Botan 3.5.0
Crypto and TLS for C&
Botan::CFB_Mode Class Referenceabstract

#include <cfb.h>

Inheritance diagram for Botan::CFB_Mode:
Botan::Cipher_Mode Botan::SymmetricAlgorithm Botan::CFB_Decryption Botan::CFB_Encryption

Public Member Functions

bool authenticated () const
 
void clear () final
 
size_t default_nonce_length () const final
 
void finish (secure_vector< uint8_t > &final_block, size_t offset=0)
 
template<concepts::resizable_byte_buffer T>
void finish (T &final_block, size_t offset=0)
 
bool has_keying_material () const final
 
size_t ideal_granularity () const final
 
Key_Length_Specification key_spec () const final
 
size_t maximum_keylength () const
 
size_t minimum_final_size () const final
 
size_t minimum_keylength () const
 
std::string name () const final
 
size_t output_length (size_t input_length) const final
 
size_t process (std::span< uint8_t > msg)
 
size_t process (uint8_t msg[], size_t msg_len)
 
virtual std::string provider () const
 
virtual bool requires_entire_message () const
 
void reset () final
 
void set_key (const SymmetricKey &key)
 
void set_key (const uint8_t key[], size_t length)
 
void set_key (std::span< const uint8_t > key)
 
void start ()
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start (std::span< const uint8_t > nonce)
 
virtual size_t tag_size () const
 
template<concepts::resizable_byte_buffer T>
void update (T &buffer, size_t offset=0)
 
size_t update_granularity () const final
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t n) const final
 

Static Public Member Functions

static std::unique_ptr< Cipher_Modecreate (std::string_view algo, Cipher_Dir direction, std::string_view provider="")
 
static std::unique_ptr< Cipher_Modecreate_or_throw (std::string_view algo, Cipher_Dir direction, std::string_view provider="")
 
static std::vector< std::string > providers (std::string_view algo_spec)
 

Protected Member Functions

void assert_key_material_set () const
 
void assert_key_material_set (bool predicate) const
 
size_t block_size () const
 
 CFB_Mode (std::unique_ptr< BlockCipher > cipher, size_t feedback_bits)
 
const BlockCiphercipher () const
 
size_t feedback () const
 
virtual void finish_msg (secure_vector< uint8_t > &final_block, size_t offset=0)=0
 
virtual size_t process_msg (uint8_t msg[], size_t msg_len)=0
 
void shift_register ()
 

Protected Attributes

secure_vector< uint8_t > m_keystream
 
size_t m_keystream_pos = 0
 
secure_vector< uint8_t > m_state
 

Detailed Description

CFB Mode

Definition at line 20 of file cfb.h.

Constructor & Destructor Documentation

◆ CFB_Mode()

Botan::CFB_Mode::CFB_Mode ( std::unique_ptr< BlockCipher > cipher,
size_t feedback_bits )
protected

Definition at line 15 of file cfb.cpp.

15 :
16 m_cipher(std::move(cipher)),
17 m_block_size(m_cipher->block_size()),
18 m_feedback_bytes(feedback_bits ? feedback_bits / 8 : m_block_size) {
19 if(feedback_bits % 8 || feedback() > m_block_size) {
20 throw Invalid_Argument(fmt("{} does not support feedback bits of {}", name(), feedback_bits));
21 }
22}
std::string name() const final
Definition cfb.cpp:35
size_t feedback() const
Definition cfb.h:49
const BlockCipher & cipher() const
Definition cfb.h:51
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53

References feedback(), Botan::fmt(), and name().

Member Function Documentation

◆ assert_key_material_set() [1/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( ) const
inlineprotectedinherited

Definition at line 139 of file sym_algo.h.

virtual bool has_keying_material() const =0
void assert_key_material_set() const
Definition sym_algo.h:139

References Botan::SymmetricAlgorithm::assert_key_material_set().

Referenced by Botan::SymmetricAlgorithm::assert_key_material_set(), Botan::Salsa20::cipher_bytes(), Botan::AES_128::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::DES::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::Kuznyechik::decrypt_n(), Botan::Lion::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::AES_128::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::DES::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::Kuznyechik::encrypt_n(), Botan::Lion::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::GHASH::final(), Botan::GHASH::ghash_update(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::OCB_Mode::set_associated_data_n(), Botan::Salsa20::set_iv_bytes(), Botan::GHASH::update(), and Botan::GHASH::update_associated_data().

◆ assert_key_material_set() [2/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( bool predicate) const
inlineprotectedinherited

Definition at line 141 of file sym_algo.h.

141 {
142 if(!predicate) {
143 throw_key_not_set_error();
144 }
145 }

◆ authenticated()

bool Botan::Cipher_Mode::authenticated ( ) const
inlineinherited
Returns
true iff this mode provides authentication as well as confidentiality.

Definition at line 223 of file cipher_mode.h.

223{ return this->tag_size() > 0; }
virtual size_t tag_size() const

◆ block_size()

size_t Botan::CFB_Mode::block_size ( ) const
inlineprotected

Definition at line 53 of file cfb.h.

53{ return m_block_size; }

Referenced by default_nonce_length(), name(), shift_register(), and valid_nonce_length().

◆ cipher()

const BlockCipher & Botan::CFB_Mode::cipher ( ) const
inlineprotected

Definition at line 51 of file cfb.h.

51{ return *m_cipher; }

Referenced by key_spec(), name(), and shift_register().

◆ clear()

void Botan::CFB_Mode::clear ( )
finalvirtual

Reset the internal state. This includes not just the key, but any partial message that may have been in process.

Implements Botan::SymmetricAlgorithm.

Definition at line 24 of file cfb.cpp.

24 {
25 m_cipher->clear();
26 m_keystream.clear();
27 reset();
28}
secure_vector< uint8_t > m_keystream
Definition cfb.h:56
void reset() final
Definition cfb.cpp:30

References m_keystream, and reset().

◆ create()

std::unique_ptr< Cipher_Mode > Botan::Cipher_Mode::create ( std::string_view algo,
Cipher_Dir direction,
std::string_view provider = "" )
staticinherited

Create an AEAD mode

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode or a null pointer if not available

Definition at line 51 of file cipher_mode.cpp.

