Botan 3.2.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::MessageAuthenticationCode Class Referenceabstract

#include <mac.h>

Inheritance diagram for Botan::MessageAuthenticationCode:
Botan::Buffered_Computation Botan::SymmetricAlgorithm Botan::ANSI_X919_MAC Botan::BLAKE2bMAC Botan::CMAC Botan::GMAC Botan::HMAC Botan::KMAC Botan::Poly1305 Botan::SipHash

Public Member Functions

virtual void clear ()=0
 
MessageAuthenticationCodeclone () const
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T final ()
 
void final (std::span< uint8_t > out)
 
template<concepts::resizable_byte_buffer T>
void final (T &out)
 
void final (uint8_t out[])
 
std::vector< uint8_t > final_stdvec ()
 
virtual bool fresh_key_required_per_message () const
 
virtual bool has_keying_material () const =0
 
virtual Key_Length_Specification key_spec () const =0
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
virtual std::string name () const =0
 
virtual std::unique_ptr< MessageAuthenticationCodenew_object () const =0
 
virtual size_t output_length () const =0
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T process (const uint8_t in[], size_t length)
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T process (std::span< const uint8_t > in)
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T process (std::string_view in)
 
virtual std::string provider () const
 
void set_key (const SymmetricKey &key)
 
void set_key (const uint8_t key[], size_t length)
 
void set_key (std::span< const uint8_t > key)
 
void start ()
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start (std::span< const uint8_t > nonce)
 
void update (const uint8_t in[], size_t length)
 
void update (std::span< const uint8_t > in)
 
void update (std::string_view str)
 
void update (uint8_t in)
 
void update_be (uint16_t val)
 
void update_be (uint32_t val)
 
void update_be (uint64_t val)
 
void update_le (uint16_t val)
 
void update_le (uint32_t val)
 
void update_le (uint64_t val)
 
bool valid_keylength (size_t length) const
 
bool verify_mac (const uint8_t in[], size_t length)
 
bool verify_mac (std::span< const uint8_t > in)
 
 ~MessageAuthenticationCode () override=default
 

Static Public Member Functions

static std::unique_ptr< MessageAuthenticationCodecreate (std::string_view algo_spec, std::string_view provider="")
 
static std::unique_ptr< MessageAuthenticationCodecreate_or_throw (std::string_view algo_spec, std::string_view provider="")
 
static std::vector< std::string > providers (std::string_view algo_spec)
 

Protected Member Functions

void assert_key_material_set () const
 
void assert_key_material_set (bool predicate) const
 
virtual void start_msg (std::span< const uint8_t > nonce)
 
virtual bool verify_mac_result (std::span< const uint8_t > in)
 

Detailed Description

This class represents Message Authentication Code (MAC) objects.

Definition at line 22 of file mac.h.

Constructor & Destructor Documentation

◆ ~MessageAuthenticationCode()

Botan::MessageAuthenticationCode::~MessageAuthenticationCode ( )
overridedefault

Member Function Documentation

◆ assert_key_material_set() [1/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( ) const
inlineprotectedinherited

Definition at line 139 of file sym_algo.h.

139{ assert_key_material_set(has_keying_material()); }
Botan::SymmetricAlgorithm::has_keying_material
virtual bool has_keying_material() const =0
Botan::SymmetricAlgorithm::assert_key_material_set
void assert_key_material_set() const
Definition sym_algo.h:139

References Botan::SymmetricAlgorithm::assert_key_material_set().

Referenced by Botan::SymmetricAlgorithm::assert_key_material_set(), Botan::Salsa20::cipher_bytes(), Botan::AES_128::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::DES::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::Kuznyechik::decrypt_n(), Botan::Lion::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::AES_128::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::DES::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::Kuznyechik::encrypt_n(), Botan::Lion::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::GHASH::final(), Botan::GHASH::ghash_update(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::OCB_Mode::set_associated_data_n(), Botan::Salsa20::set_iv_bytes(), Botan::GHASH::update(), and Botan::GHASH::update_associated_data().

◆ assert_key_material_set() [2/2]

void Botan::SymmetricAlgorithm::assert_key_material_set ( bool  predicate) const
inlineprotectedinherited

Definition at line 141 of file sym_algo.h.

141 {
142 if(!predicate) {
143 throw_key_not_set_error();
144 }
145 }

◆ clear()

virtual void Botan::SymmetricAlgorithm::clear ( )
pure virtualinherited

Reset the internal state. This includes not just the key, but any partial message that may have been in process.

Implemented in Botan::KMAC, Botan::CCM_Mode, Botan::EAX_Mode, Botan::CBC_Mode, Botan::CFB_Mode, Botan::XTS_Mode, Botan::SHAKE_Cipher, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode, Botan::AES_128, Botan::AES_192, Botan::AES_256, Botan::ARIA_128, Botan::ARIA_192, Botan::ARIA_256, Botan::Blowfish, Botan::Camellia_128, Botan::Camellia_192, Botan::Camellia_256, Botan::Cascade_Cipher, Botan::CAST_128, Botan::DES, Botan::TripleDES, Botan::GOST_28147_89, Botan::IDEA, Botan::Kuznyechik, Botan::Lion, Botan::Noekeon, Botan::SEED, Botan::Serpent, Botan::SHACAL2, Botan::SM4, Botan::Threefish_512, Botan::Twofish, Botan::BLAKE2b, Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::Poly1305, Botan::SipHash, Botan::ANSI_X919_MAC, Botan::FPE_FE1, Botan::ChaCha20Poly1305_Mode, Botan::ChaCha, Botan::CTR_BE, Botan::OFB, Botan::RC4, Botan::Salsa20, Botan::GHASH, Botan::GCM_Mode, Botan::OCB_Mode, and Botan::SIV_Mode.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

◆ clone()

MessageAuthenticationCode * Botan::MessageAuthenticationCode::clone ( ) const
inline

Get a new object representing the same algorithm as *this

Definition at line 102 of file mac.h.

102{ return this->new_object().release(); }
Botan::MessageAuthenticationCode::new_object
virtual std::unique_ptr< MessageAuthenticationCode > new_object() const =0

◆ create()

std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create ( std::string_view  algo_spec,
std::string_view  provider = "" 
)
static

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 50 of file mac.cpp.

51 {
52 const SCAN_Name req(algo_spec);
53
54#if defined(BOTAN_HAS_BLAKE2BMAC)
55 if(req.algo_name() == "Blake2b" || req.algo_name() == "BLAKE2b") {
56 return std::make_unique<BLAKE2bMAC>(req.arg_as_integer(0, 512));
57 }
58#endif
59
60#if defined(BOTAN_HAS_GMAC)
61 if(req.algo_name() == "GMAC" && req.arg_count() == 1) {
62 if(provider.empty() || provider == "base") {
63 if(auto bc = BlockCipher::create(req.arg(0))) {
64 return std::make_unique<GMAC>(std::move(bc));
65 }
66 }
67 }
68#endif
69
70#if defined(BOTAN_HAS_HMAC)
71 if(req.algo_name() == "HMAC" && req.arg_count() == 1) {
72 if(provider.empty() || provider == "base") {
73 if(auto hash = HashFunction::create(req.arg(0))) {
74 return std::make_unique<HMAC>(std::move(hash));
75 }
76 }
77 }
78#endif
79
80#if defined(BOTAN_HAS_POLY1305)
81 if(req.algo_name() == "Poly1305" && req.arg_count() == 0) {
82 if(provider.empty() || provider == "base") {
83 return std::make_unique<Poly1305>();
84 }
85 }
86#endif
87
88#if defined(BOTAN_HAS_SIPHASH)
89 if(req.algo_name() == "SipHash") {
90 if(provider.empty() || provider == "base") {
91 return std::make_unique<SipHash>(req.arg_as_integer(0, 2), req.arg_as_integer(1, 4));
92 }
93 }
94#endif
95
96#if defined(BOTAN_HAS_CMAC)
97 if((req.algo_name() == "CMAC" || req.algo_name() == "OMAC") && req.arg_count() == 1) {
98 if(provider.empty() || provider == "base") {
99 if(auto bc = BlockCipher::create(req.arg(0))) {
100 return std::make_unique<CMAC>(std::move(bc));
101 }
102 }
103 }
104#endif
105
106#if defined(BOTAN_HAS_ANSI_X919_MAC)
107 if(req.algo_name() == "X9.19-MAC") {
108 if(provider.empty() || provider == "base") {
109 return std::make_unique<ANSI_X919_MAC>();
110 }
111 }
112#endif
113
114#if defined(BOTAN_HAS_KMAC)
115 if(req.algo_name() == "KMAC-128") {
116 if(provider.empty() || provider == "base") {
117 if(req.arg_count() != 1) {
118 throw Invalid_Argument(
119 "invalid algorithm specification for KMAC-128: need exactly one argument for output bit length");
120 }
121 return std::make_unique<KMAC128>(req.arg_as_integer(0));
122 }
123 }
124
125 if(req.algo_name() == "KMAC-256") {
126 if(provider.empty() || provider == "base") {
127 if(req.arg_count() != 1) {
128 throw Invalid_Argument(
129 "invalid algorithm specification for KMAC-256: need exactly one argument for output bit length");
130 }
131 return std::make_unique<KMAC256>(req.arg_as_integer(0));
132 }
133 }
134#endif
135
136 BOTAN_UNUSED(req);
137 BOTAN_UNUSED(provider);
138
139 return nullptr;
140}
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:118
Botan::BlockCipher::create
static std::unique_ptr< BlockCipher > create(std::string_view algo_spec, std::string_view provider="")
Definition block_cipher.cpp:91
Botan::HashFunction::create
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition hash.cpp:103
Botan::MessageAuthenticationCode::provider
virtual std::string provider() const
Definition mac.h:108

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::BlockCipher::create(), Botan::HashFunction::create(), and provider().

Referenced by botan_mac_init(), Botan::KDF::create(), Botan::PBKDF::create(), Botan::PasswordHashFamily::create(), and create_or_throw().

◆ create_or_throw()

std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::create_or_throw ( std::string_view  algo_spec,
std::string_view  provider = "" 
)
static

Definition at line 147 of file mac.cpp.

148 {
149 if(auto mac = MessageAuthenticationCode::create(algo, provider)) {
150 return mac;
151 }
152 throw Lookup_Error("MAC", algo, provider);
153}
Botan::MessageAuthenticationCode::create
static std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")
Definition mac.cpp:50

References create(), and provider().

Referenced by Botan::ChaCha_RNG::ChaCha_RNG(), Botan::ChaCha_RNG::ChaCha_RNG(), Botan::ChaCha_RNG::ChaCha_RNG(), Botan::ChaCha_RNG::ChaCha_RNG(), Botan::ChaCha_RNG::ChaCha_RNG(), Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::ECIES_System_Params::create_mac(), Botan::Sodium::crypto_auth_hmacsha256(), Botan::Sodium::crypto_auth_hmacsha512(), Botan::Sodium::crypto_auth_hmacsha512256(), Botan::Sodium::crypto_onetimeauth_poly1305(), Botan::Sodium::crypto_secretbox_detached(), Botan::Sodium::crypto_secretbox_open_detached(), Botan::Sodium::crypto_secretbox_xsalsa20poly1305(), Botan::Sodium::crypto_secretbox_xsalsa20poly1305_open(), Botan::Sodium::crypto_shorthash_siphash24(), Botan::TLS::Session::decrypt(), Botan::CryptoBox::decrypt_bin(), Botan::Scrypt::derive_key(), Botan::TLS::Session::encrypt(), Botan::CryptoBox::encrypt(), Botan::Encrypted_PSK_Database::Encrypted_PSK_Database(), Botan::FPE_FE1::FPE_FE1(), Botan::TLS::Hello_Verify_Request::Hello_Verify_Request(), Botan::hkdf_expand_label(), Botan::HOTP::HOTP(), and Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator().

◆ final() [1/4]

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::Buffered_Computation::final ( )
inlineinherited

Complete the computation and retrieve the final result as a container of your choice.

Returns
a contiguous container holding the result

Definition at line 77 of file buf_comp.h.

77 {
78 T output(output_length());
79 final_result(output);
80 return output;
81 }
Botan::Buffered_Computation::output_length
virtual size_t output_length() const =0
T
FE_25519 T
Definition ge.cpp:34

References T.

◆ final() [2/4]

void Botan::Buffered_Computation::final ( std::span< uint8_t >  out)
inlineinherited

Definition at line 85 of file buf_comp.h.

85 {
86 BOTAN_ARG_CHECK(out.size() >= output_length(), "provided output buffer has insufficient capacity");
87 final_result(out);
88 }
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29

References BOTAN_ARG_CHECK.

◆ final() [3/4]

template<concepts::resizable_byte_buffer T>
void Botan::Buffered_Computation::final ( T out)
inlineinherited

Definition at line 91 of file buf_comp.h.

91 {
92 out.resize(output_length());
93 final_result(out);
94 }

◆ final() [4/4]

void Botan::Buffered_Computation::final ( uint8_t  out[])
inlineinherited

Complete the computation and retrieve the final result.

Parameters
outThe byte array to be filled with the result. Must be of length output_length()

Definition at line 69 of file buf_comp.h.

69{ final_result({out, output_length()}); }

Referenced by Botan::ed25519_gen_keypair(), Botan::ed25519_sign(), Botan::ed25519_verify(), Botan::mgf1_mask(), Botan::pbkdf2(), Botan::Dilithium::Polynomial::poly_challenge(), Botan::Kyber_Modern_Symmetric_Primitives::PRF(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), Botan::Sphincs_Hash_Functions_Shake::PRF_msg(), and Botan::sm2_compute_za().

◆ final_stdvec()

std::vector< uint8_t > Botan::Buffered_Computation::final_stdvec ( )
inlineinherited

Definition at line 83 of file buf_comp.h.

83{ return final<std::vector<uint8_t>>(); }

◆ fresh_key_required_per_message()

virtual bool Botan::MessageAuthenticationCode::fresh_key_required_per_message ( ) const
inlinevirtual
Returns
if a fresh key must be set for each message that is processed.

This is required for certain polynomial-based MACs which are insecure if a key is ever reused for two different messages.

Reimplemented in Botan::Poly1305.

Definition at line 116 of file mac.h.

116{ return false; }

◆ has_keying_material()

virtual bool Botan::SymmetricAlgorithm::has_keying_material ( ) const
pure virtualinherited
Returns
true if a key has been set on this object

Implemented in Botan::KMAC, Botan::CCM_Mode, Botan::ChaCha20Poly1305_Mode, Botan::EAX_Mode, Botan::CBC_Mode, Botan::CFB_Mode, Botan::XTS_Mode, Botan::SHAKE_Cipher, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode, Botan::AES_128, Botan::AES_192, Botan::AES_256, Botan::ARIA_128, Botan::ARIA_192, Botan::ARIA_256, Botan::Blowfish, Botan::Camellia_128, Botan::Camellia_192, Botan::Camellia_256, Botan::Cascade_Cipher, Botan::CAST_128, Botan::DES, Botan::TripleDES, Botan::GOST_28147_89, Botan::IDEA, Botan::Kuznyechik, Botan::Lion, Botan::Noekeon, Botan::SEED, Botan::Serpent, Botan::SHACAL2, Botan::SM4, Botan::Threefish_512, Botan::Twofish, Botan::BLAKE2b, Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::Poly1305, Botan::SipHash, Botan::ANSI_X919_MAC, Botan::FPE_FE1, Botan::ChaCha, Botan::CTR_BE, Botan::OFB, Botan::RC4, Botan::Salsa20, Botan::GHASH, Botan::GCM_Mode, Botan::OCB_Mode, and Botan::SIV_Mode.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::has_keying_material().

◆ key_spec()

virtual Key_Length_Specification Botan::SymmetricAlgorithm::key_spec ( ) const
pure virtualinherited
Returns
object describing limits on key size

Implemented in Botan::Block_Cipher_Fixed_Params< BS, KMIN, KMAX, KMOD, BaseClass >, Botan::Block_Cipher_Fixed_Params< 16, 16 >, Botan::Block_Cipher_Fixed_Params< 16, 16, 32, 8 >, Botan::Block_Cipher_Fixed_Params< 16, 24 >, Botan::Block_Cipher_Fixed_Params< 16, 32 >, Botan::Block_Cipher_Fixed_Params< 32, 16, 64, 4 >, Botan::Block_Cipher_Fixed_Params< 64, 64, 0, 1, Tweakable_Block_Cipher >, Botan::Block_Cipher_Fixed_Params< 8, 1, 56 >, Botan::Block_Cipher_Fixed_Params< 8, 11, 16 >, Botan::Block_Cipher_Fixed_Params< 8, 16 >, Botan::Block_Cipher_Fixed_Params< 8, 16, 24, 8 >, Botan::Block_Cipher_Fixed_Params< 8, 32 >, Botan::Block_Cipher_Fixed_Params< 8, 8 >, Botan::KMAC, Botan::CCM_Mode, Botan::EAX_Mode, Botan::CBC_Mode, Botan::CFB_Mode, Botan::XTS_Mode, Botan::SHAKE_Cipher, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode, Botan::Cascade_Cipher, Botan::Lion, Botan::BLAKE2b, Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::Poly1305, Botan::SipHash, Botan::ANSI_X919_MAC, Botan::FPE_FE1, Botan::ChaCha20Poly1305_Mode, Botan::ChaCha, Botan::CTR_BE, Botan::OFB, Botan::RC4, Botan::Salsa20, Botan::GHASH, Botan::GCM_Mode, Botan::OCB_Mode, and Botan::SIV_Mode.

Referenced by Botan::CBC_Mode::key_spec(), Botan::CFB_Mode::key_spec(), and Botan::XTS_Mode::key_spec().

◆ maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 95 of file sym_algo.h.

95{ return key_spec().maximum_keylength(); }
Botan::Key_Length_Specification::maximum_keylength
size_t maximum_keylength() const
Definition sym_algo.h:54
Botan::SymmetricAlgorithm::key_spec
virtual Key_Length_Specification key_spec() const =0

◆ minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 100 of file sym_algo.h.

100{ return key_spec().minimum_keylength(); }
Botan::Key_Length_Specification::minimum_keylength
size_t minimum_keylength() const
Definition sym_algo.h:49

◆ name()

virtual std::string Botan::SymmetricAlgorithm::name ( ) const
pure virtualinherited
Returns
the algorithm name

Implemented in Botan::CCM_Mode, Botan::EAX_Mode, Botan::CBC_Mode, Botan::CFB_Mode, Botan::XTS_Mode, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode, Botan::AES_128, Botan::AES_192, Botan::AES_256, Botan::ARIA_128, Botan::ARIA_192, Botan::ARIA_256, Botan::Blowfish, Botan::Camellia_128, Botan::Camellia_192, Botan::Camellia_256, Botan::Cascade_Cipher, Botan::CAST_128, Botan::DES, Botan::TripleDES, Botan::GOST_28147_89, Botan::IDEA, Botan::Kuznyechik, Botan::Lion, Botan::Noekeon, Botan::SEED, Botan::Serpent, Botan::SHACAL2, Botan::SM4, Botan::Threefish_512, Botan::Twofish, Botan::BLAKE2b, Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::KMAC128, Botan::KMAC256, Botan::Poly1305, Botan::SipHash, Botan::ANSI_X919_MAC, Botan::FPE_FE1, Botan::ChaCha20Poly1305_Mode, Botan::ChaCha, Botan::CTR_BE, Botan::OFB, Botan::RC4, Botan::Salsa20, Botan::SHAKE_128_Cipher, Botan::SHAKE_256_Cipher, Botan::GHASH, Botan::GCM_Mode, Botan::OCB_Mode, and Botan::SIV_Mode.

Referenced by Botan::XTS_Mode::name(), Botan::SymmetricAlgorithm::set_key(), and start_msg().

◆ new_object()

virtual std::unique_ptr< MessageAuthenticationCode > Botan::MessageAuthenticationCode::new_object ( ) const
pure virtual
Returns
new object representing the same algorithm as *this

Implemented in Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::KMAC128, Botan::KMAC256, Botan::Poly1305, Botan::SipHash, and Botan::ANSI_X919_MAC.

◆ output_length()

virtual size_t Botan::Buffered_Computation::output_length ( ) const
pure virtualinherited
Returns
length of the output of this function in bytes

Implemented in Botan::KMAC, Botan::BLAKE2b, Botan::Adler32, Botan::CRC24, Botan::CRC32, Botan::Comb4P, Botan::GOST_34_11, Botan::Keccak_1600, Botan::MD4, Botan::MD5, Botan::Parallel, Botan::RIPEMD_160, Botan::SHA_1, Botan::SHA_224, Botan::SHA_256, Botan::SHA_384, Botan::SHA_512, Botan::SHA_512_256, Botan::SHA_3, Botan::SHAKE_128, Botan::SHAKE_256, Botan::Skein_512, Botan::SM3, Botan::Streebog, Botan::Truncated_Hash, Botan::Whirlpool, Botan::BLAKE2bMAC, Botan::CMAC, Botan::GMAC, Botan::HMAC, Botan::Poly1305, Botan::SipHash, Botan::ANSI_X919_MAC, and Botan::RawHashFunction.

Referenced by Botan::mgf1_mask(), Botan::pbkdf2(), Botan::sm2_compute_za(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode().

◆ process() [1/3]

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::Buffered_Computation::process ( const uint8_t  in[],
size_t  length 
)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a byte array
lengththe length of the byte array
Returns
the result of the call to final()

Definition at line 104 of file buf_comp.h.

104 {
105 update(in, length);
106 return final<T>();
107 }
update
int(* update)(CTX *, const void *, CC_LONG len)
Definition commoncrypto_hash.cpp:28

References update.

Referenced by Botan::Dilithium_Symmetric_Primitives::CRH(), and Botan::Dilithium_Symmetric_Primitives::H().

◆ process() [2/3]

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::Buffered_Computation::process ( std::span< const uint8_t >  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a contiguous container
Returns
the result of the call to final()

Definition at line 128 of file buf_comp.h.

128 {
129 update(in);
130 return final<T>();
131 }

References update.

◆ process() [3/3]

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::Buffered_Computation::process ( std::string_view  in)
inlineinherited

Update and finalize computation. Does the same as calling update() and final() consecutively.

Parameters
inthe input to process as a string
Returns
the result of the call to final()

Definition at line 116 of file buf_comp.h.

116 {
117 update(in);
118 return final<T>();
119 }

References update.

◆ provider()

virtual std::string Botan::MessageAuthenticationCode::provider ( ) const
inlinevirtual
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::KMAC.

Definition at line 108 of file mac.h.

108{ return "base"; }

Referenced by create(), and create_or_throw().

◆ providers()

std::vector< std::string > Botan::MessageAuthenticationCode::providers ( std::string_view  algo_spec)
static
Returns
list of available providers for this algorithm, empty if not available

Definition at line 142 of file mac.cpp.

142 {
143 return probe_providers_of<MessageAuthenticationCode>(algo_spec);
144}

◆ set_key() [1/3]

void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe SymmetricKey to be set.

Definition at line 113 of file sym_algo.h.

113{ set_key(std::span{key.begin(), key.length()}); }
Botan::SymmetricAlgorithm::set_key
void set_key(const SymmetricKey &key)
Definition sym_algo.h:113

References Botan::OctetString::begin(), Botan::OctetString::length(), and Botan::SymmetricAlgorithm::set_key().

Referenced by Botan::Sodium::crypto_stream_salsa20(), Botan::Sodium::crypto_stream_salsa20_xor_ic(), Botan::Sodium::crypto_stream_xsalsa20(), Botan::Sodium::crypto_stream_xsalsa20_xor_ic(), Botan::FPE::fe1_decrypt(), Botan::FPE::fe1_encrypt(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), Botan::Sodium::randombytes_buf_deterministic(), and Botan::SymmetricAlgorithm::set_key().

◆ set_key() [2/3]

void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 126 of file sym_algo.h.

126{ set_key(std::span{key, length}); }

References Botan::SymmetricAlgorithm::set_key().

Referenced by Botan::SymmetricAlgorithm::set_key().

◆ set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( std::span< const uint8_t >  key)
inherited

Set the symmetric key of this object.

Parameters
keythe contiguous byte range to be set.

Definition at line 17 of file sym_algo.cpp.

17 {
18 if(!valid_keylength(key.size())) {
19 throw Invalid_Key_Length(name(), key.size());
20 }
21 key_schedule(key);
22}
Botan::SymmetricAlgorithm::valid_keylength
bool valid_keylength(size_t length) const
Definition sym_algo.h:107
Botan::SymmetricAlgorithm::name
virtual std::string name() const =0

References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().

◆ start() [1/3]

void Botan::MessageAuthenticationCode::start ( )
inline

Begin processing a message.

Definition at line 77 of file mac.h.

77{ return start_msg({}); }
Botan::MessageAuthenticationCode::start_msg
virtual void start_msg(std::span< const uint8_t > nonce)
Definition mac.cpp:155

◆ start() [2/3]

void Botan::MessageAuthenticationCode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inline

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 72 of file mac.h.

72{ start_msg({nonce, nonce_len}); }

◆ start() [3/3]

void Botan::MessageAuthenticationCode::start ( std::span< const uint8_t >  nonce)
inline

Prepare for processing a message under the specified nonce

Most MACs neither require nor support a nonce; for these algorithms calling start_msg is optional and calling it with anything other than an empty string is an error. One MAC which requires a per-message nonce be specified is GMAC.

Default implementation simply rejects all non-empty nonces since most hash/MAC algorithms do not support randomization

Parameters
noncethe message nonce bytes

Definition at line 65 of file mac.h.

65{ start_msg(nonce); }

◆ start_msg()

void Botan::MessageAuthenticationCode::start_msg ( std::span< const uint8_t >  nonce)
protectedvirtual

Prepare for processing a message under the specified nonce

If the MAC does not support nonces, it should not override the default implementation.

Definition at line 155 of file mac.cpp.

155 {
156 BOTAN_UNUSED(nonce);
157 if(!nonce.empty()) {
158 throw Invalid_IV_Length(name(), nonce.size());
159 }
160}

References BOTAN_UNUSED, and Botan::SymmetricAlgorithm::name().

◆ update() [1/4]

void Botan::Buffered_Computation::update ( const uint8_t  in[],
size_t  length 
)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a byte array
lengthof param in in bytes

Definition at line 34 of file buf_comp.h.

34{ add_data({in, length}); }

Referenced by Botan::ed25519_gen_keypair(), Botan::ed25519_sign(), Botan::ed25519_verify(), Botan::mgf1_mask(), Botan::pbkdf2(), Botan::Dilithium::Polynomial::poly_challenge(), Botan::Kyber_Modern_Symmetric_Primitives::PRF(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), Botan::Sphincs_Hash_Functions_Shake::PRF_msg(), Botan::sm2_compute_za(), and Botan::Sphincs_Hash_Functions_Shake::Sphincs_Hash_Functions_Shake().

◆ update() [2/4]

void Botan::Buffered_Computation::update ( std::span< const uint8_t >  in)
inlineinherited

Add new input to process.

Parameters
inthe input to process as a contiguous data range

Definition at line 40 of file buf_comp.h.

40{ add_data(in); }

◆ update() [3/4]

void Botan::Buffered_Computation::update ( std::string_view  str)
inlineinherited

Add new input to process.

Parameters
strthe input to process as a std::string_view. Will be interpreted as a byte array based on the strings encoding.

Definition at line 55 of file buf_comp.h.

55{ add_data({cast_char_ptr_to_uint8(str.data()), str.size()}); }
Botan::cast_char_ptr_to_uint8
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition mem_ops.h:177

References Botan::cast_char_ptr_to_uint8().

◆ update() [4/4]

void Botan::Buffered_Computation::update ( uint8_t  in)
inlineinherited

Process a single byte.

Parameters
inthe byte to process

Definition at line 61 of file buf_comp.h.

61{ add_data({&in, 1}); }

◆ update_be() [1/3]

void Botan::Buffered_Computation::update_be ( uint16_t  val)
inherited

Definition at line 13 of file buf_comp.cpp.

13 {
14 uint8_t inb[sizeof(val)];
15 store_be(val, inb);
16 add_data({inb, sizeof(inb)});
17}
Botan::store_be
constexpr void store_be(uint16_t in, uint8_t out[2])
Definition loadstor.h:389

References Botan::store_be().

Referenced by Botan::mgf1_mask(), and Botan::pbkdf2().

◆ update_be() [2/3]

void Botan::Buffered_Computation::update_be ( uint32_t  val)
inherited

Definition at line 19 of file buf_comp.cpp.

19 {
20 uint8_t inb[sizeof(val)];
21 store_be(val, inb);
22 add_data({inb, sizeof(inb)});
23}

References Botan::store_be().

◆ update_be() [3/3]

void Botan::Buffered_Computation::update_be ( uint64_t  val)
inherited

Definition at line 25 of file buf_comp.cpp.

25 {
26 uint8_t inb[sizeof(val)];
27 store_be(val, inb);
28 add_data({inb, sizeof(inb)});
29}

References Botan::store_be().

◆ update_le() [1/3]

void Botan::Buffered_Computation::update_le ( uint16_t  val)
inherited

Definition at line 31 of file buf_comp.cpp.

31 {
32 uint8_t inb[sizeof(val)];
33 store_le(val, inb);
34 add_data({inb, sizeof(inb)});
35}
Botan::store_le
constexpr void store_le(uint16_t in, uint8_t out[2])
Definition loadstor.h:405

References Botan::store_le().

◆ update_le() [2/3]

void Botan::Buffered_Computation::update_le ( uint32_t  val)
inherited

Definition at line 37 of file buf_comp.cpp.

37 {
38 uint8_t inb[sizeof(val)];
39 store_le(val, inb);
40 add_data({inb, sizeof(inb)});
41}

References Botan::store_le().

◆ update_le() [3/3]

void Botan::Buffered_Computation::update_le ( uint64_t  val)
inherited

Definition at line 43 of file buf_comp.cpp.

43 {
44 uint8_t inb[sizeof(val)];
45 store_le(val, inb);
46 add_data({inb, sizeof(inb)});
47}

References Botan::store_le().

◆ valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 107 of file sym_algo.h.

107{ return key_spec().valid_keylength(length); }
Botan::Key_Length_Specification::valid_keylength
bool valid_keylength(size_t length) const
Definition sym_algo.h:42

Referenced by Botan::SymmetricAlgorithm::set_key().

◆ verify_mac() [1/2]

bool Botan::MessageAuthenticationCode::verify_mac ( const uint8_t  in[],
size_t  length 
)
inline

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
lengththe length of param in
Returns
true if the MAC is valid, false otherwise

Definition at line 85 of file mac.h.

85{ return verify_mac_result({in, length}); }
Botan::MessageAuthenticationCode::verify_mac_result
virtual bool verify_mac_result(std::span< const uint8_t > in)
Definition mac.cpp:165

◆ verify_mac() [2/2]

bool Botan::MessageAuthenticationCode::verify_mac ( std::span< const uint8_t >  in)
inline

Verify a MAC.

Parameters
inthe MAC to verify as a byte array
Returns
true if the MAC is valid, false otherwise

Definition at line 92 of file mac.h.

92{ return verify_mac_result(in); }

◆ verify_mac_result()

bool Botan::MessageAuthenticationCode::verify_mac_result ( std::span< const uint8_t >  in)
protectedvirtual

Verify the MACs final result

Definition at line 165 of file mac.cpp.

165 {
166 secure_vector<uint8_t> our_mac = final();
167
168 if(our_mac.size() != mac.size()) {
169 return false;
170 }
171
172 return constant_time_compare(our_mac.data(), mac.data(), mac.size());
173}
Botan::constant_time_compare
bool constant_time_compare(const uint8_t x[], const uint8_t y[], size_t len)
Definition mem_ops.h:80

References Botan::constant_time_compare().

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.8