Botan 3.6.1
Crypto and TLS for C&
|
#include <cfb.h>
Public Member Functions | |
bool | authenticated () const |
void | clear () final |
size_t | default_nonce_length () const final |
void | finish (secure_vector< uint8_t > &final_block, size_t offset=0) |
template<concepts::resizable_byte_buffer T> | |
void | finish (T &final_block, size_t offset=0) |
bool | has_keying_material () const final |
size_t | ideal_granularity () const final |
Key_Length_Specification | key_spec () const final |
size_t | maximum_keylength () const |
size_t | minimum_final_size () const final |
size_t | minimum_keylength () const |
std::string | name () const final |
size_t | output_length (size_t input_length) const final |
size_t | process (std::span< uint8_t > msg) |
size_t | process (uint8_t msg[], size_t msg_len) |
virtual std::string | provider () const |
virtual bool | requires_entire_message () const |
void | reset () final |
void | set_key (const SymmetricKey &key) |
void | set_key (const uint8_t key[], size_t length) |
void | set_key (std::span< const uint8_t > key) |
void | start () |
void | start (const uint8_t nonce[], size_t nonce_len) |
void | start (std::span< const uint8_t > nonce) |
virtual size_t | tag_size () const |
template<concepts::resizable_byte_buffer T> | |
void | update (T &buffer, size_t offset=0) |
size_t | update_granularity () const final |
bool | valid_keylength (size_t length) const |
bool | valid_nonce_length (size_t n) const final |
Static Public Member Functions | |
static std::unique_ptr< Cipher_Mode > | create (std::string_view algo, Cipher_Dir direction, std::string_view provider="") |
static std::unique_ptr< Cipher_Mode > | create_or_throw (std::string_view algo, Cipher_Dir direction, std::string_view provider="") |
static std::vector< std::string > | providers (std::string_view algo_spec) |
Protected Member Functions | |
void | assert_key_material_set () const |
void | assert_key_material_set (bool predicate) const |
size_t | block_size () const |
CFB_Mode (std::unique_ptr< BlockCipher > cipher, size_t feedback_bits) | |
const BlockCipher & | cipher () const |
size_t | feedback () const |
virtual void | finish_msg (secure_vector< uint8_t > &final_block, size_t offset=0)=0 |
virtual size_t | process_msg (uint8_t msg[], size_t msg_len)=0 |
void | shift_register () |
Protected Attributes | |
secure_vector< uint8_t > | m_keystream |
size_t | m_keystream_pos = 0 |
secure_vector< uint8_t > | m_state |
|
protected |
Definition at line 15 of file cfb.cpp.
References feedback(), Botan::fmt(), and name().
|
inlineprotectedinherited |
Definition at line 139 of file sym_algo.h.
References Botan::SymmetricAlgorithm::assert_key_material_set().
Referenced by Botan::SymmetricAlgorithm::assert_key_material_set(), Botan::Salsa20::cipher_bytes(), Botan::AES_128::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::DES::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::Kuznyechik::decrypt_n(), Botan::Lion::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::AES_128::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::DES::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::Kuznyechik::encrypt_n(), Botan::Lion::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::GHASH::final(), Botan::GHASH::ghash_update(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::OCB_Mode::set_associated_data_n(), Botan::Salsa20::set_iv_bytes(), Botan::GHASH::update(), and Botan::GHASH::update_associated_data().
|
inlineprotectedinherited |
Definition at line 141 of file sym_algo.h.
|
inlineinherited |
Return the length in bytes of the authentication tag this algorithm generates. If the mode is not authenticated, this will return 0.
Definition at line 264 of file cipher_mode.h.
|
inlineprotected |
Definition at line 53 of file cfb.h.
Referenced by default_nonce_length(), name(), shift_register(), and valid_nonce_length().
|
inlineprotected |
Definition at line 51 of file cfb.h.
Referenced by key_spec(), name(), and shift_register().
|
finalvirtual |
Reset the internal state. This includes not just the key, but any partial message that may have been in process.
Implements Botan::SymmetricAlgorithm.
Definition at line 24 of file cfb.cpp.
References m_keystream, and reset().
|
staticinherited |
Create an AEAD mode
algo | the algorithm to create |
direction | specify if this should be an encryption or decryption AEAD |
provider | optional specification for provider to use |
Definition at line 51 of file cipher_mode.cpp.
References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::AEAD_Mode::create(), Botan::BlockCipher::create(), Botan::BlockCipherModePaddingMethod::create(), Botan::Cipher_Mode::create(), Botan::StreamCipher::create(), Botan::Encryption, Botan::make_commoncrypto_cipher_mode(), Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().
