specification	key_spec () const override

size_t	maximum_keylength () const

size_t	minimum_final_size () const override

size_t	minimum_keylength () const

std::string	name () const override

size_t	output_length (size_t input_length) const override

void	set_associated_data (const byte ad[], size_t ad_len) override

template<typename Alloc >
void	set_associated_data_vec (const std::vector< byte, Alloc > &ad)

void	set_key (const SymmetricKey &key)

void	set_key (const byte key[], size_t length)

secure_vector< byte >	start (const byte nonce[], size_t nonce_len) override

template<typename Alloc >
secure_vector< byte >	start_vec (const std::vector< byte, Alloc > &nonce)

void	update (secure_vector< byte > &blocks, size_t offset) override

size_t	update_granularity () const

bool	valid_keylength (size_t length) const

bool	valid_nonce_length (size_t) const override

Protected Attributes
secure_vector< byte >	m_ad_mac

std::unique_ptr< BlockCipher >	m_cipher

std::unique_ptr < MessageAuthenticationCode >	m_cmac

std::unique_ptr< StreamCipher >	m_ctr

secure_vector< byte >	m_nonce_mac

size_t	m_tag_size

cipher	a 128-bit block cipher
tag_size	is how big the auth tag will be