Botan  1.11.32
Public Types | Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::EAX_Decryption Class Referencefinal

#include <eax.h>

Inheritance diagram for Botan::EAX_Decryption:
Botan::EAX_Mode Botan::AEAD_Mode Botan::Cipher_Mode

Public Types

typedef SCAN_Name Spec
 

Public Member Functions

bool authenticated () const override
 
void clear () override
 
size_t default_nonce_length () const override
 
 EAX_Decryption (BlockCipher *cipher, size_t tag_size=0)
 
void finish (secure_vector< byte > &final_block, size_t offset=0) override
 
Key_Length_Specification key_spec () const override
 
size_t minimum_final_size () const override
 
std::string name () const override
 
size_t output_length (size_t input_length) const override
 
size_t process (uint8_t buf[], size_t size) override
 
virtual std::string provider () const
 
template<typename Alloc >
void set_ad (const std::vector< byte, Alloc > &ad)
 
void set_associated_data (const byte ad[], size_t ad_len) override
 
template<typename Alloc >
void set_associated_data_vec (const std::vector< byte, Alloc > &ad)
 
template<typename Alloc >
void set_key (const std::vector< byte, Alloc > &key)
 
void set_key (const SymmetricKey &key)
 
void set_key (const byte key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< byte, Alloc > &nonce)
 
void start (const byte nonce[], size_t nonce_len)
 
void start ()
 
size_t tag_size () const override
 
void update (secure_vector< byte > &buffer, size_t offset=0)
 
size_t update_granularity () const override
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t) const override
 

Protected Member Functions

size_t block_size () const
 

Protected Attributes

secure_vector< bytem_ad_mac
 
std::unique_ptr< BlockCipherm_cipher
 
std::unique_ptr< MessageAuthenticationCodem_cmac
 
std::unique_ptr< StreamCipherm_ctr
 
secure_vector< bytem_nonce_mac
 
size_t m_tag_size
 

Detailed Description

EAX Decryption

Definition at line 88 of file eax.h.

Member Typedef Documentation

§ Spec

Definition at line 27 of file cipher_mode.h.

Constructor & Destructor Documentation

§ EAX_Decryption()

Botan::EAX_Decryption::EAX_Decryption ( BlockCipher cipher,
size_t  tag_size = 0 
)
inline
Parameters
ciphera 128-bit block cipher
tag_sizeis how big the auth tag will be

Definition at line 95 of file eax.h.

95  :
96  EAX_Mode(cipher, tag_size) {}
EAX_Mode(BlockCipher *cipher, size_t tag_size)
Definition: eax.cpp:37
size_t tag_size() const override
Definition: eax.h:35

Member Function Documentation

§ authenticated()

bool Botan::AEAD_Mode::authenticated ( ) const
inlineoverridevirtualinherited

Returns true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 25 of file aead.h.

25 { return true; }

§ block_size()

size_t Botan::EAX_Mode::block_size ( ) const
inlineprotectedinherited

Definition at line 45 of file eax.h.

Referenced by Botan::EAX_Mode::key_spec(), and Botan::EAX_Mode::set_associated_data().

45 { return m_cipher->block_size(); }
std::unique_ptr< BlockCipher > m_cipher
Definition: eax.h:49

§ clear()

void Botan::EAX_Mode::clear ( )
overridevirtualinherited

Implements Botan::Cipher_Mode.

Definition at line 47 of file eax.cpp.

References Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cipher, Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, and Botan::zeroise().

48  {
49  m_cipher.reset();
50  m_ctr.reset();
51  m_cmac.reset();
54  }
std::unique_ptr< BlockCipher > m_cipher
Definition: eax.h:49
secure_vector< byte > m_nonce_mac
Definition: eax.h:55
secure_vector< byte > m_ad_mac
Definition: eax.h:53
std::unique_ptr< MessageAuthenticationCode > m_cmac
Definition: eax.h:51
std::unique_ptr< StreamCipher > m_ctr
Definition: eax.h:50
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:194

§ default_nonce_length()

size_t Botan::AEAD_Mode::default_nonce_length ( ) const
inlineoverridevirtualinherited

Default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely).

Implements Botan::Cipher_Mode.

Reimplemented in Botan::CCM_Mode.

Definition at line 57 of file aead.h.

References Botan::get_aead().

57 { return 12; }

§ finish()

void Botan::EAX_Decryption::finish ( secure_vector< byte > &  final_block,
size_t  offset = 0 
)
overridevirtual

Complete processing of a message.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Implements Botan::Cipher_Mode.

Definition at line 133 of file eax.cpp.

References BOTAN_ASSERT, Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, Botan::same_mem(), and Botan::EAX_Mode::tag_size().

