doxygen/cipher__mode_8h_source.html

 /*
 * Cipher Modes
 * (C) 2013,2016 Jack Lloyd
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

 #ifndef BOTAN_CIPHER_MODE_H_
 #define BOTAN_CIPHER_MODE_H_

 #include <botan/secmem.h>
 #include <botan/sym_algo.h>
 #include <botan/exceptn.h>
 #include <string>
 #include <vector>

 namespace Botan {

 /**
 * The two possible directions for cipher filters, determining whether they
 * actually perform encryption or decryption.
 */
 enum Cipher_Dir : int { ENCRYPTION, DECRYPTION };

 /**
 * Interface for cipher modes
 */
 class BOTAN_PUBLIC_API(2,0) Cipher_Mode : public SymmetricAlgorithm
    {
    public:
       /**
       * @return list of available providers for this algorithm, empty if not available
       * @param algo_spec algorithm name
       */
       static std::vector<std::string> providers(const std::string& algo_spec);

       /**
       * Create an AEAD mode
       * @param algo the algorithm to create
       * @param direction specify if this should be an encryption or decryption AEAD
       * @param provider optional specification for provider to use
       * @return an AEAD mode or a null pointer if not available
       */
       static std::unique_ptr<Cipher_Mode> create(const std::string& algo,
                                                  Cipher_Dir direction,
                                                  const std::string& provider = "");

       /**
       * Create an AEAD mode, or throw
       * @param algo the algorithm to create
       * @param direction specify if this should be an encryption or decryption AEAD
       * @param provider optional specification for provider to use
       * @return an AEAD mode, or throw an exception
       */
       static std::unique_ptr<Cipher_Mode> create_or_throw(const std::string& algo,
                                                           Cipher_Dir direction,
                                                           const std::string& provider = "");

       /*
       * Prepare for processing a message under the specified nonce
       */
       virtual void start_msg(const uint8_t nonce[], size_t nonce_len) = 0;

       /**
       * Begin processing a message.
       * @param nonce the per message nonce
       */
       template<typename Alloc>
       void start(const std::vector<uint8_t, Alloc>& nonce)
          {
          start_msg(nonce.data(), nonce.size());
          }

       /**
       * Begin processing a message.
       * @param nonce the per message nonce
       * @param nonce_len length of nonce
       */
       void start(const uint8_t nonce[], size_t nonce_len)
          {
          start_msg(nonce, nonce_len);
          }

       /**
       * Begin processing a message.
       */
       void start()
          {
          return start_msg(nullptr, 0);
          }

       /**
       * Process message blocks
       *
       * Input must be a multiple of update_granularity
       *
       * Processes msg in place and returns bytes written. Normally
       * this will be either msg_len (indicating the entire message was
       * processed) or for certain AEAD modes zero (indicating that the
       * mode requires the entire message be processed in one pass).
       *
       * @param msg the message to be processed
       * @param msg_len length of the message in bytes
       */
       virtual size_t process(uint8_t msg[], size_t msg_len) = 0;

       /**
       * Process some data. Input must be in size update_granularity() uint8_t blocks.
       * @param buffer in/out parameter which will possibly be resized
       * @param offset an offset into blocks to begin processing
       */
       void update(secure_vector<uint8_t>& buffer, size_t offset = 0)
          {
          BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
          uint8_t* buf = buffer.data() + offset;
          const size_t buf_size = buffer.size() - offset;

          const size_t written = process(buf, buf_size);
          buffer.resize(offset + written);
          }

       /**
       * Complete processing of a message.
       *
       * @param final_block in/out parameter which must be at least
       *        minimum_final_size() bytes, and will be set to any final output
       * @param offset an offset into final_block to begin processing
       */
       virtual void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) = 0;

       /**
       * Returns the size of the output if this transform is used to process a
       * message with input_length bytes. In most cases the answer is precise.
       * If it is not possible to precise (namely for CBC decryption) instead a
       * lower bound is returned.
       */
       virtual size_t output_length(size_t input_length) const = 0;

       /**
       * @return size of required blocks to update
       */
       virtual size_t update_granularity() const = 0;

       /**
       * @return required minimium size to finalize() - may be any
       *         length larger than this.
       */
       virtual size_t minimum_final_size() const = 0;

       /**
       * @return the default size for a nonce
       */
       virtual size_t default_nonce_length() const = 0;

       /**
       * @return true iff nonce_len is a valid length for the nonce
       */
       virtual bool valid_nonce_length(size_t nonce_len) const = 0;

       /**
       * Resets just the message specific state and allows encrypting again under the existing key
       */
       virtual void reset() = 0;

       /**
       * @return true iff this mode provides authentication as well as
       * confidentiality.
       */
       virtual bool authenticated() const { return false; }

       /**
       * @return the size of the authentication tag used (in bytes)
       */
       virtual size_t tag_size() const { return 0; }

       /**
       * @return provider information about this implementation. Default is "base",
       * might also return "sse2", "avx2", "openssl", or some other arbitrary string.
       */
       virtual std::string provider() const { return "base"; }
    };

 /**
 * Get a cipher mode by name (eg "AES-128/CBC" or "Serpent/XTS")
 * @param algo_spec cipher name
 * @param direction ENCRYPTION or DECRYPTION
 * @param provider provider implementation to choose
 */
 inline Cipher_Mode* get_cipher_mode(const std::string& algo_spec,
                                     Cipher_Dir direction,
                                     const std::string& provider = "")
    {
    return Cipher_Mode::create(algo_spec, direction, provider).release();
    }

 }

 #endif
tag_size
size_t * tag_size
Definition: ffi.h:450

Botan::offset
bool BigInt BigInt size_t size_t const std::vector< uint8_t > size_t offset
Definition: numthry.h:271

Botan::input_length
size_t const uint8_t size_t input_length
Definition: base32.h:30

nonce_len
const uint8_t size_t nonce_len
Definition: ffi.h:504

buf
const uint8_t * buf
Definition: ffi.h:371

output_length
size_t * output_length
Definition: ffi.h:280

BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55

Botan::DECRYPTION
Definition: cipher_mode.h:23

Botan
Definition: alg_id.cpp:13

Botan::get_cipher_mode
class BOTAN_PUBLIC_API(2, 0) Cipher_Mode Cipher_Mode * get_cipher_mode(const std::string &algo_spec, Cipher_Dir direction, const std::string &provider="")
Definition: cipher_mode.h:189

Botan::BOTAN_PUBLIC_API
class BOTAN_PUBLIC_API(2, 0) AlgorithmIdentifier final bool BOTAN_PUBLIC_API(2, 0) operator
Name Constraints.
Definition: asn1_obj.h:66

update
int(* update)(CTX *, const void *, CC_LONG len)
Definition: commoncrypto_hash.cpp:27

Botan::Cipher_Dir
Cipher_Dir
Definition: cipher_mode.h:23

Botan::ENCRYPTION
Definition: cipher_mode.h:23

nonce
const uint8_t * nonce
Definition: ffi.h:504