Botan 2.19.2
Crypto and TLS for C&
ccm.h
Go to the documentation of this file.
1/*
2* CCM Mode
3* (C) 2013 Jack Lloyd
4* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_AEAD_CCM_H_
10#define BOTAN_AEAD_CCM_H_
11
12#include <botan/aead.h>
13#include <botan/block_cipher.h>
14
16
17namespace Botan {
18
19/**
20* Base class for CCM encryption and decryption
21* @see RFC 3610
22*/
24 {
25 public:
26 size_t process(uint8_t buf[], size_t sz) override;
27
28 void set_associated_data(const uint8_t ad[], size_t ad_len) override;
29
30 bool associated_data_requires_key() const override { return false; }
31
32 std::string name() const override;
33
34 size_t update_granularity() const override;
35
36 Key_Length_Specification key_spec() const override;
37
38 bool valid_nonce_length(size_t) const override;
39
40 size_t default_nonce_length() const override;
41
42 void clear() override;
43
44 void reset() override;
45
46 size_t tag_size() const override { return m_tag_size; }
47
48 protected:
49 CCM_Mode(BlockCipher* cipher, size_t tag_size, size_t L);
50
51 size_t L() const { return m_L; }
52
53 const BlockCipher& cipher() const { return *m_cipher; }
54
55 void encode_length(uint64_t len, uint8_t out[]);
56
57 void inc(secure_vector<uint8_t>& C);
58
59 const secure_vector<uint8_t>& ad_buf() const { return m_ad_buf; }
60
61 secure_vector<uint8_t>& msg_buf() { return m_msg_buf; }
62
63 secure_vector<uint8_t> format_b0(size_t msg_size);
64 secure_vector<uint8_t> format_c0();
65 private:
66 void start_msg(const uint8_t nonce[], size_t nonce_len) override;
67
68 void key_schedule(const uint8_t key[], size_t length) override;
69
70 const size_t m_tag_size;
71 const size_t m_L;
72
73 std::unique_ptr<BlockCipher> m_cipher;
74 secure_vector<uint8_t> m_nonce, m_msg_buf, m_ad_buf;
75 };
76
77/**
78* CCM Encryption
79*/
81 {
82 public:
83 /**
84 * @param cipher a 128-bit block cipher
85 * @param tag_size is how big the auth tag will be (even values
86 * between 4 and 16 are accepted)
87 * @param L length of L parameter. The total message length
88 * must be less than 2**L bytes, and the nonce is 15-L bytes.
89 */
90 CCM_Encryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) :
91 CCM_Mode(cipher, tag_size, L) {}
92
93 void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
94
95 size_t output_length(size_t input_length) const override
96 { return input_length + tag_size(); }
97
98 size_t minimum_final_size() const override { return 0; }
99 };
100
101/**
102* CCM Decryption
103*/
105 {
106 public:
107 /**
108 * @param cipher a 128-bit block cipher
109 * @param tag_size is how big the auth tag will be (even values
110 * between 4 and 16 are accepted)
111 * @param L length of L parameter. The total message length
112 * must be less than 2**L bytes, and the nonce is 15-L bytes.
113 */
114 CCM_Decryption(BlockCipher* cipher, size_t tag_size = 16, size_t L = 3) :
115 CCM_Mode(cipher, tag_size, L) {}
116
117 void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
118
119 size_t output_length(size_t input_length) const override
120 {
121 BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
122 return input_length - tag_size();
123 }
124
125 size_t minimum_final_size() const override { return tag_size(); }
126 };
127
128}
129
130#endif
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0
size_t default_nonce_length() const override
Definition: aead.h:130
size_t output_length(size_t input_length) const override
Definition: ccm.h:119
CCM_Decryption(BlockCipher *cipher, size_t tag_size=16, size_t L=3)
Definition: ccm.h:114
size_t minimum_final_size() const override
Definition: ccm.h:125
size_t minimum_final_size() const override
Definition: ccm.h:98
size_t output_length(size_t input_length) const override
Definition: ccm.h:95
CCM_Encryption(BlockCipher *cipher, size_t tag_size=16, size_t L=3)
Definition: ccm.h:90
bool associated_data_requires_key() const override
Definition: ccm.h:30
secure_vector< uint8_t > & msg_buf()
Definition: ccm.h:61
const BlockCipher & cipher() const
Definition: ccm.h:53
size_t L() const
Definition: ccm.h:51
const secure_vector< uint8_t > & ad_buf() const
Definition: ccm.h:59
size_t tag_size() const override
Definition: ccm.h:46
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0
virtual size_t process(uint8_t msg[], size_t msg_len)=0
virtual void reset()=0
virtual void finish(secure_vector< uint8_t > &final_block, size_t offset=0)=0
virtual size_t tag_size() const
Definition: cipher_mode.h:174
virtual size_t update_granularity() const =0
virtual bool valid_nonce_length(size_t nonce_len) const =0
virtual std::string name() const =0
virtual void clear()=0
virtual Key_Length_Specification key_spec() const =0
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr)
Definition: compiler.h:136
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65