53 {
54#if defined(BOTAN_HAS_COMMONCRYPTO)
55 if(provider.empty() || provider == "commoncrypto") {
56 if(auto cm = make_commoncrypto_cipher_mode(algo, direction))
57 return cm;
58
59 if(!provider.empty())
60 return nullptr;
61 }
62#endif
63
64#if defined(BOTAN_HAS_STREAM_CIPHER)
65 if(auto sc = StreamCipher::create(algo)) {
66 return std::make_unique<Stream_Cipher_Mode>(std::move(sc));
67 }
68#endif
69
70#if defined(BOTAN_HAS_AEAD_MODES)
71 if(auto aead = AEAD_Mode::create(algo, direction)) {
72 return aead;
73 }
74#endif
75
76 if(algo.find('/') != std::string::npos) {
77 const std::vector<std::string> algo_parts = split_on(algo, '/');
78 std::string_view cipher_name = algo_parts[0];
79 const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
80
81 if(mode_info.empty()) {
82 return std::unique_ptr<Cipher_Mode>();
83 }
84
85 std::ostringstream mode_name;
86
87 mode_name << mode_info[0] << '(' << cipher_name;
88 for(size_t i = 1; i < mode_info.size(); ++i) {
89 mode_name << ',' << mode_info[i];
90 }
91 for(size_t i = 2; i < algo_parts.size(); ++i) {
92 mode_name << ',' << algo_parts[i];
93 }
94 mode_name << ')';
95
96 return Cipher_Mode::create(mode_name.str(), direction, provider);
97 }
98
99#if defined(BOTAN_HAS_BLOCK_CIPHER)
100
101 SCAN_Name spec(algo);
102
103 if(spec.arg_count() == 0) {
104 return std::unique_ptr<Cipher_Mode>();
105 }
106
107 auto bc = BlockCipher::create(spec.arg(0), provider);
108
109 if(!bc) {
110 return std::unique_ptr<Cipher_Mode>();
111 }
112
113 #if defined(BOTAN_HAS_MODE_CBC)
114 if(spec.algo_name() == "CBC") {
115 const std::string padding = spec.arg(1, "PKCS7");
116
117 if(padding == "CTS") {
118 if(direction == Cipher_Dir::Encryption) {
119 return std::make_unique<CTS_Encryption>(std::move(bc));
120 } else {
121 return std::make_unique<CTS_Decryption>(std::move(bc));
122 }
123 } else {
124 auto pad = BlockCipherModePaddingMethod::create(padding);
125
126 if(pad) {
127 if(direction == Cipher_Dir::Encryption) {
128 return std::make_unique<CBC_Encryption>(std::move(bc), std::move(pad));
129 } else {
130 return std::make_unique<CBC_Decryption>(std::move(bc), std::move(pad));
131 }
132 }
133 }
134 }
135 #endif
136
137 #if defined(BOTAN_HAS_MODE_XTS)
138 if(spec.algo_name() == "XTS") {
139 if(direction == Cipher_Dir::Encryption) {
140 return std::make_unique<XTS_Encryption>(std::move(bc));
141 } else {
142 return std::make_unique<XTS_Decryption>(std::move(bc));
143 }
144 }
145 #endif
146
147 #if defined(BOTAN_HAS_MODE_CFB)
148 if(spec.algo_name() == "CFB") {
149 const size_t feedback_bits = spec.arg_as_integer(1, 8 * bc->block_size());
150 if(direction == Cipher_Dir::Encryption) {
151 return std::make_unique<CFB_Encryption>(std::move(bc), feedback_bits);
152 } else {
153 return std::make_unique<CFB_Decryption>(std::move(bc), feedback_bits);
154 }
155 }
156 #endif
157
158#endif
159
160 return std::unique_ptr<Cipher_Mode>();
161}
static std::unique_ptr< AEAD_Mode > create(std::string_view algo, Cipher_Dir direction, std::string_view provider="")
Definition aead.cpp:53
static std::unique_ptr< BlockCipherModePaddingMethod > create(std::string_view algo_spec)
Definition mode_pad.cpp:19
static std::unique_ptr< BlockCipher > create(std::string_view algo_spec, std::string_view provider="")
static std::unique_ptr< Cipher_Mode > create(std::string_view algo, Cipher_Dir direction, std::string_view provider="")
virtual std::string provider() const
static std::unique_ptr< StreamCipher > create(std::string_view algo_spec, std::string_view provider="")
std::vector< std::string > split_on(std::string_view str, char delim)
Definition parsing.cpp:111
std::unique_ptr< Cipher_Mode > make_commoncrypto_cipher_mode(std::string_view name, Cipher_Dir direction)
std::vector< std::string > parse_algorithm_name(std::string_view namex)
Definition parsing.cpp:57

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::AEAD_Mode::create(), Botan::BlockCipher::create(), Botan::BlockCipherModePaddingMethod::create(), Botan::Cipher_Mode::create(), Botan::StreamCipher::create(), Botan::Encryption, Botan::make_commoncrypto_cipher_mode(), Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().

Referenced by botan_cipher_init(), Botan::Cipher_Mode::create(), Botan::Cipher_Mode::create_or_throw(), Botan::get_cipher_mode(), Botan::pbes2_decrypt(), and Botan::Cipher_Mode::providers().

◆ create_or_throw()

std::unique_ptr< Cipher_Mode > Botan::Cipher_Mode::create_or_throw ( std::string_view algo,
Cipher_Dir direction,
std::string_view provider = "" )
staticinherited

Create an AEAD mode, or throw

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode, or throw an exception

Definition at line 41 of file cipher_mode.cpp.

43 {
44 if(auto mode = Cipher_Mode::create(algo, direction, provider)) {
45 return mode;
46 }
47
48 throw Lookup_Error("Cipher mode", algo, provider);
49}

References Botan::Cipher_Mode::create(), and Botan::Cipher_Mode::provider().

Referenced by Botan::ECIES_System_Params::create_cipher(), Botan::CryptoBox::decrypt_bin(), Botan::CryptoBox::encrypt(), and Botan::get_cipher().

◆ default_nonce_length()

size_t Botan::CFB_Mode::default_nonce_length ( ) const
finalvirtual
Returns
the default size for a nonce

Implements Botan::Cipher_Mode.

Definition at line 64 of file cfb.cpp.

64 {
65 return block_size();
66}
size_t block_size() const
Definition cfb.h:53

References block_size().

◆ feedback()

size_t Botan::CFB_Mode::feedback ( ) const
inlineprotected

Definition at line 49 of file cfb.h.

49{ return m_feedback_bytes; }

Referenced by CFB_Mode(), ideal_granularity(), name(), shift_register(), and update_granularity().

◆ finish() [1/2]

void Botan::Cipher_Mode::finish ( secure_vector< uint8_t > & final_block,
size_t offset = 0 )
inlineinherited

Complete processing of a message.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Definition at line 146 of file cipher_mode.h.

146{ finish_msg(final_block, offset); }
virtual void finish_msg(secure_vector< uint8_t > &final_block, size_t offset=0)=0

Referenced by botan_cipher_update(), and Botan::TLS::write_record().

◆ finish() [2/2]

template<concepts::resizable_byte_buffer T>
void Botan::Cipher_Mode::finish ( T & final_block,
size_t offset = 0 )
inlineinherited

Complete procession of a message.

Note: Using this overload with anything but a Botan::secure_vector<> is copying the bytes in the in/out buffer.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Definition at line 159 of file cipher_mode.h.

159 {
160 Botan::secure_vector<uint8_t> tmp(final_block.begin(), final_block.end());
161 finish_msg(tmp, offset);
162 final_block.resize(tmp.size());
163 std::copy(tmp.begin(), tmp.end(), final_block.begin());
164 }
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61

◆ finish_msg()

virtual void Botan::Cipher_Mode::finish_msg ( secure_vector< uint8_t > & final_block,
size_t offset = 0 )
protectedpure virtualinherited

◆ has_keying_material()

bool Botan::CFB_Mode::has_keying_material ( ) const
finalvirtual
Returns
true if a key has been set on this object

Implements Botan::SymmetricAlgorithm.

Definition at line 72 of file cfb.cpp.

72 {
73 return m_cipher->has_keying_material();
74}

◆ ideal_granularity()

size_t Botan::CFB_Mode::ideal_granularity ( ) const
finalvirtual

Return an ideal granularity. This will be a multiple of the result of update_granularity but may be larger. If so it indicates that better performance may be achieved by providing buffers that are at least that size.

Implements Botan::Cipher_Mode.

Definition at line 51 of file cfb.cpp.

51 {
52 // Multiplier here is arbitrary
53 return 16 * feedback();
54}

References feedback().

◆ key_spec()

Key_Length_Specification Botan::CFB_Mode::key_spec ( ) const
finalvirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 60 of file cfb.cpp.

60 {
61 return cipher().key_spec();
62}
virtual Key_Length_Specification key_spec() const =0

References cipher(), and Botan::SymmetricAlgorithm::key_spec().

◆ maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 95 of file sym_algo.h.

95{ return key_spec().maximum_keylength(); }
size_t maximum_keylength() const
Definition sym_algo.h:54

◆ minimum_final_size()

size_t Botan::CFB_Mode::minimum_final_size ( ) const
finalvirtual
Returns
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Cipher_Mode.

Definition at line 56 of file cfb.cpp.

56 {
57 return 0;
58}

◆ minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 100 of file sym_algo.h.

100{ return key_spec().minimum_keylength(); }
size_t minimum_keylength() const
Definition sym_algo.h:49

◆ name()

std::string Botan::CFB_Mode::name ( ) const
finalvirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 35 of file cfb.cpp.

35 {
36 if(feedback() == cipher().block_size()) {
37 return fmt("{}/CFB", cipher().name());
38 } else {
39 return fmt("{}/CFB({})", cipher().name(), feedback() * 8);
40 }
41}

References block_size(), cipher(), feedback(), Botan::fmt(), and name().

Referenced by CFB_Mode(), and name().

◆ output_length()

size_t Botan::CFB_Mode::output_length ( size_t input_length) const
finalvirtual

Returns the size of the output if this transform is used to process a message with input_length bytes. In most cases the answer is precise. If it is not possible to precise (namely for CBC decryption) instead an upper bound is returned.

Implements Botan::Cipher_Mode.

Definition at line 43 of file cfb.cpp.

43 {
44 return input_length;
45}

◆ process() [1/2]

size_t Botan::Cipher_Mode::process ( std::span< uint8_t > msg)
inlineinherited

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).

Parameters
msgthe message to be processed
Returns
bytes written in-place

Definition at line 123 of file cipher_mode.h.

123{ return this->process_msg(msg.data(), msg.size()); }
virtual size_t process_msg(uint8_t msg[], size_t msg_len)=0

Referenced by botan_cipher_update().

◆ process() [2/2]

size_t Botan::Cipher_Mode::process ( uint8_t msg[],
size_t msg_len )
inlineinherited

Definition at line 125 of file cipher_mode.h.

125{ return this->process_msg(msg, msg_len); }

◆ process_msg()

virtual size_t Botan::Cipher_Mode::process_msg ( uint8_t msg[],
size_t msg_len )
protectedpure virtualinherited

◆ provider()

virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 234 of file cipher_mode.h.

234{ return "base"; }

Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::Cipher_Mode::create_or_throw().

◆ providers()

std::vector< std::string > Botan::Cipher_Mode::providers ( std::string_view algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available
Parameters
algo_specalgorithm name

Definition at line 164 of file cipher_mode.cpp.

164 {
165 const std::vector<std::string>& possible = {"base", "commoncrypto"};
166 std::vector<std::string> providers;
167 for(auto&& prov : possible) {
168 auto mode = Cipher_Mode::create(algo_spec, Cipher_Dir::Encryption, prov);
169 if(mode) {
170 providers.push_back(prov); // available
171 }
172 }
173 return providers;
174}
static std::vector< std::string > providers(std::string_view algo_spec)

References Botan::Cipher_Mode::create(), Botan::Encryption, and Botan::Cipher_Mode::providers().

Referenced by Botan::Cipher_Mode::providers().

◆ requires_entire_message()

virtual bool Botan::Cipher_Mode::requires_entire_message ( ) const
inlinevirtualinherited

Certain modes require the entire message be available before any processing can occur. For such modes, input will be consumed but not returned, until finish is called, which returns the entire message.

This function returns true if this mode has this style of operation.

Reimplemented in Botan::CCM_Mode, and Botan::SIV_Mode.

Definition at line 196 of file cipher_mode.h.

196{ return false; }

Referenced by botan_cipher_update().

◆ reset()

void Botan::CFB_Mode::reset ( )
finalvirtual

Resets just the message specific state and allows encrypting again under the existing key

Implements Botan::Cipher_Mode.

Definition at line 30 of file cfb.cpp.

30 {
31 m_state.clear();
33}
secure_vector< uint8_t > m_state
Definition cfb.h:55
void zeroise(std::vector< T, Alloc > &vec)
Definition secmem.h:108

References m_keystream, m_state, and Botan::zeroise().

Referenced by clear().

◆ set_key() [1/3]

◆ set_key() [2/3]

void Botan::SymmetricAlgorithm::set_key ( const uint8_t key[],
size_t length )
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 126 of file sym_algo.h.

126{ set_key(std::span{key, length}); }

References Botan::SymmetricAlgorithm::set_key().

Referenced by Botan::SymmetricAlgorithm::set_key().

◆ set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( std::span< const uint8_t > key)
inherited

Set the symmetric key of this object.

Parameters
keythe contiguous byte range to be set.

Definition at line 17 of file sym_algo.cpp.

17 {
18 if(!valid_keylength(key.size())) {
19 throw Invalid_Key_Length(name(), key.size());
20 }
21 key_schedule(key);
22}
bool valid_keylength(size_t length) const
Definition sym_algo.h:107
virtual std::string name() const =0

References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().

◆ shift_register()

void Botan::CFB_Mode::shift_register ( )
protected

Definition at line 100 of file cfb.cpp.

100 {
101 const size_t shift = feedback();
102 const size_t carryover = block_size() - shift;
103
104 if(carryover > 0) {
105 copy_mem(m_state.data(), &m_state[shift], carryover);
106 }
107 copy_mem(&m_state[carryover], m_keystream.data(), shift);
109 m_keystream_pos = 0;
110}
void encrypt(const uint8_t in[], uint8_t out[]) const
size_t m_keystream_pos
Definition cfb.h:57
constexpr void copy_mem(T *out, const T *in, size_t n)
Definition mem_ops.h:146

References block_size(), cipher(), Botan::copy_mem(), Botan::BlockCipher::encrypt(), feedback(), m_keystream, m_keystream_pos, and m_state.

◆ start() [1/3]

void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

The exact semantics of this depend on the mode. For many modes, the call will fail since a nonce must be provided.

For certain modes such as CBC this will instead cause the last ciphertext block to be used as the nonce of the new message; doing this isn't a good idea, but some (mostly older) protocols do this.

Definition at line 108 of file cipher_mode.h.

108{ return start_msg(nullptr, 0); }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0

◆ start() [2/3]

void Botan::Cipher_Mode::start ( const uint8_t nonce[],
size_t nonce_len )
inlineinherited

Begin processing a message with a fresh nonce.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 96 of file cipher_mode.h.

96{ start_msg(nonce, nonce_len); }

◆ start() [3/3]

void Botan::Cipher_Mode::start ( std::span< const uint8_t > nonce)
inlineinherited

Begin processing a message with a fresh nonce.

Parameters
noncethe per message nonce

Definition at line 89 of file cipher_mode.h.

89{ start_msg(nonce.data(), nonce.size()); }

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

◆ tag_size()

virtual size_t Botan::Cipher_Mode::tag_size ( ) const
inlinevirtualinherited
Returns
the size of the authentication tag used (in bytes)

Reimplemented in Botan::CCM_Mode, Botan::ChaCha20Poly1305_Mode, Botan::EAX_Mode, Botan::GCM_Mode, Botan::OCB_Mode, Botan::SIV_Mode, and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode.

Definition at line 228 of file cipher_mode.h.

228{ return 0; }

◆ update()

template<concepts::resizable_byte_buffer T>
void Botan::Cipher_Mode::update ( T & buffer,
size_t offset = 0 )
inlineinherited

Process some data. Input must be in size update_granularity() uint8_t blocks.

Parameters
bufferin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 133 of file cipher_mode.h.

133 {
134 BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
135 const size_t written = process(std::span(buffer).subspan(offset));
136 buffer.resize(offset + written);
137 }
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:50
size_t process(std::span< uint8_t > msg)

References BOTAN_ASSERT.

◆ update_granularity()

size_t Botan::CFB_Mode::update_granularity ( ) const
finalvirtual
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 47 of file cfb.cpp.

47 {
48 return feedback();
49}

References feedback().

◆ valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 107 of file sym_algo.h.

107{ return key_spec().valid_keylength(length); }
bool valid_keylength(size_t length) const
Definition sym_algo.h:42

Referenced by Botan::SymmetricAlgorithm::set_key().

◆ valid_nonce_length()

bool Botan::CFB_Mode::valid_nonce_length ( size_t nonce_len) const
finalvirtual
Returns
true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 68 of file cfb.cpp.

68 {
69 return (n == 0 || n == block_size());
70}

References block_size().

Member Data Documentation

◆ m_keystream

secure_vector<uint8_t> Botan::CFB_Mode::m_keystream
protected

Definition at line 56 of file cfb.h.

Referenced by clear(), reset(), and shift_register().

◆ m_keystream_pos

size_t Botan::CFB_Mode::m_keystream_pos = 0
protected

Definition at line 57 of file cfb.h.

Referenced by shift_register().

◆ m_state

secure_vector<uint8_t> Botan::CFB_Mode::m_state
protected

Definition at line 55 of file cfb.h.

Referenced by reset(), and shift_register().


The documentation for this class was generated from the following files: