Botan  2.7.0
Crypto and TLS for C++11
cfb.cpp
Go to the documentation of this file.
1 /*
2 * CFB Mode
3 * (C) 1999-2007,2013,2017 Jack Lloyd
4 * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #include <botan/cfb.h>
10 
11 namespace Botan {
12 
13 CFB_Mode::CFB_Mode(BlockCipher* cipher, size_t feedback_bits) :
14  m_cipher(cipher),
15  m_block_size(m_cipher->block_size()),
16  m_feedback_bytes(feedback_bits ? feedback_bits / 8 : m_block_size)
17  {
18  if(feedback_bits % 8 || feedback() > cipher->block_size())
19  throw Invalid_Argument(name() + ": feedback bits " +
20  std::to_string(feedback_bits) + " not supported");
21  }
22 
24  {
25  m_cipher->clear();
26  reset();
27  }
28 
30  {
31  m_state.clear();
32  m_keystream.clear();
33  }
34 
35 std::string CFB_Mode::name() const
36  {
37  if(feedback() == cipher().block_size())
38  return cipher().name() + "/CFB";
39  else
40  return cipher().name() + "/CFB(" + std::to_string(feedback()*8) + ")";
41  }
42 
43 size_t CFB_Mode::output_length(size_t input_length) const
44  {
45  return input_length;
46  }
47 
49  {
50  return feedback();
51  }
52 
54  {
55  return 0;
56  }
57 
59  {
60  return cipher().key_spec();
61  }
62 
64  {
65  return block_size();
66  }
67 
68 bool CFB_Mode::valid_nonce_length(size_t n) const
69  {
70  return (n == 0 || n == block_size());
71  }
72 
73 void CFB_Mode::key_schedule(const uint8_t key[], size_t length)
74  {
75  m_cipher->set_key(key, length);
76  }
77 
78 void CFB_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
79  {
80  if(!valid_nonce_length(nonce_len))
81  throw Invalid_IV_Length(name(), nonce_len);
82 
83  if(nonce_len == 0)
84  {
85  if(m_state.empty())
86  {
87  throw Invalid_State("CFB requires a non-empty initial nonce");
88  }
89  // No reason to encrypt state->keystream_buf, because no change
90  }
91  else
92  {
93  m_state.assign(nonce, nonce + nonce_len);
94  m_keystream.resize(m_state.size());
96  m_keystream_pos = 0;
97  }
98  }
99 
101  {
102  const size_t shift = feedback();
103  const size_t carryover = block_size() - shift;
104 
105  if(carryover > 0)
106  {
107  copy_mem(m_state.data(), &m_state[shift], carryover);
108  }
109  copy_mem(&m_state[carryover], m_keystream.data(), shift);
111  m_keystream_pos = 0;
112  }
113 
114 size_t CFB_Encryption::process(uint8_t buf[], size_t sz)
115  {
116  const size_t shift = feedback();
117 
118  size_t left = sz;
119 
120  if(m_keystream_pos != 0)
121  {
122  const size_t take = std::min<size_t>(left, shift - m_keystream_pos);
123 
124  xor_buf(m_keystream.data() + m_keystream_pos, buf, take);
125  copy_mem(buf, m_keystream.data() + m_keystream_pos, take);
126 
127  m_keystream_pos += take;
128  left -= take;
129  buf += take;
130 
131  if(m_keystream_pos == shift)
132  {
133  shift_register();
134  }
135  }
136 
137  while(left >= shift)
138  {
139  xor_buf(m_keystream.data(), buf, shift);
140  copy_mem(buf, m_keystream.data(), shift);
141 
142  left -= shift;
143  buf += shift;
144  shift_register();
145  }
146 
147  if(left > 0)
148  {
149  xor_buf(m_keystream.data(), buf, left);
150  copy_mem(buf, m_keystream.data(), left);
151  m_keystream_pos += left;
152  }
153 
154  return sz;
155  }
156 
157 void CFB_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
158  {
159  update(buffer, offset);
160  }
161 
162 namespace {
163 
164 inline void xor_copy(uint8_t buf[], uint8_t key_buf[], size_t len)
165  {
166  for(size_t i = 0; i != len; ++i)
167  {
168  uint8_t k = key_buf[i];
169  key_buf[i] = buf[i];
170  buf[i] ^= k;
171  }
172  }
173 
174 }
175 
176 size_t CFB_Decryption::process(uint8_t buf[], size_t sz)
177  {
178  const size_t shift = feedback();
179 
180  size_t left = sz;
181 
182  if(m_keystream_pos != 0)
183  {
184  const size_t take = std::min<size_t>(left, shift - m_keystream_pos);
185 
186  xor_copy(buf, m_keystream.data() + m_keystream_pos, take);
187 
188  m_keystream_pos += take;
189  left -= take;
190  buf += take;
191 
192  if(m_keystream_pos == shift)
193  {
194  shift_register();
195  }
196  }
197 
198  while(left >= shift)
199  {
200  xor_copy(buf, m_keystream.data(), shift);
201  left -= shift;
202  buf += shift;
203  shift_register();
204  }
205 
206  if(left > 0)
207  {
208  xor_copy(buf, m_keystream.data(), left);
209  m_keystream_pos += left;
210  }
211 
212  return sz;
213  }
214 
215 void CFB_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
216  {
217  update(buffer, offset);
218  }
219 
220 }
void reset() override final
Definition: cfb.cpp:29
size_t minimum_final_size() const override final
Definition: cfb.cpp:53
bool valid_nonce_length(size_t n) const override final
Definition: cfb.cpp:68
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
Definition: cfb.cpp:157
secure_vector< uint8_t > m_keystream
Definition: cfb.h:50
size_t feedback() const
Definition: cfb.h:45
void update(secure_vector< uint8_t > &buffer, size_t offset=0)
Definition: cipher_mode.h:115
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:210
void shift_register()
Definition: cfb.cpp:100
std::string name() const override final
Definition: cfb.cpp:35
CFB_Mode(BlockCipher *cipher, size_t feedback_bits)
Definition: cfb.cpp:13
size_t update_granularity() const override final
Definition: cfb.cpp:48
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
Definition: mem_ops.h:174
virtual std::string name() const =0
size_t output_length(size_t input_length) const override final
Definition: cfb.cpp:43
Key_Length_Specification key_spec() const override final
Definition: cfb.cpp:58
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
Definition: cfb.cpp:215
const BlockCipher & cipher() const
Definition: cfb.h:46
secure_vector< uint8_t > m_state
Definition: cfb.h:49
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:108
Definition: alg_id.cpp:13
size_t m_keystream_pos
Definition: cfb.h:51
void clear() override final
Definition: cfb.cpp:23
size_t process(uint8_t buf[], size_t size) override
Definition: cfb.cpp:176
void encrypt(const uint8_t in[], uint8_t out[]) const
Definition: block_cipher.h:81
size_t block_size() const
Definition: cfb.h:47
virtual Key_Length_Specification key_spec() const =0
size_t default_nonce_length() const override final
Definition: cfb.cpp:63
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
size_t process(uint8_t buf[], size_t size) override
Definition: cfb.cpp:114
virtual size_t block_size() const =0