Botan  1.11.10
ctr.cpp
Go to the documentation of this file.
1 /*
2 * Counter mode
3 * (C) 1999-2011,2014 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/ctr.h>
9 #include <botan/internal/xor_buf.h>
10 
11 namespace Botan {
12 
14  m_cipher(ciph),
15  m_counter(256 * m_cipher->block_size()),
16  m_pad(m_counter.size()),
17  m_pad_pos(0)
18  {
19  }
20 
22  {
23  m_cipher->clear();
24  zeroise(m_pad);
25  zeroise(m_counter);
26  m_pad_pos = 0;
27  }
28 
29 void CTR_BE::key_schedule(const byte key[], size_t key_len)
30  {
31  m_cipher->set_key(key, key_len);
32 
33  // Set a default all-zeros IV
34  set_iv(nullptr, 0);
35  }
36 
37 std::string CTR_BE::name() const
38  {
39  return ("CTR-BE(" + m_cipher->name() + ")");
40  }
41 
42 void CTR_BE::cipher(const byte in[], byte out[], size_t length)
43  {
44  while(length >= m_pad.size() - m_pad_pos)
45  {
46  xor_buf(out, in, &m_pad[m_pad_pos], m_pad.size() - m_pad_pos);
47  length -= (m_pad.size() - m_pad_pos);
48  in += (m_pad.size() - m_pad_pos);
49  out += (m_pad.size() - m_pad_pos);
50  increment_counter();
51  }
52  xor_buf(out, in, &m_pad[m_pad_pos], length);
53  m_pad_pos += length;
54  }
55 
56 void CTR_BE::set_iv(const byte iv[], size_t iv_len)
57  {
58  if(!valid_iv_length(iv_len))
59  throw Invalid_IV_Length(name(), iv_len);
60 
61  const size_t bs = m_cipher->block_size();
62 
63  zeroise(m_counter);
64 
65  buffer_insert(m_counter, 0, iv, iv_len);
66 
67  // Set m_counter blocks to IV, IV + 1, ... IV + 255
68  for(size_t i = 1; i != 256; ++i)
69  {
70  buffer_insert(m_counter, i*bs, &m_counter[(i-1)*bs], bs);
71 
72  for(size_t j = 0; j != bs; ++j)
73  if(++m_counter[i*bs + (bs - 1 - j)])
74  break;
75  }
76 
77  m_cipher->encrypt_n(&m_counter[0], &m_pad[0], 256);
78  m_pad_pos = 0;
79  }
80 
81 /*
82 * Increment the counter and update the buffer
83 */
84 void CTR_BE::increment_counter()
85  {
86  const size_t bs = m_cipher->block_size();
87 
88  /*
89  * Each counter value always needs to be incremented by 256,
90  * so we don't touch the lowest byte and instead treat it as
91  * an increment of one starting with the next byte.
92  */
93  for(size_t i = 0; i != 256; ++i)
94  {
95  for(size_t j = 1; j != bs; ++j)
96  if(++m_counter[i*bs + (bs - 1 - j)])
97  break;
98  }
99 
100  m_cipher->encrypt_n(&m_counter[0], &m_pad[0], 256);
101  m_pad_pos = 0;
102  }
103 
104 }
void xor_buf(T out[], const T in[], size_t length)
Definition: xor_buf.h:23
void cipher(const byte in[], byte out[], size_t length)
Definition: ctr.cpp:42
std::string name() const
Definition: ctr.cpp:37
bool valid_iv_length(size_t iv_len) const
Definition: ctr.h:26
void clear()
Definition: ctr.cpp:21
uint8_t byte
Definition: types.h:30
Definition: buf_comp.h:15
CTR_BE(BlockCipher *cipher)
Definition: ctr.cpp:13
size_t buffer_insert(std::vector< T, Alloc > &buf, size_t buf_offset, const T input[], size_t input_length)
Definition: secmem.h:103
void set_iv(const byte iv[], size_t iv_len)
Definition: ctr.cpp:56
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:166