Botan 3.8.1
Crypto and TLS for C&
ccm.h
Go to the documentation of this file.
1/*
2* CCM Mode
3* (C) 2013 Jack Lloyd
4* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_AEAD_CCM_H_
10#define BOTAN_AEAD_CCM_H_
11
12#include <botan/aead.h>
13
14#include <botan/assert.h>
15#include <botan/block_cipher.h>
16
17namespace Botan {
18
19/**
20* Base class for CCM encryption and decryption
21* @see RFC 3610
22*/
23class CCM_Mode : public AEAD_Mode {
24 public:
25 void set_associated_data_n(size_t idx, std::span<const uint8_t> ad) final;
26
27 bool associated_data_requires_key() const final { return false; }
28
29 std::string name() const final;
30
31 size_t update_granularity() const final;
32
33 size_t ideal_granularity() const final;
34
35 bool requires_entire_message() const final;
36
37 Key_Length_Specification key_spec() const final;
38
39 bool valid_nonce_length(size_t) const final;
40
41 size_t default_nonce_length() const final;
42
43 void clear() final;
44
45 void reset() final;
46
47 size_t tag_size() const final { return m_tag_size; }
48
49 bool has_keying_material() const final;
50
51 protected:
52 CCM_Mode(std::unique_ptr<BlockCipher> cipher, size_t tag_size, size_t L);
53
54 size_t L() const { return m_L; }
55
56 const BlockCipher& cipher() const { return *m_cipher; }
57
58 void encode_length(uint64_t len, uint8_t out[]);
59
60 static void inc(secure_vector<uint8_t>& C);
61
62 const secure_vector<uint8_t>& ad_buf() const { return m_ad_buf; }
63
64 secure_vector<uint8_t>& msg_buf() { return m_msg_buf; }
65
66 secure_vector<uint8_t> format_b0(size_t msg_size);
67 secure_vector<uint8_t> format_c0();
68
69 private:
70 void start_msg(const uint8_t nonce[], size_t nonce_len) final;
71 size_t process_msg(uint8_t buf[], size_t sz) final;
72
73 void key_schedule(std::span<const uint8_t> key) final;
74
75 const size_t m_tag_size;
76 const size_t m_L;
77
78 std::unique_ptr<BlockCipher> m_cipher;
79 secure_vector<uint8_t> m_nonce, m_msg_buf, m_ad_buf;
80};
81
82/**
83* CCM Encryption
84*/
85class CCM_Encryption final : public CCM_Mode {
86 public:
87 /**
88 * @param cipher a 128-bit block cipher
89 * @param tag_size is how big the auth tag will be (even values
90 * between 4 and 16 are accepted)
91 * @param L length of L parameter. The total message length
92 * must be less than 2**L bytes, and the nonce is 15-L bytes.
93 */
94 CCM_Encryption(std::unique_ptr<BlockCipher> cipher, size_t tag_size = 16, size_t L = 3) :
95 CCM_Mode(std::move(cipher), tag_size, L) {}
96
97 size_t output_length(size_t input_length) const override { return input_length + tag_size(); }
98
99 size_t minimum_final_size() const override { return 0; }
100
101 private:
102 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
103};
104
105/**
106* CCM Decryption
107*/
108class CCM_Decryption final : public CCM_Mode {
109 public:
110 /**
111 * @param cipher a 128-bit block cipher
112 * @param tag_size is how big the auth tag will be (even values
113 * between 4 and 16 are accepted)
114 * @param L length of L parameter. The total message length
115 * must be less than 2**L bytes, and the nonce is 15-L bytes.