Referenced by botan_cipher_init(), Botan::Cipher_Mode::create(), Botan::Cipher_Mode::create_or_throw(), Botan::get_cipher_mode(), Botan::pbes2_decrypt(), and Botan::Cipher_Mode::providers().
|
staticinherited |
Create an AEAD mode, or throw
algo | the algorithm to create |
direction | specify if this should be an encryption or decryption AEAD |
provider | optional specification for provider to use |
Definition at line 41 of file cipher_mode.cpp.
References Botan::Cipher_Mode::create(), and Botan::Cipher_Mode::provider().
Referenced by Botan::ECIES_System_Params::create_cipher(), Botan::CryptoBox::decrypt_bin(), Botan::CryptoBox::encrypt(), and Botan::get_cipher().
|
finalvirtual |
Implements Botan::Cipher_Mode.
Definition at line 64 of file cfb.cpp.
References block_size().
|
inlineprotected |
Definition at line 49 of file cfb.h.
Referenced by CFB_Mode(), ideal_granularity(), name(), shift_register(), and update_granularity().
|
inlineinherited |
Complete procession of a message with a final input of buffer
, which is treated the same as with update(). If you have the entire message in hand, calling finish() without ever calling update() is both efficient and convenient.
When using an AEAD_Mode, if the supplied authentication tag does not validate, this will throw an instance of Invalid_Authentication_Tag.
If this occurs, all plaintext previously output via calls to update must be destroyed and not used in any way that an attacker could observe the effects of. This could be anything from echoing the plaintext back (perhaps in an error message), or by making an external RPC whose destination or contents depend on the plaintext. The only thing you can do is buffer it, and in the event of an invalid tag, erase the previously decrypted content from memory.
One simple way to assure this could never happen is to never call update, and instead always marshal the entire message into a single buffer and call finish on it when decrypting.
final_block | in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output |
offset | an offset into final_block to begin processing |
Definition at line 180 of file cipher_mode.h.
Referenced by botan_cipher_update(), and Botan::TLS::write_record().
|
inlineinherited |
Complete procession of a message.
Note: Using this overload with anything but a Botan::secure_vector<> is copying the bytes in the in/out buffer.
final_block | in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output |
offset | an offset into final_block to begin processing |
Definition at line 193 of file cipher_mode.h.
|
protectedpure virtualinherited |
|
finalvirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 72 of file cfb.cpp.
|
finalvirtual |
Return an ideal granularity. This will be a multiple of the result of update_granularity but may be larger. If so it indicates that better performance may be achieved by providing buffers that are at least that size (due to SIMD execution, etc).
Implements Botan::Cipher_Mode.
Definition at line 51 of file cfb.cpp.
References feedback().
|
finalvirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 60 of file cfb.cpp.
References cipher(), and Botan::SymmetricAlgorithm::key_spec().
|
inlineinherited |
Definition at line 95 of file sym_algo.h.
|
finalvirtual |
Implements Botan::Cipher_Mode.
Definition at line 56 of file cfb.cpp.
|
inlineinherited |
Definition at line 100 of file sym_algo.h.
|
finalvirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 35 of file cfb.cpp.
References block_size(), cipher(), feedback(), Botan::fmt(), and name().
Referenced by CFB_Mode(), and name().
|
finalvirtual |
Returns the size of the output if this transform is used to process a message with input_length bytes. In most cases the answer is precise. If it is not possible to precise (namely for CBC decryption) instead an upper bound is returned.
Implements Botan::Cipher_Mode.
Definition at line 43 of file cfb.cpp.
|
inlineinherited |
Process message blocks
Input must be a multiple of update_granularity
Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).
msg | the message to be processed |
Definition at line 132 of file cipher_mode.h.
Referenced by botan_cipher_update().
|
inlineinherited |
Definition at line 134 of file cipher_mode.h.
|
protectedpure virtualinherited |
|
inlinevirtualinherited |
Reimplemented in Botan::GCM_Mode.
Definition at line 275 of file cipher_mode.h.
Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::Cipher_Mode::create_or_throw().
|
staticinherited |
algo_spec | algorithm name |
Definition at line 168 of file cipher_mode.cpp.
References Botan::Cipher_Mode::create(), Botan::Encryption, and Botan::Cipher_Mode::providers().
Referenced by Botan::Cipher_Mode::providers().
|
inlinevirtualinherited |
Certain modes require the entire message be available before any processing can occur. For such modes, input will be consumed but not returned, until finish
is called, which returns the entire message.
This function returns true if this mode has this style of operation.
Reimplemented in Botan::CCM_Mode, and Botan::SIV_Mode.
Definition at line 234 of file cipher_mode.h.
Referenced by botan_cipher_update().
|
finalvirtual |
Resets just the message specific state and allows encrypting again under the existing key
Implements Botan::Cipher_Mode.
Definition at line 30 of file cfb.cpp.
References m_keystream, m_state, and Botan::zeroise().
Referenced by clear().
|
inlineinherited |
Set the symmetric key of this object.
key | the SymmetricKey to be set. |
Definition at line 113 of file sym_algo.h.
References Botan::OctetString::begin(), Botan::OctetString::length(), and Botan::SymmetricAlgorithm::set_key().
Referenced by Botan::create_aes_row_generator(), Botan::Sodium::crypto_stream_salsa20(), Botan::Sodium::crypto_stream_salsa20_xor_ic(), Botan::Sodium::crypto_stream_xsalsa20(), Botan::Sodium::crypto_stream_xsalsa20_xor_ic(), Botan::FPE::fe1_decrypt(), Botan::FPE::fe1_encrypt(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), Botan::Sodium::randombytes_buf_deterministic(), and Botan::SymmetricAlgorithm::set_key().
|
inlineinherited |
Set the symmetric key of this object.
key | the to be set as a byte array. |
length | in bytes of key param |
Definition at line 126 of file sym_algo.h.
References Botan::SymmetricAlgorithm::set_key().
Referenced by Botan::SymmetricAlgorithm::set_key().
|
inherited |
Set the symmetric key of this object.
key | the contiguous byte range to be set. |
Definition at line 17 of file sym_algo.cpp.
References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().
|
protected |
Definition at line 100 of file cfb.cpp.
References block_size(), cipher(), Botan::copy_mem(), Botan::BlockCipher::encrypt(), feedback(), m_keystream, m_keystream_pos, and m_state.
|
inlineinherited |
Begin processing a message.
The exact semantics of this depend on the mode. For many modes, the call will fail since a nonce must be provided.
For certain modes such as CBC this will instead cause the last ciphertext block to be used as the nonce of the new message; doing this isn't a good idea, but some (mostly older) protocols do this.
Definition at line 117 of file cipher_mode.h.
|
inlineinherited |
Begin processing a message with a fresh nonce.
nonce | the per message nonce |
nonce_len | length of nonce |
Definition at line 105 of file cipher_mode.h.
|
inlineinherited |
Begin processing a message with a fresh nonce.
nonce | the per message nonce |
Definition at line 98 of file cipher_mode.h.
Referenced by botan_cipher_start(), and Botan::TLS::write_record().
|
inlinevirtualinherited |
Reimplemented in Botan::CCM_Mode, Botan::ChaCha20Poly1305_Mode, Botan::EAX_Mode, Botan::GCM_Mode, Botan::OCB_Mode, Botan::SIV_Mode, and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode.
Definition at line 269 of file cipher_mode.h.
|
inlineinherited |
Process some data. Input must be in size update_granularity() uint8_t blocks. The buffer
is an in/out parameter and may be resized. In particular, some modes require that all input be consumed before any output is produced; with these modes, buffer
will be returned empty.
The first offset
bytes of buffer
will be ignored (this allows in place processing of a buffer that contains an initial plaintext header).
buffer | in/out parameter which will possibly be resized |
offset | an offset into blocks to begin processing |
Definition at line 149 of file cipher_mode.h.
References BOTAN_ASSERT.
|
finalvirtual |
The :cpp:class:Cipher_Mode
interface requires message processing in multiples of the block size. This returns size of required blocks to update. If the mode implementation does not require buffering it will return 1.
Implements Botan::Cipher_Mode.
Definition at line 47 of file cfb.cpp.
References feedback().
|
inlineinherited |
Check whether a given key length is valid for this algorithm.
length | the key length to be checked. |
Definition at line 107 of file sym_algo.h.
Referenced by Botan::SymmetricAlgorithm::set_key().
|
finalvirtual |
Implements Botan::Cipher_Mode.
Definition at line 68 of file cfb.cpp.
References block_size().
|
protected |
Definition at line 56 of file cfb.h.
Referenced by clear(), reset(), and shift_register().
|
protected |
Definition at line 57 of file cfb.h.
Referenced by shift_register().
|
protected |
Definition at line 55 of file cfb.h.
Referenced by reset(), and shift_register().