134  {
135  BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
136  const size_t sz = buffer.size() - offset;
137  byte* buf = buffer.data() + offset;
138 
139  BOTAN_ASSERT(sz >= tag_size(), "Have the tag as part of final input");
140 
141  const size_t remaining = sz - tag_size();
142 
143  if(remaining)
144  {
145  m_cmac->update(buf, remaining);
146  m_ctr->cipher(buf, buf, remaining);
147  }
148 
149  const byte* included_tag = &buf[remaining];
150 
151  secure_vector<byte> mac = m_cmac->final();
152  mac ^= m_nonce_mac;
153  mac ^= m_ad_mac;
154 
155  if(!same_mem(mac.data(), included_tag, tag_size()))
156  throw Integrity_Failure("EAX tag check failed");
157 
158  buffer.resize(offset + remaining);
159  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:73
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
secure_vector< byte > m_nonce_mac
Definition: eax.h:55
size_t tag_size() const override
Definition: eax.h:35
secure_vector< byte > m_ad_mac
Definition: eax.h:53
std::unique_ptr< MessageAuthenticationCode > m_cmac
Definition: eax.h:51
std::unique_ptr< StreamCipher > m_ctr
Definition: eax.h:50
std::uint8_t byte
Definition: types.h:31

§ key_spec()

Key_Length_Specification Botan::EAX_Mode::key_spec ( ) const
overridevirtualinherited
Returns
object describing limits on key size

Implements Botan::Cipher_Mode.

Definition at line 66 of file eax.cpp.

References Botan::EAX_Mode::block_size(), Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cipher, Botan::EAX_Mode::m_cmac, and Botan::EAX_Mode::m_ctr.

67  {
68  return m_cipher->key_spec();
69  }
std::unique_ptr< BlockCipher > m_cipher
Definition: eax.h:49

§ minimum_final_size()

size_t Botan::EAX_Decryption::minimum_final_size ( ) const
inlineoverridevirtual
Returns
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Cipher_Mode.

Definition at line 104 of file eax.h.

104 { return tag_size(); }
size_t tag_size() const override
Definition: eax.h:35

§ name()

std::string Botan::EAX_Mode::name ( ) const
overridevirtualinherited

Implements Botan::Cipher_Mode.

Definition at line 56 of file eax.cpp.

References Botan::EAX_Mode::m_cipher.

Referenced by Botan::EAX_Mode::EAX_Mode(), and Botan::EAX_Mode::set_associated_data().

57  {
58  return (m_cipher->name() + "/EAX");
59  }
std::unique_ptr< BlockCipher > m_cipher
Definition: eax.h:49

§ output_length()

size_t Botan::EAX_Decryption::output_length ( size_t  input_length) const
inlineoverridevirtual

Returns the size of the output if this transform is used to process a message with input_length bytes. Will throw if unable to give a precise answer.

Implements Botan::Cipher_Mode.

Definition at line 98 of file eax.h.

References BOTAN_ASSERT.

99  {
100  BOTAN_ASSERT(input_length > tag_size(), "Sufficient input");
101  return input_length - tag_size();
102  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
size_t tag_size() const override
Definition: eax.h:35

§ process()

size_t Botan::EAX_Decryption::process ( uint8_t  msg[],
size_t  msg_len 
)
overridevirtual

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processes) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass.

Implements Botan::Cipher_Mode.

Definition at line 126 of file eax.cpp.

References Botan::EAX_Mode::m_cmac, and Botan::EAX_Mode::m_ctr.

127  {
128  m_cmac->update(buf, sz);
129  m_ctr->cipher(buf, buf, sz);
130  return sz;
131  }
std::unique_ptr< MessageAuthenticationCode > m_cmac
Definition: eax.h:51
std::unique_ptr< StreamCipher > m_ctr
Definition: eax.h:50

§ provider()

virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 185 of file cipher_mode.h.

185 { return "base"; }

§ set_ad()

template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< byte, Alloc > &  ad)
inlineinherited

Definition at line 48 of file aead.h.

Referenced by Botan::TLS::write_record().

49  {
50  set_associated_data(ad.data(), ad.size());
51  }
virtual void set_associated_data(const byte ad[], size_t ad_len)=0

§ set_associated_data()

void Botan::EAX_Mode::set_associated_data ( const byte  ad[],
size_t  ad_len 
)
overridevirtualinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters
adthe associated data
ad_lenlength of add in bytes

Implements Botan::AEAD_Mode.

Definition at line 89 of file eax.cpp.

References Botan::EAX_Mode::block_size(), Botan::EAX_Mode::m_ad_mac, Botan::EAX_Mode::m_cmac, Botan::EAX_Mode::m_ctr, Botan::EAX_Mode::m_nonce_mac, Botan::EAX_Mode::name(), and Botan::EAX_Mode::valid_nonce_length().

90  {
91  m_ad_mac = eax_prf(1, block_size(), *m_cmac, ad, length);
92  }
size_t block_size() const
Definition: eax.h:45
secure_vector< byte > m_ad_mac
Definition: eax.h:53
std::unique_ptr< MessageAuthenticationCode > m_cmac
Definition: eax.h:51

§ set_associated_data_vec()

template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< byte, Alloc > &  ad)
inlineinherited

Definition at line 42 of file aead.h.

Referenced by Botan::TLS::write_record().

43  {
44  set_associated_data(ad.data(), ad.size());
45  }
virtual void set_associated_data(const byte ad[], size_t ad_len)=0

§ set_key() [1/3]

template<typename Alloc >
void Botan::Cipher_Mode::set_key ( const std::vector< byte, Alloc > &  key)
inlineinherited

Definition at line 159 of file cipher_mode.h.

