Botan::GHASH Class Reference

#include <ghash.h>

Inheritance diagram for Botan::GHASH:

Public Member Functions
void	clear () override
void	final (std::span< uint8_t > out)
bool	has_keying_material () const override
Key_Length_Specification	key_spec () const override
size_t	maximum_keylength () const
size_t	minimum_keylength () const
std::string	name () const override
void	nonce_hash (std::span< uint8_t, GCM_BS > y0, std::span< const uint8_t > nonce)
	Hashing of non-default length nonce values for both GCM and GMAC use-cases.
std::string	provider () const
void	reset ()
void	set_associated_data (std::span< const uint8_t > ad)
	Monolithic setting of associated data usid in the GCM use-case.
void	set_key (const OctetString &key)
void	set_key (const uint8_t key[], size_t length)
void	set_key (std::span< const uint8_t > key)
void	start (std::span< const uint8_t > nonce)
void	update (std::span< const uint8_t > in)
void	update_associated_data (std::span< const uint8_t > ad)
	Incremental update of associated data used in the GMAC use-case.
bool	valid_keylength (size_t length) const

Protected Member Functions
void	assert_key_material_set () const
void	assert_key_material_set (bool predicate) const

Detailed Description

GCM's GHASH

Definition at line 19 of file ghash.h.

Member Function Documentation

assert_key_material_set() [1/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( ) const

inlineprotectedinherited

Definition at line 141 of file sym_algo.h.

{ assert_key_material_set(has_keying_material()); }

References assert_key_material_set(), and has_keying_material().

Referenced by assert_key_material_set(), Botan::Salsa20::cipher_bytes(), Botan::Lion::decrypt_n(), Botan::Lion::encrypt_n(), Botan::GHASH::final(), Botan::GHASH::nonce_hash(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::GHASH::set_associated_data(), Botan::OCB_Mode::set_associated_data_n(), Botan::Salsa20::set_iv_bytes(), Botan::GHASH::update(), and Botan::GHASH::update_associated_data().

assert_key_material_set() [2/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( bool predicate ) const

inlineprotectedinherited

Definition at line 143 of file sym_algo.h.

                                                         {
         if(!predicate) {
            throw_key_not_set_error();
         }
      }

clear()

void Botan::GHASH::clear ( )

overridevirtual

Reset the internal state. This includes not just the key, but any partial message that may have been in process.

Implements Botan::SymmetricAlgorithm.

Definition at line 190 of file ghash.cpp.

                  {
   zap(m_HM);
   zap(m_H_pow);
   reset();
}

References reset(), and Botan::zap().

final()

void Botan::GHASH::final

(

std::span< uint8_t >

out

)

Definition at line 166 of file ghash.cpp.

                                      {
   BOTAN_ARG_CHECK(!mac.empty() && mac.size() <= GCM_BS, "GHASH output length");
   BOTAN_STATE_CHECK(m_nonce);
   assert_key_material_set();
 
   ghash_zeropad(m_ghash);
   ghash_final_block(m_ghash, m_ad_len, m_text_len);
 
   xor_buf(mac, std::span{m_ghash}.first(mac.size()), std::span{*m_nonce}.first(mac.size()));
 
   secure_scrub_memory(m_ghash);
   m_text_len = 0;
   m_nonce.reset();
}

References Botan::SymmetricAlgorithm::assert_key_material_set(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::secure_scrub_memory(), and Botan::xor_buf().

has_keying_material()

bool Botan::GHASH::has_keying_material ( ) const

overridevirtual

Returns

true if a key has been set on this object

Implements Botan::SymmetricAlgorithm.

Definition at line 88 of file ghash.cpp.

                                      {
   return !m_HM.empty() || !m_H_pow.empty();
}

key_spec()

Key_Length_Specification Botan::GHASH::key_spec ( ) const

inlineoverridevirtual

Returns

object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 39 of file ghash.h.

{ return Key_Length_Specification(16); }

maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const

inlineinherited

Returns

maximum allowed key length

Definition at line 97 of file sym_algo.h.

{ return key_spec().maximum_keylength(); }

References key_spec().

minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const

inlineinherited

Returns

minimum allowed key length

Definition at line 102 of file sym_algo.h.

{ return key_spec().minimum_keylength(); }

References key_spec().

name()

std::string Botan::GHASH::name ( ) const

inlineoverridevirtual

Returns

the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 47 of file ghash.h.

{ return "GHASH"; }

nonce_hash()

void Botan::GHASH::nonce_hash	(	std::span< uint8_t, GCM_BS >	y0,
		std::span< const uint8_t >	nonce )

Hashing of non-default length nonce values for both GCM and GMAC use-cases.

Definition at line 181 of file ghash.cpp.

                                                                                {
   assert_key_material_set();
   BOTAN_STATE_CHECK(!m_nonce);
 
   ghash_update(y0, nonce);
   ghash_zeropad(y0);
   ghash_final_block(y0, 0, nonce.size());
}

References Botan::SymmetricAlgorithm::assert_key_material_set(), and BOTAN_STATE_CHECK.

provider()

std::string Botan::GHASH::provider

(

)

const

Definition at line 23 of file ghash.cpp.

                                {
#if defined(BOTAN_HAS_GHASH_CLMUL_CPU)
   if(CPUID::has(CPUID::Feature::HW_CLMUL)) {
      return "clmul";
   }
#endif
 
#if defined(BOTAN_HAS_GHASH_CLMUL_VPERM)
   if(CPUID::has(CPUID::Feature::SIMD_4X32)) {
      return "vperm";
   }
#endif
 
   return "base";
}

References Botan::CPUID::has(), Botan::CPUFeature::HW_CLMUL, and Botan::CPUFeature::SIMD_4X32.

reset()

void Botan::GHASH::reset

(

)

Definition at line 196 of file ghash.cpp.

                  {
   m_H_ad = {0};
   secure_scrub_memory(m_ghash);
   if(m_nonce) {
      secure_scrub_memory(m_nonce.value());
      m_nonce.reset();
   }
   m_buffer.clear();
   m_text_len = m_ad_len = 0;
}

References Botan::secure_scrub_memory().

Referenced by clear().

set_associated_data()

void Botan::GHASH::set_associated_data

(

std::span< const uint8_t >

ad

)

Monolithic setting of associated data usid in the GCM use-case.

Definition at line 143 of file ghash.cpp.

                                                            {
   BOTAN_STATE_CHECK(!m_nonce);
 
   assert_key_material_set();
   m_H_ad = {0};
   ghash_update(m_H_ad, input);
   ghash_zeropad(m_H_ad);
   m_ad_len = input.size();
}

References Botan::SymmetricAlgorithm::assert_key_material_set(), and BOTAN_STATE_CHECK.

set_key() [1/3]

void Botan::SymmetricAlgorithm::set_key ( const OctetString & key )

inherited

Set the symmetric key of this object.

Parameters

key	the SymmetricKey to be set.

Definition at line 14 of file sym_algo.cpp.

                                                       {
   set_key(std::span{key.begin(), key.length()});
}

References Botan::OctetString::begin(), Botan::OctetString::length(), and set_key().

Referenced by Botan::create_aes_row_generator(), Botan::Sodium::crypto_stream_salsa20(), Botan::Sodium::crypto_stream_salsa20_xor_ic(), Botan::Sodium::crypto_stream_xsalsa20(), Botan::Sodium::crypto_stream_xsalsa20_xor_ic(), Botan::FPE::fe1_decrypt(), Botan::FPE::fe1_encrypt(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), Botan::Sodium::randombytes_buf_deterministic(), and set_key().

set_key() [2/3]

void Botan::SymmetricAlgorithm::set_key ( const uint8_t key[], size_t length )

inlineinherited

Set the symmetric key of this object.

Parameters

key	the to be set as a byte array.
length	in bytes of key param

Definition at line 128 of file sym_algo.h.

{ set_key(std::span{key, length}); }

References set_key().

Referenced by set_key().

set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( std::span< const uint8_t > key )

inherited

Set the symmetric key of this object.

Parameters

key	the contiguous byte range to be set.

Definition at line 22 of file sym_algo.cpp.

                                                           {
   if(!valid_keylength(key.size())) {
      throw Invalid_Key_Length(name(), key.size());
   }
   key_schedule(key);
}

References name(), and valid_keylength().

start()

void Botan::GHASH::start

(

std::span< const uint8_t >

nonce

)

Definition at line 136 of file ghash.cpp.

                                              {
   BOTAN_ARG_CHECK(nonce.size() == 16, "GHASH requires a 128-bit nonce");
   auto& n = m_nonce.emplace();
   copy_mem(n, nonce);
   copy_mem(m_ghash, m_H_ad);
}

References BOTAN_ARG_CHECK, and Botan::copy_mem().

update()

void Botan::GHASH::update

(

std::span< const uint8_t >

in

)

Definition at line 159 of file ghash.cpp.

                                               {
   assert_key_material_set();
   BOTAN_STATE_CHECK(m_nonce);
   ghash_update(m_ghash, input);
   m_text_len += input.size();
}

References Botan::SymmetricAlgorithm::assert_key_material_set(), and BOTAN_STATE_CHECK.

update_associated_data()

void Botan::GHASH::update_associated_data

(

std::span< const uint8_t >

ad

)

Incremental update of associated data used in the GMAC use-case.

Definition at line 153 of file ghash.cpp.

                                                            {
   assert_key_material_set();
   ghash_update(m_ghash, ad);
   m_ad_len += ad.size();
}

References Botan::SymmetricAlgorithm::assert_key_material_set().

valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t length ) const

inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters

length

the key length to be checked.

Returns

true if the key length is valid.

Definition at line 109 of file sym_algo.h.

{ return key_spec().valid_keylength(length); }

References key_spec().

Referenced by set_key().

---

The documentation for this class was generated from the following files:

• src/lib/utils/ghash/ghash.h
• src/lib/utils/ghash/ghash.cpp
• src/lib/utils/ghash/ghash_cpu/ghash_cpu.cpp
• src/lib/utils/ghash/ghash_vperm/ghash_vperm.cpp