116 */
117 CCM_Decryption(std::unique_ptr<BlockCipher> cipher, size_t tag_size = 16, size_t L = 3) :
118 CCM_Mode(std::move(cipher), tag_size, L) {}
119
120 size_t output_length(size_t input_length) const override {
121 BOTAN_ARG_CHECK(input_length >= tag_size(), "Sufficient input");
122 return input_length - tag_size();
123 }
124
125 size_t minimum_final_size() const override { return tag_size(); }
126
127 private:
128 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
129};
130
131} // namespace Botan
132
133#endif
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:31
Botan::AEAD_Mode
Definition aead.h:24
Botan::CCM_Decryption::output_length
size_t output_length(size_t input_length) const override
Definition ccm.h:120
Botan::CCM_Decryption::CCM_Decryption
CCM_Decryption(std::unique_ptr< BlockCipher > cipher, size_t tag_size=16, size_t L=3)
Definition ccm.h:117
Botan::CCM_Decryption::minimum_final_size
size_t minimum_final_size() const override
Definition ccm.h:125
Botan::CCM_Encryption::minimum_final_size
size_t minimum_final_size() const override
Definition ccm.h:99
Botan::CCM_Encryption::output_length
size_t output_length(size_t input_length) const override
Definition ccm.h:97
Botan::CCM_Encryption::CCM_Encryption
CCM_Encryption(std::unique_ptr< BlockCipher > cipher, size_t tag_size=16, size_t L=3)
Definition ccm.h:94
Botan::CCM_Mode
Definition ccm.h:23
Botan::CCM_Mode::ideal_granularity
size_t ideal_granularity() const final
Definition ccm.cpp:65
Botan::CCM_Mode::requires_entire_message
bool requires_entire_message() const final
Definition ccm.cpp:70
Botan::CCM_Mode::reset
void reset() final
Definition ccm.cpp:43
Botan::CCM_Mode::associated_data_requires_key
bool associated_data_requires_key() const final
Definition ccm.h:27
Botan::CCM_Mode::inc
static void inc(secure_vector< uint8_t > &C)
Definition ccm.cpp:133
Botan::CCM_Mode::update_granularity
size_t update_granularity() const final
Definition ccm.cpp:61
Botan::CCM_Mode::clear
void clear() final
Definition ccm.cpp:38
Botan::CCM_Mode::msg_buf
secure_vector< uint8_t > & msg_buf()
Definition ccm.h:64
Botan::CCM_Mode::cipher
const BlockCipher & cipher() const
Definition ccm.h:56
Botan::CCM_Mode::encode_length
void encode_length(uint64_t len, uint8_t out[])
Definition ccm.cpp:119
Botan::CCM_Mode::L
size_t L() const
Definition ccm.h:54
Botan::CCM_Mode::tag_size
size_t tag_size() const final
Definition ccm.h:47
Botan::CCM_Mode::key_spec
Key_Length_Specification key_spec() const final
Definition ccm.cpp:74
Botan::CCM_Mode::valid_nonce_length
bool valid_nonce_length(size_t) const final
Definition ccm.cpp:53
Botan::CCM_Mode::set_associated_data_n
void set_associated_data_n(size_t idx, std::span< const uint8_t > ad) final
Definition ccm.cpp:86
Botan::CCM_Mode::format_c0
secure_vector< uint8_t > format_c0()
Definition ccm.cpp:157
Botan::CCM_Mode::has_keying_material
bool has_keying_material() const final
Definition ccm.cpp:78
Botan::CCM_Mode::name
std::string name() const final
Definition ccm.cpp:49
Botan::CCM_Mode::ad_buf
const secure_vector< uint8_t > & ad_buf() const
Definition ccm.h:62
Botan::CCM_Mode::CCM_Mode
CCM_Mode(std::unique_ptr< BlockCipher > cipher, size_t tag_size, size_t L)
Definition ccm.cpp:23
Botan::CCM_Mode::format_b0
secure_vector< uint8_t > format_b0(size_t msg_size)
Definition ccm.cpp:141
Botan::CCM_Mode::default_nonce_length
size_t default_nonce_length() const final
Definition ccm.cpp:57
Botan::Key_Length_Specification
Definition sym_algo.h:23
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:65
Generated by doxygen 1.13.2