Referenced by botan_cipher_set_key().

160  {
161  set_key(key.data(), key.size());
162  }
void set_key(const std::vector< byte, Alloc > &key)
Definition: cipher_mode.h:159

§ set_key() [2/3]

void Botan::Cipher_Mode::set_key ( const SymmetricKey key)
inlineinherited

Definition at line 164 of file cipher_mode.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

165  {
166  set_key(key.begin(), key.length());
167  }
void set_key(const std::vector< byte, Alloc > &key)
Definition: cipher_mode.h:159

§ set_key() [3/3]

void Botan::Cipher_Mode::set_key ( const byte  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material
lengthin bytes of key param

Definition at line 174 of file cipher_mode.h.

175  {
176  if(!valid_keylength(length))
177  throw Invalid_Key_Length(name(), length);
178  key_schedule(key, length);
179  }
virtual std::string name() const =0
bool valid_keylength(size_t length) const
Definition: cipher_mode.h:153

§ start() [1/3]

template<typename Alloc >
void Botan::Cipher_Mode::start ( const std::vector< byte, Alloc > &  nonce)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce

Definition at line 41 of file cipher_mode.h.

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

42  {
43  start_msg(nonce.data(), nonce.size());
44  }
virtual void start_msg(const byte nonce[], size_t nonce_len)=0

§ start() [2/3]

void Botan::Cipher_Mode::start ( const byte  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 51 of file cipher_mode.h.

52  {
53  start_msg(nonce, nonce_len);
54  }
virtual void start_msg(const byte nonce[], size_t nonce_len)=0

§ start() [3/3]

void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

Definition at line 59 of file cipher_mode.h.

60  {
61  return start_msg(nullptr, 0);
62  }
virtual void start_msg(const byte nonce[], size_t nonce_len)=0

§ tag_size()

size_t Botan::EAX_Mode::tag_size ( ) const
inlineoverridevirtualinherited

Return the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 35 of file eax.h.

Referenced by Botan::EAX_Encryption::finish(), and finish().

35 { return m_tag_size; }
size_t m_tag_size
Definition: eax.h:47

§ update()

void Botan::Cipher_Mode::update ( secure_vector< byte > &  buffer,
size_t  offset = 0 
)
inlineinherited

Process some data. Input must be in size update_granularity() byte blocks.

Parameters
blocksin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 81 of file cipher_mode.h.

References BOTAN_ASSERT.

Referenced by botan_cipher_update(), Botan::ECB_Encryption::finish(), Botan::XTS_Encryption::finish(), Botan::CFB_Encryption::finish(), Botan::CBC_Encryption::finish(), Botan::ChaCha20Poly1305_Encryption::finish(), Botan::XTS_Decryption::finish(), Botan::ECB_Decryption::finish(), Botan::EAX_Encryption::finish(), Botan::CFB_Decryption::finish(), Botan::CTS_Encryption::finish(), Botan::CBC_Decryption::finish(), and Botan::CTS_Decryption::finish().

82  {
83  BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
84  byte* buf = buffer.data() + offset;
85  const size_t buf_size = buffer.size() - offset;
86 
87  const size_t written = process(buf, buf_size);
88  buffer.resize(offset + written);
89  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
virtual size_t process(uint8_t msg[], size_t msg_len)=0
std::uint8_t byte
Definition: types.h:31

§ update_granularity()

size_t Botan::EAX_Mode::update_granularity ( ) const
overridevirtualinherited
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 61 of file eax.cpp.

62  {
63  return 1;
64  }

§ valid_keylength()

bool Botan::Cipher_Mode::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 153 of file cipher_mode.h.

154  {
155  return key_spec().valid_keylength(length);
156  }
virtual Key_Length_Specification key_spec() const =0
bool valid_keylength(size_t length) const
Definition: key_spec.h:51

§ valid_nonce_length()

bool Botan::EAX_Mode::valid_nonce_length ( size_t  nonce_len) const
inlineoverridevirtualinherited

Return true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 33 of file eax.h.

Referenced by Botan::EAX_Mode::set_associated_data().

33 { return true; }

Member Data Documentation

§ m_ad_mac

secure_vector<byte> Botan::EAX_Mode::m_ad_mac
protectedinherited

§ m_cipher

std::unique_ptr<BlockCipher> Botan::EAX_Mode::m_cipher
protectedinherited

Definition at line 49 of file eax.h.

Referenced by Botan::EAX_Mode::clear(), Botan::EAX_Mode::key_spec(), and Botan::EAX_Mode::name().

§ m_cmac

std::unique_ptr<MessageAuthenticationCode> Botan::EAX_Mode::m_cmac
protectedinherited

§ m_ctr

std::unique_ptr<StreamCipher> Botan::EAX_Mode::m_ctr
protectedinherited

§ m_nonce_mac

secure_vector<byte> Botan::EAX_Mode::m_nonce_mac
protectedinherited

§ m_tag_size

size_t Botan::EAX_Mode::m_tag_size
protectedinherited

Definition at line 47 of file eax.h.


The documentation for this class was generated from the following files: