Botan  2.18.1
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::Salsa20 Class Referencefinal

#include <salsa20.h>

Inheritance diagram for Botan::Salsa20:
Botan::StreamCipher Botan::SymmetricAlgorithm

Public Member Functions

void cipher (const uint8_t in[], uint8_t out[], size_t length) override
 
void cipher1 (uint8_t buf[], size_t len)
 
void clear () override
 
StreamCipherclone () const override
 
template<typename Alloc >
void decrypt (std::vector< uint8_t, Alloc > &inout)
 
size_t default_iv_length () const override
 
template<typename Alloc >
void encipher (std::vector< uint8_t, Alloc > &inout)
 
template<typename Alloc >
void encrypt (std::vector< uint8_t, Alloc > &inout)
 
Key_Length_Specification key_spec () const override
 
size_t maximum_keylength () const
 
size_t minimum_keylength () const
 
std::string name () const override
 
virtual std::string provider () const
 
void seek (uint64_t offset) override
 
void set_iv (const uint8_t iv[], size_t iv_len) override
 
void set_key (const SymmetricKey &key)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const uint8_t key[], size_t length)
 
bool valid_iv_length (size_t iv_len) const override
 
bool valid_keylength (size_t length) const
 
virtual void write_keystream (uint8_t out[], size_t len)
 

Static Public Member Functions

static std::unique_ptr< StreamCiphercreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< StreamCiphercreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static void hsalsa20 (uint32_t output[8], const uint32_t input[16])
 
static std::vector< std::string > providers (const std::string &algo_spec)
 
static void salsa_core (uint8_t output[64], const uint32_t input[16], size_t rounds)
 

Protected Member Functions

void verify_key_set (bool cond) const
 

Detailed Description

DJB's Salsa20 (and XSalsa20)

Definition at line 20 of file salsa20.h.

Member Function Documentation

◆ cipher()

void Botan::Salsa20::cipher ( const uint8_t  in[],
uint8_t  out[],
size_t  len 
)
overridevirtual

Encrypt or decrypt a message

Parameters
inthe plaintext
outthe byte array to hold the output, i.e. the ciphertext
lenthe length of both in and out in bytes

Implements Botan::StreamCipher.

Definition at line 106 of file salsa20.cpp.

References salsa_core(), Botan::SymmetricAlgorithm::verify_key_set(), and Botan::xor_buf().

Referenced by Botan::Sodium::crypto_stream_salsa20_xor_ic(), and Botan::Sodium::crypto_stream_xsalsa20_xor_ic().

107  {
108  verify_key_set(m_state.empty() == false);
109 
110  while(length >= m_buffer.size() - m_position)
111  {
112  const size_t available = m_buffer.size() - m_position;
113 
114  xor_buf(out, in, &m_buffer[m_position], available);
115  salsa_core(m_buffer.data(), m_state.data(), 20);
116 
117  ++m_state[8];
118  m_state[9] += (m_state[8] == 0);
119 
120  length -= available;
121  in += available;
122  out += available;
123 
124  m_position = 0;
125  }
126 
127  xor_buf(out, in, &m_buffer[m_position], length);
128 
129  m_position += length;
130  }
void verify_key_set(bool cond) const
Definition: sym_algo.h:171
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
Definition: mem_ops.h:262
static void salsa_core(uint8_t output[64], const uint32_t input[16], size_t rounds)
Definition: salsa20.cpp:61

◆ cipher1()

void Botan::StreamCipher::cipher1 ( uint8_t  buf[],
size_t  len 
)
inlineinherited

Encrypt or decrypt a message The message is encrypted/decrypted in place.

Parameters
bufthe plaintext / ciphertext
lenthe length of buf in bytes

Definition at line 78 of file stream_cipher.h.

Referenced by Botan::SIV_Encryption::finish().

79  { cipher(buf, buf, len); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0

◆ clear()

void Botan::Salsa20::clear ( )
overridevirtual

Reset the state.

Implements Botan::SymmetricAlgorithm.

Definition at line 275 of file salsa20.cpp.

References Botan::zap().

276  {
277  zap(m_key);
278  zap(m_state);
279  zap(m_buffer);
280  m_position = 0;
281  }
void zap(std::vector< T, Alloc > &vec)
Definition: secmem.h:127

◆ clone()

StreamCipher * Botan::Salsa20::clone ( ) const
overridevirtual
Returns
a new object representing the same algorithm as *this

Implements Botan::StreamCipher.

Definition at line 262 of file salsa20.cpp.

263  {
264  return new Salsa20;
265  }

◆ create()

std::unique_ptr< StreamCipher > Botan::StreamCipher::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 42 of file stream_cipher.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), BOTAN_UNUSED, Botan::StreamCipher::cipher(), Botan::BlockCipher::create(), and Botan::StreamCipher::provider().

Referenced by Botan::BlockCipher::create(), Botan::Cipher_Mode::create(), and Botan::StreamCipher::create_or_throw().

44  {
45  const SCAN_Name req(algo_spec);
46 
47 #if defined(BOTAN_HAS_CTR_BE)
48  if((req.algo_name() == "CTR-BE" || req.algo_name() == "CTR") && req.arg_count_between(1,2))
49  {
50  if(provider.empty() || provider == "base")
51  {
52  auto cipher = BlockCipher::create(req.arg(0));
53  if(cipher)
54  {
55  size_t ctr_size = req.arg_as_integer(1, cipher->block_size());
56  return std::unique_ptr<StreamCipher>(new CTR_BE(cipher.release(), ctr_size));
57  }
58  }
59  }
60 #endif
61 
62 #if defined(BOTAN_HAS_CHACHA)
63  if(req.algo_name() == "ChaCha")
64  {
65  if(provider.empty() || provider == "base")
66  return std::unique_ptr<StreamCipher>(new ChaCha(req.arg_as_integer(0, 20)));
67  }
68 
69  if(req.algo_name() == "ChaCha20")
70  {
71  if(provider.empty() || provider == "base")
72  return std::unique_ptr<StreamCipher>(new ChaCha(20));
73  }
74 #endif
75 
76 #if defined(BOTAN_HAS_SALSA20)
77  if(req.algo_name() == "Salsa20")
78  {
79  if(provider.empty() || provider == "base")
80  return std::unique_ptr<StreamCipher>(new Salsa20);
81  }
82 #endif
83 
84 #if defined(BOTAN_HAS_SHAKE_CIPHER)
85  if(req.algo_name() == "SHAKE-128" || req.algo_name() == "SHAKE-128-XOF")
86  {
87  if(provider.empty() || provider == "base")
88  return std::unique_ptr<StreamCipher>(new SHAKE_128_Cipher);
89  }
90 #endif
91 
92 #if defined(BOTAN_HAS_OFB)
93  if(req.algo_name() == "OFB" && req.arg_count() == 1)
94  {
95  if(provider.empty() || provider == "base")
96  {
97  if(auto c = BlockCipher::create(req.arg(0)))
98  return std::unique_ptr<StreamCipher>(new OFB(c.release()));
99  }
100  }
101 #endif
102 
103 #if defined(BOTAN_HAS_RC4)
104 
105  if(req.algo_name() == "RC4" ||
106  req.algo_name() == "ARC4" ||
107  req.algo_name() == "MARK-4")
108  {
109  const size_t skip = (req.algo_name() == "MARK-4") ? 256 : req.arg_as_integer(0, 0);
110 
111 #if defined(BOTAN_HAS_OPENSSL)
112  if(provider.empty() || provider == "openssl")
113  {
114  return std::unique_ptr<StreamCipher>(make_openssl_rc4(skip));
115  }
116 #endif
117 
118  if(provider.empty() || provider == "base")
119  {
120  return std::unique_ptr<StreamCipher>(new RC4(skip));
121  }
122  }
123 
124 #endif
125 
126  BOTAN_UNUSED(req);
128 
129  return nullptr;
130  }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0
virtual std::string provider() const
#define BOTAN_UNUSED(...)
Definition: assert.h:142
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")

◆ create_or_throw()

std::unique_ptr< StreamCipher > Botan::StreamCipher::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to use Throws a Lookup_Error if the algo/provider combination cannot be found

Definition at line 134 of file stream_cipher.cpp.

References Botan::StreamCipher::create(), and Botan::StreamCipher::provider().

Referenced by Botan::ChaCha_RNG::ChaCha_RNG(), Botan::Sodium::crypto_secretbox_detached(), Botan::Sodium::crypto_secretbox_open_detached(), Botan::Sodium::crypto_secretbox_xsalsa20poly1305(), Botan::Sodium::crypto_secretbox_xsalsa20poly1305_open(), Botan::Sodium::crypto_stream_chacha20(), Botan::Sodium::crypto_stream_chacha20_ietf(), Botan::Sodium::crypto_stream_chacha20_ietf_xor_ic(), Botan::Sodium::crypto_stream_chacha20_xor_ic(), Botan::Sodium::crypto_stream_xchacha20(), and Botan::Sodium::crypto_stream_xchacha20_xor_ic().

136  {
137  if(auto sc = StreamCipher::create(algo, provider))
138  {
139  return sc;
140  }
141  throw Lookup_Error("Stream cipher", algo, provider);
142  }
virtual std::string provider() const
static std::unique_ptr< StreamCipher > create(const std::string &algo_spec, const std::string &provider="")

◆ decrypt()

template<typename Alloc >
void Botan::StreamCipher::decrypt ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Decrypt a message in place The message is decrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 105 of file stream_cipher.h.

106  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0

◆ default_iv_length()

size_t Botan::Salsa20::default_iv_length ( ) const
overridevirtual

Return the default (preferred) nonce length If this function returns 0, then this cipher does not support nonces

Reimplemented from Botan::StreamCipher.

Definition at line 252 of file salsa20.cpp.

253  {
254  return 24;
255  }

◆ encipher()

template<typename Alloc >
void Botan::StreamCipher::encipher ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Encrypt a message The message is encrypted/decrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 87 of file stream_cipher.h.

88  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0

◆ encrypt()

template<typename Alloc >
void Botan::StreamCipher::encrypt ( std::vector< uint8_t, Alloc > &  inout)
inlineinherited

Encrypt a message The message is encrypted in place.

Parameters
inoutthe plaintext / ciphertext

Definition at line 96 of file stream_cipher.h.

97  { cipher(inout.data(), inout.data(), inout.size()); }
virtual void cipher(const uint8_t in[], uint8_t out[], size_t len)=0

◆ hsalsa20()

void Botan::Salsa20::hsalsa20 ( uint32_t  output[8],
const uint32_t  input[16] 
)
static

Definition at line 27 of file salsa20.cpp.

References SALSA20_QUARTER_ROUND.

Referenced by Botan::Sodium::crypto_core_hsalsa20(), and set_iv().

28  {
29  uint32_t x00 = input[ 0], x01 = input[ 1], x02 = input[ 2], x03 = input[ 3],
30  x04 = input[ 4], x05 = input[ 5], x06 = input[ 6], x07 = input[ 7],
31  x08 = input[ 8], x09 = input[ 9], x10 = input[10], x11 = input[11],
32  x12 = input[12], x13 = input[13], x14 = input[14], x15 = input[15];
33 
34  for(size_t i = 0; i != 10; ++i)
35  {
36  SALSA20_QUARTER_ROUND(x00, x04, x08, x12);
37  SALSA20_QUARTER_ROUND(x05, x09, x13, x01);
38  SALSA20_QUARTER_ROUND(x10, x14, x02, x06);
39  SALSA20_QUARTER_ROUND(x15, x03, x07, x11);
40 
41  SALSA20_QUARTER_ROUND(x00, x01, x02, x03);
42  SALSA20_QUARTER_ROUND(x05, x06, x07, x04);
43  SALSA20_QUARTER_ROUND(x10, x11, x08, x09);
44  SALSA20_QUARTER_ROUND(x15, x12, x13, x14);
45  }
46 
47  output[0] = x00;
48  output[1] = x05;
49  output[2] = x10;
50  output[3] = x15;
51  output[4] = x06;
52  output[5] = x07;
53  output[6] = x08;
54  output[7] = x09;
55  }
#define SALSA20_QUARTER_ROUND(x1, x2, x3, x4)
Definition: salsa20.cpp:15

◆ key_spec()

Key_Length_Specification Botan::Salsa20::key_spec ( ) const
overridevirtual
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 257 of file salsa20.cpp.

258  {
259  return Key_Length_Specification(16, 32, 16);
260  }

◆ maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 120 of file sym_algo.h.

121  {
122  return key_spec().maximum_keylength();
123  }
size_t maximum_keylength() const
Definition: sym_algo.h:70
virtual Key_Length_Specification key_spec() const =0

◆ minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 128 of file sym_algo.h.

Referenced by botan_block_cipher_get_keyspec(), and botan_mac_get_keyspec().

129  {
130  return key_spec().minimum_keylength();
131  }
virtual Key_Length_Specification key_spec() const =0
size_t minimum_keylength() const
Definition: sym_algo.h:62

◆ name()

std::string Botan::Salsa20::name ( ) const
overridevirtual
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 267 of file salsa20.cpp.

Referenced by set_iv().

268  {
269  return "Salsa20";
270  }

◆ provider()

virtual std::string Botan::StreamCipher::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::ChaCha.

Definition at line 142 of file stream_cipher.h.

Referenced by Botan::StreamCipher::create(), and Botan::StreamCipher::create_or_throw().

142 { return "base"; }

◆ providers()

std::vector< std::string > Botan::StreamCipher::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 144 of file stream_cipher.cpp.

145  {
146  return probe_providers_of<StreamCipher>(algo_spec, {"base", "openssl"});
147  }

◆ salsa_core()

void Botan::Salsa20::salsa_core ( uint8_t  output[64],
const uint32_t  input[16],
size_t  rounds 
)
static

Definition at line 61 of file salsa20.cpp.

References BOTAN_ASSERT_NOMSG, SALSA20_QUARTER_ROUND, and Botan::store_le().

Referenced by cipher(), seek(), and set_iv().

62  {
63  BOTAN_ASSERT_NOMSG(rounds % 2 == 0);
64 
65  uint32_t x00 = input[ 0], x01 = input[ 1], x02 = input[ 2], x03 = input[ 3],
66  x04 = input[ 4], x05 = input[ 5], x06 = input[ 6], x07 = input[ 7],
67  x08 = input[ 8], x09 = input[ 9], x10 = input[10], x11 = input[11],
68  x12 = input[12], x13 = input[13], x14 = input[14], x15 = input[15];
69 
70  for(size_t i = 0; i != rounds / 2; ++i)
71  {
72  SALSA20_QUARTER_ROUND(x00, x04, x08, x12);
73  SALSA20_QUARTER_ROUND(x05, x09, x13, x01);
74  SALSA20_QUARTER_ROUND(x10, x14, x02, x06);
75  SALSA20_QUARTER_ROUND(x15, x03, x07, x11);
76 
77  SALSA20_QUARTER_ROUND(x00, x01, x02, x03);
78  SALSA20_QUARTER_ROUND(x05, x06, x07, x04);
79  SALSA20_QUARTER_ROUND(x10, x11, x08, x09);
80  SALSA20_QUARTER_ROUND(x15, x12, x13, x14);
81  }
82 
83  store_le(x00 + input[ 0], output + 4 * 0);
84  store_le(x01 + input[ 1], output + 4 * 1);
85  store_le(x02 + input[ 2], output + 4 * 2);
86  store_le(x03 + input[ 3], output + 4 * 3);
87  store_le(x04 + input[ 4], output + 4 * 4);
88  store_le(x05 + input[ 5], output + 4 * 5);
89  store_le(x06 + input[ 6], output + 4 * 6);
90  store_le(x07 + input[ 7], output + 4 * 7);
91  store_le(x08 + input[ 8], output + 4 * 8);
92  store_le(x09 + input[ 9], output + 4 * 9);
93  store_le(x10 + input[10], output + 4 * 10);
94  store_le(x11 + input[11], output + 4 * 11);
95  store_le(x12 + input[12], output + 4 * 12);
96  store_le(x13 + input[13], output + 4 * 13);
97  store_le(x14 + input[14], output + 4 * 14);
98  store_le(x15 + input[15], output + 4 * 15);
99  }
#define BOTAN_ASSERT_NOMSG(expr)
Definition: assert.h:68
#define SALSA20_QUARTER_ROUND(x1, x2, x3, x4)
Definition: salsa20.cpp:15
void store_le(uint16_t in, uint8_t out[2])
Definition: loadstor.h:454

◆ seek()

void Botan::Salsa20::seek ( uint64_t  offset)
overridevirtual

Set the offset and the state used later to generate the keystream

Parameters
offsetthe offset where we begin to generate the keystream

Implements Botan::StreamCipher.

Definition at line 283 of file salsa20.cpp.

References Botan::load_le< uint32_t >(), salsa_core(), Botan::store_le(), and Botan::SymmetricAlgorithm::verify_key_set().

Referenced by Botan::Sodium::crypto_stream_salsa20_xor_ic(), and Botan::Sodium::crypto_stream_xsalsa20_xor_ic().

284  {
285  verify_key_set(m_state.empty() == false);
286 
287  // Find the block offset
288  const uint64_t counter = offset / 64;
289  uint8_t counter8[8];
290  store_le(counter, counter8);
291 
292  m_state[8] = load_le<uint32_t>(counter8, 0);
293  m_state[9] += load_le<uint32_t>(counter8, 1);
294 
295  salsa_core(m_buffer.data(), m_state.data(), 20);
296 
297  ++m_state[8];
298  m_state[9] += (m_state[8] == 0);
299 
300  m_position = offset % 64;
301  }
void verify_key_set(bool cond) const
Definition: sym_algo.h:171
uint32_t load_le< uint32_t >(const uint8_t in[], size_t off)
Definition: loadstor.h:198
static void salsa_core(uint8_t output[64], const uint32_t input[16], size_t rounds)
Definition: salsa20.cpp:61
void store_le(uint16_t in, uint8_t out[2])
Definition: loadstor.h:454

◆ set_iv()

void Botan::Salsa20::set_iv ( const uint8_t  iv[],
size_t  iv_len 
)
overridevirtual

Resync the cipher using the IV

Parameters
ivthe initialization vector
iv_lenthe length of the IV in bytes

Implements Botan::StreamCipher.

Definition at line 193 of file salsa20.cpp.

References hsalsa20(), Botan::load_le< uint32_t >(), name(), salsa_core(), valid_iv_length(), and Botan::SymmetricAlgorithm::verify_key_set().

Referenced by Botan::Sodium::crypto_stream_salsa20(), Botan::Sodium::crypto_stream_salsa20_xor_ic(), Botan::Sodium::crypto_stream_xsalsa20(), and Botan::Sodium::crypto_stream_xsalsa20_xor_ic().

194  {
195  verify_key_set(m_state.empty() == false);
196 
197  if(!valid_iv_length(length))
198  throw Invalid_IV_Length(name(), length);
199 
200  initialize_state();
201 
202  if(length == 0)
203  {
204  // Salsa20 null IV
205  m_state[6] = 0;
206  m_state[7] = 0;
207  }
208  else if(length == 8)
209  {
210  // Salsa20
211  m_state[6] = load_le<uint32_t>(iv, 0);
212  m_state[7] = load_le<uint32_t>(iv, 1);
213  }
214  else
215  {
216  // XSalsa20
217  m_state[6] = load_le<uint32_t>(iv, 0);
218  m_state[7] = load_le<uint32_t>(iv, 1);
219  m_state[8] = load_le<uint32_t>(iv, 2);
220  m_state[9] = load_le<uint32_t>(iv, 3);
221 
222  secure_vector<uint32_t> hsalsa(8);
223  hsalsa20(hsalsa.data(), m_state.data());
224 
225  m_state[ 1] = hsalsa[0];
226  m_state[ 2] = hsalsa[1];
227  m_state[ 3] = hsalsa[2];
228  m_state[ 4] = hsalsa[3];
229  m_state[ 6] = load_le<uint32_t>(iv, 4);
230  m_state[ 7] = load_le<uint32_t>(iv, 5);
231  m_state[11] = hsalsa[4];
232  m_state[12] = hsalsa[5];
233  m_state[13] = hsalsa[6];
234  m_state[14] = hsalsa[7];
235  }
236 
237  m_state[8] = 0;
238  m_state[9] = 0;
239 
240  salsa_core(m_buffer.data(), m_state.data(), 20);
241  ++m_state[8];
242  m_state[9] += (m_state[8] == 0);
243 
244  m_position = 0;
245  }
void verify_key_set(bool cond) const
Definition: sym_algo.h:171
std::string name() const override
Definition: salsa20.cpp:267
uint32_t load_le< uint32_t >(const uint8_t in[], size_t off)
Definition: loadstor.h:198
static void hsalsa20(uint32_t output[8], const uint32_t input[16])
Definition: salsa20.cpp:27
static void salsa_core(uint8_t output[64], const uint32_t input[16], size_t rounds)
Definition: salsa20.cpp:61
bool valid_iv_length(size_t iv_len) const override
Definition: salsa20.cpp:247

◆ set_key() [1/3]

void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

◆ set_key() [2/3]

template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 153 of file sym_algo.h.

154  {
155  set_key(key.data(), key.size());
156  }
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:147

◆ set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 17 of file sym_algo.cpp.

References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().

18  {
19  if(!valid_keylength(length))
20  throw Invalid_Key_Length(name(), length);
21  key_schedule(key, length);
22  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:138
virtual std::string name() const =0

◆ valid_iv_length()

bool Botan::Salsa20::valid_iv_length ( size_t  iv_len) const
overridevirtual
Parameters
iv_lenthe length of the IV in bytes
Returns
if the length is valid for this algorithm

Reimplemented from Botan::StreamCipher.

Definition at line 247 of file salsa20.cpp.

Referenced by set_iv().

248  {
249  return (iv_len == 0 || iv_len == 8 || iv_len == 24);
250  }

◆ valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 138 of file sym_algo.h.

Referenced by Botan::aont_package(), Botan::aont_unpackage(), and Botan::SymmetricAlgorithm::set_key().

139  {
140  return key_spec().valid_keylength(length);
141  }
bool valid_keylength(size_t length) const
Definition: sym_algo.h:52
virtual Key_Length_Specification key_spec() const =0

◆ verify_key_set()

void Botan::SymmetricAlgorithm::verify_key_set ( bool  cond) const
inlineprotectedinherited

Definition at line 171 of file sym_algo.h.

Referenced by cipher(), Botan::CTR_BE::cipher(), Botan::RC4::cipher(), Botan::SHAKE_128_Cipher::cipher(), Botan::ChaCha::cipher(), Botan::Camellia_128::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::KASUMI::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::MISTY1::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::AES_128::decrypt_n(), Botan::CAST_256::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::DES::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::XTEA::decrypt_n(), Botan::DESX::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::Lion::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::IDEA::encrypt_n(), Botan::KASUMI::encrypt_n(), Botan::AES_128::encrypt_n(), Botan::MISTY1::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::SEED::encrypt_n(), Botan::CAST_256::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::DES::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::XTEA::encrypt_n(), Botan::DESX::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::Lion::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::OCB_Encryption::finish(), Botan::OCB_Decryption::finish(), Botan::GHASH::ghash_update(), Botan::CFB_Encryption::process(), Botan::CFB_Decryption::process(), seek(), Botan::CTR_BE::seek(), Botan::ChaCha::seek(), Botan::OCB_Mode::set_associated_data(), set_iv(), Botan::ChaCha::set_iv(), Botan::GHASH::update(), Botan::GHASH::update_associated_data(), and Botan::ChaCha::write_keystream().

172  {
173  if(cond == false)
174  throw_key_not_set_error();
175  }

◆ write_keystream()

virtual void Botan::StreamCipher::write_keystream ( uint8_t  out[],
size_t  len 
)
inlinevirtualinherited

Write keystream bytes to a buffer

Parameters
outthe byte array to hold the keystream
lenthe length of out in bytes

Reimplemented in Botan::ChaCha.

Definition at line 66 of file stream_cipher.h.

References Botan::clear_mem().

Referenced by Botan::Sodium::crypto_stream_salsa20(), and Botan::Sodium::crypto_stream_xsalsa20().

67  {
68  clear_mem(out, len);
69  cipher1(out, len);
70  }
void cipher1(uint8_t buf[], size_t len)
Definition: stream_cipher.h:78
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:115

The documentation for this class was generated from the following files: