Botan  1.11.34
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::CBC_MAC Class Referencefinal

#include <cbc_mac.h>

Inheritance diagram for Botan::CBC_MAC:
Botan::MessageAuthenticationCode Botan::Buffered_Computation Botan::SymmetricAlgorithm

Public Member Functions

 CBC_MAC (BlockCipher *cipher)
 
void clear () override
 
MessageAuthenticationCodeclone () const override
 
void final (byte out[])
 
secure_vector< bytefinal ()
 
template<typename Alloc >
void final (std::vector< byte, Alloc > &out)
 
std::vector< bytefinal_stdvec ()
 
Key_Length_Specification key_spec () const override
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
std::string name () const override
 
size_t output_length () const override
 
secure_vector< byteprocess (const byte in[], size_t length)
 
secure_vector< byteprocess (const secure_vector< byte > &in)
 
secure_vector< byteprocess (const std::vector< byte > &in)
 
secure_vector< byteprocess (const std::string &in)
 
virtual std::string provider () const
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< byte, Alloc > &key)
 
void set_key (const byte key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< byte, Alloc > &nonce)
 
void start (const byte nonce[], size_t nonce_len)
 
void start ()
 
virtual void start_msg (const byte nonce[], size_t nonce_len)
 
void update (const byte in[], size_t length)
 
void update (const secure_vector< byte > &in)
 
void update (const std::vector< byte > &in)
 
void update (const std::string &str)
 
void update (byte in)
 
template<typename T >
void update_be (const T in)
 
bool valid_keylength (size_t length) const
 
virtual bool verify_mac (const byte in[], size_t length)
 
virtual bool verify_mac (const std::vector< byte > &in)
 
virtual bool verify_mac (const secure_vector< byte > &in)
 

Static Public Member Functions

static std::unique_ptr< MessageAuthenticationCodecreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< MessageAuthenticationCodecreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Detailed Description

CBC-MAC

Definition at line 19 of file cbc_mac.h.

Constructor & Destructor Documentation

§ CBC_MAC()

Botan::CBC_MAC::CBC_MAC ( BlockCipher cipher)
explicit
Parameters
cipherthe block cipher to use

Definition at line 89 of file cbc_mac.cpp.

Referenced by clone().

89  :
90  m_cipher(cipher), m_state(cipher->block_size())
91  {
92  }

Member Function Documentation

§ clear()

void Botan::CBC_MAC::clear ( )
overridevirtual

Reset the state.

Implements Botan::SymmetricAlgorithm.

Definition at line 63 of file cbc_mac.cpp.

References Botan::zeroise().

64  {
65  m_cipher->clear();
66  zeroise(m_state);
67  m_position = 0;
68  }
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:203

§ clone()

MessageAuthenticationCode * Botan::CBC_MAC::clone ( ) const
overridevirtual

Get a new object representing the same algorithm as *this

Implements Botan::MessageAuthenticationCode.

Definition at line 81 of file cbc_mac.cpp.

References CBC_MAC().

82  {
83  return new CBC_MAC(m_cipher->clone());
84  }
CBC_MAC(BlockCipher *cipher)
Definition: cbc_mac.cpp:89

§ create()

std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 43 of file mac.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::HashFunction::create(), and Botan::BlockCipher::create().

Referenced by botan_mac_init(), Botan::PBKDF::create(), Botan::KDF::create(), Botan::MessageAuthenticationCode::create_or_throw(), Botan::TLS::Session::decrypt(), Botan::TLS::Session::encrypt(), Botan::get_mac(), Botan::TLS::Hello_Verify_Request::Hello_Verify_Request(), and Botan::make_message_auth().

45  {
46  const SCAN_Name req(algo_spec);
47 
48 #if defined(BOTAN_HAS_GMAC)
49  if(req.algo_name() == "GMAC" && req.arg_count() == 1)
50  {
51  if(provider.empty() || provider == "base")
52  {
53  if(auto bc = BlockCipher::create(req.arg(0)))
54  return std::unique_ptr<MessageAuthenticationCode>(new GMAC(bc.release()));
55  }
56  }
57 #endif
58 
59 #if defined(BOTAN_HAS_HMAC)
60  if(req.algo_name() == "HMAC" && req.arg_count() == 1)
61  {
62  // TODO OpenSSL
63  if(provider.empty() || provider == "base")
64  {
65  if(auto h = HashFunction::create(req.arg(0)))
66  return std::unique_ptr<MessageAuthenticationCode>(new HMAC(h.release()));
67  }
68  }
69 #endif
70 
71 #if defined(BOTAN_HAS_POLY1305)
72  if(req.algo_name() == "Poly1305" && req.arg_count() == 0)
73  {
74  if(provider.empty() || provider == "base")
75  return std::unique_ptr<MessageAuthenticationCode>(new Poly1305);
76  }
77 #endif
78 
79 #if defined(BOTAN_HAS_SIPHASH)
80  if(req.algo_name() == "SipHash")
81  {
82  if(provider.empty() || provider == "base")
83  {
84  return std::unique_ptr<MessageAuthenticationCode>(
85  new SipHash(req.arg_as_integer(0, 2), req.arg_as_integer(1, 4)));
86  }
87  }
88 #endif
89 
90 #if defined(BOTAN_HAS_CMAC)
91  if((req.algo_name() == "CMAC" || req.algo_name() == "OMAC") && req.arg_count() == 1)
92  {
93  // TODO: OpenSSL CMAC
94  if(provider.empty() || provider == "base")
95  {
96  if(auto bc = BlockCipher::create(req.arg(0)))
97  return std::unique_ptr<MessageAuthenticationCode>(new CMAC(bc.release()));
98  }
99  }
100 #endif
101 
102 
103 #if defined(BOTAN_HAS_CBC_MAC)
104  if(req.algo_name() == "CBC-MAC" && req.arg_count() == 1)
105  {
106  if(provider.empty() || provider == "base")
107  {
108  if(auto bc = BlockCipher::create(req.arg(0)))
109  return std::unique_ptr<MessageAuthenticationCode>(new CBC_MAC(bc.release()));
110  }
111  }
112 #endif
113 
114 #if defined(BOTAN_HAS_ANSI_X919_MAC)
115  if(req.algo_name() == "X9.19-MAC")
116  {
117  if(provider.empty() || provider == "base")
118  {
119  return std::unique_ptr<MessageAuthenticationCode>(new ANSI_X919_MAC);
120  }
121  }
122 #endif
123 
124  return nullptr;
125  }
virtual std::string provider() const
Definition: mac.h:139
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:93
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")

§ create_or_throw()

std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Definition at line 135 of file mac.cpp.

References Botan::MessageAuthenticationCode::create().

Referenced by Botan::AutoSeeded_RNG::AutoSeeded_RNG(), Botan::ECIES_System_Params::create_mac(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode().

137  {
138  if(auto mac = MessageAuthenticationCode::create(algo, provider))
139  {
140  return mac;
141  }
142  throw Lookup_Error("MAC", algo, provider);
143  }
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:43
virtual std::string provider() const
Definition: mac.h:139

§ final() [1/3]

void Botan::Buffered_Computation::final ( byte  out[])
inlineinherited

Complete the computation and retrieve the final result.

Parameters
outThe byte array to be filled with the result. Must be of length output_length()

Definition at line 90 of file buf_comp.h.

Referenced by botan_hash_final(), botan_mac_final(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), Botan::mgf1_mask(), Botan::pbkdf2(), and Botan::TLS_PRF::TLS_PRF().

90 { final_result(out); }

§ final() [2/3]

secure_vector<byte> Botan::Buffered_Computation::final ( )
inlineinherited

Complete the computation and retrieve the final result.

Returns
secure_vector holding the result

Definition at line 97 of file buf_comp.h.

98  {
99  secure_vector<byte> output(output_length());
100  final_result(output.data());
101  return output;
102  }
virtual size_t output_length() const =0

§ final() [3/3]

template<typename Alloc >
void Botan::Buffered_Computation::final ( std::vector< byte, Alloc > &  out)
inlineinherited

Definition at line 112 of file buf_comp.h.

113  {
114  out.resize(output_length());
115  final_result(out.data());
116  }
virtual size_t output_length() const =0

§ final_stdvec()

std::vector<byte> Botan::Buffered_Computation::final_stdvec ( )
inlineinherited

Definition at line 104 of file buf_comp.h.

105  {
106  std::vector<byte> output(output_length());
107  final_result(output.data());
108  return output;
109  }
virtual size_t output_length() const =0

§ key_spec()

Key_Length_Specification Botan::CBC_MAC::key_spec ( ) const
inlineoverridevirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 27 of file cbc_mac.h.

28  {
29  return m_cipher->key_spec();
30  }

§ maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 39 of file sym_algo.h.

40  {
41  return key_spec().maximum_keylength();
42  }
size_t maximum_keylength() const
Definition: key_spec.h:69
virtual Key_Length_Specification key_spec() const =0

§ minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 47 of file sym_algo.h.

48  {
49  return key_spec().minimum_keylength();
50  }
virtual Key_Length_Specification key_spec() const =0
size_t minimum_keylength() const
Definition: key_spec.h:61

§ name()

std::string Botan::CBC_MAC::name ( ) const
overridevirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 73 of file cbc_mac.cpp.

74  {
75  return "CBC-MAC(" + m_cipher->name() + ")";
76  }

§ output_length()

size_t Botan::CBC_MAC::output_length ( ) const
inlineoverridevirtual
Returns
length of the output of this function in bytes

Implements Botan::Buffered_Computation.

Definition at line 24 of file cbc_mac.h.

24 { return m_cipher->block_size(); }

§ process() [1/4]

secure_vector<byte> Botan::Buffered_Computation::process ( const byte  in[],
size_t  length 
)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a byte array
lengththe length of the byte array
Returns
the result of the call to final()

Definition at line 125 of file buf_comp.h.

Referenced by Botan::RTSS_Share::split(), and Botan::TLS_PRF::TLS_PRF().

126  {
127  add_data(in, length);
128  return final();
129  }

§ process() [2/4]

secure_vector<byte> Botan::Buffered_Computation::process ( const secure_vector< byte > &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process
Returns
the result of the call to final()

Definition at line 137 of file buf_comp.h.

138  {
139  add_data(in.data(), in.size());
140  return final();
141  }

§ process() [3/4]

secure_vector<byte> Botan::Buffered_Computation::process ( const std::vector< byte > &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process
Returns
the result of the call to final()

Definition at line 149 of file buf_comp.h.

150  {
151  add_data(in.data(), in.size());
152  return final();
153  }

§ process() [4/4]

secure_vector<byte> Botan::Buffered_Computation::process ( const std::string &  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a string
Returns
the result of the call to final()

Definition at line 161 of file buf_comp.h.

162  {
163  update(in);
164  return final();
165  }
void update(const byte in[], size_t length)
Definition: buf_comp.h:34

§ provider()

virtual std::string Botan::MessageAuthenticationCode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Definition at line 139 of file mac.h.

139 { return "base"; }

§ providers()

std::vector< std::string > Botan::MessageAuthenticationCode::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 128 of file mac.cpp.

Referenced by Botan::get_mac_providers().

129  {
130  return probe_providers_of<MessageAuthenticationCode>(algo_spec, {"base", "openssl"});
131  }

§ set_key() [1/3]

void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe SymmetricKey to be set.

Definition at line 66 of file sym_algo.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

Referenced by Botan::aont_package(), Botan::aont_unpackage(), botan_mac_set_key(), Botan::GOST_34_11::clear(), Botan::DESX::decrypt_n(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::key_spec(), Botan::pbkdf2(), and Botan::TLS_PRF::TLS_PRF().

67  {
68  set_key(key.begin(), key.length());
69  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66

§ set_key() [2/3]

template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< byte, Alloc > &  key)
inlineinherited

Definition at line 72 of file sym_algo.h.

73  {
74  set_key(key.data(), key.size());
75  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:66

§ set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( const byte  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 82 of file sym_algo.h.

83  {
84  if(!valid_keylength(length))
85  throw Invalid_Key_Length(name(), length);
86  key_schedule(key, length);
87  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:57
virtual std::string name() const =0

§ start() [1/3]

template<typename Alloc >
void Botan::MessageAuthenticationCode::start ( const std::vector< byte, Alloc > &  nonce)
inlineinherited

Begin processing a message with a nonce

Parameters
noncethe per message nonce

Definition at line 79 of file mac.h.

80  {
81  start_msg(nonce.data(), nonce.size());
82  }
virtual void start_msg(const byte nonce[], size_t nonce_len)
Definition: mac.h:66

§ start() [2/3]

void Botan::MessageAuthenticationCode::start ( const byte  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 89 of file mac.h.

90  {
91  start_msg(nonce, nonce_len);
92  }
virtual void start_msg(const byte nonce[], size_t nonce_len)
Definition: mac.h:66

§ start() [3/3]

void Botan::MessageAuthenticationCode::start ( )
inlineinherited

Begin processing a message.

Definition at line 97 of file mac.h.

98  {
99  return start_msg(nullptr, 0);
100  }
virtual void start_msg(const byte nonce[], size_t nonce_len)
Definition: mac.h:66

§ start_msg()

virtual void Botan::MessageAuthenticationCode::start_msg ( const byte  nonce[],
size_t  nonce_len 
)
inlinevirtualinherited

Prepare for processing a message under the specified nonce

Most MACs neither require nor support a nonce; for these algorithms calling start_msg is optional and calling it with anything other than an empty string is an error. One MAC which requires a per-message nonce be specified is GMAC.

Parameters
noncethe message nonce bytes
nonce_lenthe size of len in bytes Default implementation simply rejects all non-empty nonces since most hash/MAC algorithms do not support randomization

Definition at line 66 of file mac.h.

References BOTAN_UNUSED.

67  {
68  BOTAN_UNUSED(nonce);
69  if(nonce_len > 0)
70  throw Invalid_IV_Length(name(), nonce_len);
71  }
virtual std::string name() const =0
#define BOTAN_UNUSED(v)
Definition: assert.h:92

§ update() [1/5]

void Botan::Buffered_Computation::update ( const byte  in[],
size_t  length 
)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a byte array
lengthof param in in bytes

Definition at line 34 of file buf_comp.h.

Referenced by botan_hash_update(), botan_mac_update(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), Botan::mgf1_mask(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::output_length(), Botan::pbkdf2(), and Botan::TLS_PRF::TLS_PRF().

34 { add_data(in, length); }

§ update() [2/5]

void Botan::Buffered_Computation::update ( const secure_vector< byte > &  in)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a secure_vector

Definition at line 40 of file buf_comp.h.

41  {
42  add_data(in.data(), in.size());
43  }

§ update() [3/5]

void Botan::Buffered_Computation::update ( const std::vector< byte > &  in)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a std::vector

Definition at line 49 of file buf_comp.h.

50  {
51  add_data(in.data(), in.size());
52  }

§ update() [4/5]

void Botan::Buffered_Computation::update ( const std::string &  str)
inlineinherited

Add new input to process.

Parameters
strthe input to process as a std::string. Will be interpreted as a byte array based on the strings encoding.

Definition at line 73 of file buf_comp.h.

74  {
75  add_data(reinterpret_cast<const byte*>(str.data()), str.size());
76  }

§ update() [5/5]

void Botan::Buffered_Computation::update ( byte  in)
inlineinherited

Process a single byte.

Parameters
inthe byte to process

Definition at line 82 of file buf_comp.h.

82 { add_data(&in, 1); }

§ update_be()

template<typename T >
void Botan::Buffered_Computation::update_be ( const T  in)
inlineinherited

Add an integer in big-endian order

Parameters
inthe value

Definition at line 58 of file buf_comp.h.

References Botan::get_byte().

Referenced by Botan::mgf1_mask(), and Botan::pbkdf2().

59  {
60  for(size_t i = 0; i != sizeof(T); ++i)
61  {
62  byte b = get_byte(i, in);
63  add_data(&b, 1);
64  }
65  }
byte get_byte(size_t byte_num, T input)
Definition: loadstor.h:47
std::uint8_t byte
Definition: types.h:31

§ valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 57 of file sym_algo.h.

Referenced by Botan::aont_package(), and Botan::aont_unpackage().

58  {
59  return key_spec().valid_keylength(length);
60  }
bool valid_keylength(size_t length) const
Definition: key_spec.h:51
virtual Key_Length_Specification key_spec() const =0

§ verify_mac() [1/3]

bool Botan::MessageAuthenticationCode::verify_mac ( const byte  in[],
size_t  length 
)
virtualinherited

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
lengththe length of param in
Returns
true if the MAC is valid, false otherwise

Definition at line 148 of file mac.cpp.

References Botan::same_mem().

149  {
150  secure_vector<byte> our_mac = final();
151 
152  if(our_mac.size() != length)
153  return false;
154 
155  return same_mem(our_mac.data(), mac, length);
156  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:98

§ verify_mac() [2/3]

virtual bool Botan::MessageAuthenticationCode::verify_mac ( const std::vector< byte > &  in)
inlinevirtualinherited

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
Returns
true if the MAC is valid, false otherwise

Definition at line 115 of file mac.h.

116  {
117  return verify_mac(in.data(), in.size());
118  }
virtual bool verify_mac(const byte in[], size_t length)
Definition: mac.cpp:148

§ verify_mac() [3/3]

virtual bool Botan::MessageAuthenticationCode::verify_mac ( const secure_vector< byte > &  in)
inlinevirtualinherited

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
Returns
true if the MAC is valid, false otherwise

Definition at line 125 of file mac.h.

126  {
127  return verify_mac(in.data(), in.size());
128  }
virtual bool verify_mac(const byte in[], size_t length)
Definition: mac.cpp:148

The documentation for this class was generated from the following files: