Botan  2.7.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption Class Referencefinal

#include <tls_cbc.h>

Inheritance diagram for Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption:
Botan::TLS::TLS_CBC_HMAC_AEAD_Mode Botan::AEAD_Mode Botan::Cipher_Mode

Public Member Functions

bool authenticated () const override
 
void clear () override final
 
size_t default_nonce_length () const override final
 
void finish (secure_vector< uint8_t > &final_block, size_t offset=0) override
 
Key_Length_Specification key_spec () const override final
 
size_t minimum_final_size () const override
 
std::string name () const override final
 
size_t output_length (size_t input_length) const override
 
size_t process (uint8_t buf[], size_t sz) override final
 
virtual std::string provider () const
 
void reset () override final
 
template<typename Alloc >
void set_ad (const std::vector< uint8_t, Alloc > &ad)
 
void set_associated_data (const uint8_t ad[], size_t ad_len) override
 
template<typename Alloc >
void set_associated_data_vec (const std::vector< uint8_t, Alloc > &ad)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const SymmetricKey &key)
 
void set_key (const uint8_t key[], size_t length)
 
template<typename Alloc >
void start (const std::vector< uint8_t, Alloc > &nonce)
 
void start (const uint8_t nonce[], size_t nonce_len)
 
void start ()
 
size_t tag_size () const override final
 
 TLS_CBC_HMAC_AEAD_Encryption (std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, const size_t cipher_keylen, const size_t mac_keylen, bool use_explicit_iv, bool use_encrypt_then_mac)
 
void update (secure_vector< uint8_t > &buffer, size_t offset=0)
 
size_t update_granularity () const override final
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t nl) const override final
 

Static Public Member Functions

static std::unique_ptr< AEAD_Modecreate (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::unique_ptr< AEAD_Modecreate_or_throw (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Protected Member Functions

std::vector< uint8_t > & assoc_data ()
 
std::vector< uint8_t > assoc_data_with_len (uint16_t len)
 
size_t block_size () const
 
Cipher_Modecbc () const
 
secure_vector< uint8_t > & cbc_state ()
 
size_t cipher_keylen () const
 
size_t iv_size () const
 
MessageAuthenticationCodemac () const
 
size_t mac_keylen () const
 
secure_vector< uint8_t > & msg ()
 
bool use_encrypt_then_mac () const
 

Detailed Description

TLS_CBC_HMAC_AEAD Encryption

Definition at line 102 of file tls_cbc.h.

Constructor & Destructor Documentation

◆ TLS_CBC_HMAC_AEAD_Encryption()

Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::TLS_CBC_HMAC_AEAD_Encryption ( std::unique_ptr< BlockCipher cipher,
std::unique_ptr< MessageAuthenticationCode mac,
const size_t  cipher_keylen,
const size_t  mac_keylen,
bool  use_explicit_iv,
bool  use_encrypt_then_mac 
)
inline

Definition at line 107 of file tls_cbc.h.

113  :
115  std::move(cipher),
116  std::move(mac),
118  mac_keylen,
119  use_explicit_iv,
121  {}
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:65
TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir direction, std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, size_t cipher_keylen, size_t mac_keylen, bool use_explicit_iv, bool use_encrypt_then_mac)
Definition: tls_cbc.cpp:26

Member Function Documentation

◆ assoc_data()

std::vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data ( )
inlineprotectedinherited

Definition at line 72 of file tls_cbc.h.

Referenced by finish(), and set_associated_data().

72 { return m_ad; }

◆ assoc_data_with_len()

std::vector< uint8_t > Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data_with_len ( uint16_t  len)
protectedinherited

Definition at line 120 of file tls_cbc.cpp.

References BOTAN_ASSERT, and Botan::get_byte().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

121  {
122  std::vector<uint8_t> ad = m_ad;
123  BOTAN_ASSERT(ad.size() == 13, "Expected AAD size");
124  ad[11] = get_byte(0, len);
125  ad[12] = get_byte(1, len);
126  return ad;
127  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:43
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:39

◆ authenticated()

bool Botan::AEAD_Mode::authenticated ( ) const
inlineoverridevirtualinherited
Returns
true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 47 of file aead.h.

47 { return true; }

◆ block_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size ( ) const
inlineprotectedinherited

◆ cbc()

Cipher_Mode& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc ( ) const
inlineprotectedinherited

Definition at line 63 of file tls_cbc.h.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

63 { return *m_cbc; }

◆ cbc_state()

secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state ( )
inlineprotectedinherited

Definition at line 71 of file tls_cbc.h.

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

71 { return m_cbc_state; }

◆ cipher_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher_keylen ( ) const
inlineprotectedinherited

Definition at line 56 of file tls_cbc.h.

56 { return m_cipher_keylen; }

◆ clear()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear ( )
finaloverridevirtualinherited

Zeroise all state See also reset_msg()

Implements Botan::Cipher_Mode.

Definition at line 52 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc(), Botan::SymmetricAlgorithm::clear(), Botan::Cipher_Mode::clear(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

53  {
54  cbc().clear();
55  mac().clear();
56  reset();
57  }
virtual void clear()=0
Cipher_Mode & cbc() const
Definition: tls_cbc.h:63
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:65
virtual void clear()=0
void reset() override final
Definition: tls_cbc.cpp:59

◆ create()

std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode or a null pointer if not available

Definition at line 52 of file aead.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::BlockCipher::create(), Botan::ENCRYPTION, Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().

Referenced by Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::get_aead().

55  {
56 #if defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
57  if(algo == "ChaCha20Poly1305")
58  {
59  if(dir == ENCRYPTION)
60  return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Encryption);
61  else
62  return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Decryption);
63 
64  }
65 #endif
66 
67  if(algo.find('/') != std::string::npos)
68  {
69  const std::vector<std::string> algo_parts = split_on(algo, '/');
70  const std::string cipher_name = algo_parts[0];
71  const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
72 
73  if(mode_info.empty())
74  return std::unique_ptr<AEAD_Mode>();
75 
76  std::ostringstream alg_args;
77 
78  alg_args << '(' << cipher_name;
79  for(size_t i = 1; i < mode_info.size(); ++i)
80  alg_args << ',' << mode_info[i];
81  for(size_t i = 2; i < algo_parts.size(); ++i)
82  alg_args << ',' << algo_parts[i];
83  alg_args << ')';
84 
85  const std::string mode_name = mode_info[0] + alg_args.str();
86  return AEAD_Mode::create(mode_name, dir);
87  }
88 
89 #if defined(BOTAN_HAS_BLOCK_CIPHER)
90 
91  SCAN_Name req(algo);
92 
93  if(req.arg_count() == 0)
94  {
95  return std::unique_ptr<AEAD_Mode>();
96  }
97 
98  std::unique_ptr<BlockCipher> bc(BlockCipher::create(req.arg(0), provider));
99 
100  if(!bc)
101  {
102  return std::unique_ptr<AEAD_Mode>();
103  }
104 
105 #if defined(BOTAN_HAS_AEAD_CCM)
106  if(req.algo_name() == "CCM")
107  {
108  size_t tag_len = req.arg_as_integer(1, 16);
109  size_t L_len = req.arg_as_integer(2, 3);
110  if(dir == ENCRYPTION)
111  return std::unique_ptr<AEAD_Mode>(new CCM_Encryption(bc.release(), tag_len, L_len));
112  else
113  return std::unique_ptr<AEAD_Mode>(new CCM_Decryption(bc.release(), tag_len, L_len));
114  }
115 #endif
116 
117 #if defined(BOTAN_HAS_AEAD_GCM)
118  if(req.algo_name() == "GCM")
119  {
120  size_t tag_len = req.arg_as_integer(1, 16);
121  if(dir == ENCRYPTION)
122  return std::unique_ptr<AEAD_Mode>(new GCM_Encryption(bc.release(), tag_len));
123  else
124  return std::unique_ptr<AEAD_Mode>(new GCM_Decryption(bc.release(), tag_len));
125  }
126 #endif
127 
128 #if defined(BOTAN_HAS_AEAD_OCB)
129  if(req.algo_name() == "OCB")
130  {
131  size_t tag_len = req.arg_as_integer(1, 16);
132  if(dir == ENCRYPTION)
133  return std::unique_ptr<AEAD_Mode>(new OCB_Encryption(bc.release(), tag_len));
134  else
135  return std::unique_ptr<AEAD_Mode>(new OCB_Decryption(bc.release(), tag_len));
136  }
137 #endif
138 
139 #if defined(BOTAN_HAS_AEAD_EAX)
140  if(req.algo_name() == "EAX")
141  {
142  size_t tag_len = req.arg_as_integer(1, bc->block_size());
143  if(dir == ENCRYPTION)
144  return std::unique_ptr<AEAD_Mode>(new EAX_Encryption(bc.release(), tag_len));
145  else
146  return std::unique_ptr<AEAD_Mode>(new EAX_Decryption(bc.release(), tag_len));
147  }
148 #endif
149 
150 #if defined(BOTAN_HAS_AEAD_SIV)
151  if(req.algo_name() == "SIV")
152  {
153  if(dir == ENCRYPTION)
154  return std::unique_ptr<AEAD_Mode>(new SIV_Encryption(bc.release()));
155  else
156  return std::unique_ptr<AEAD_Mode>(new SIV_Decryption(bc.release()));
157  }
158 #endif
159 
160 #endif
161 
162  return std::unique_ptr<AEAD_Mode>();
163  }
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:144
static std::unique_ptr< AEAD_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: aead.cpp:52
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:91
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")
virtual std::string provider() const
Definition: cipher_mode.h:236

◆ create_or_throw()

std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create_or_throw ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode, or throw

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode, or throw an exception

Definition at line 42 of file aead.cpp.

References Botan::AEAD_Mode::create(), and Botan::Cipher_Mode::provider().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::TLS::Session::decrypt(), Botan::TLS::Session::encrypt(), Botan::mceies_decrypt(), and Botan::mceies_encrypt().

45  {
46  if(auto aead = AEAD_Mode::create(algo, dir, provider))
47  return aead;
48 
49  throw Lookup_Error("AEAD", algo, provider);
50  }
static std::unique_ptr< AEAD_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: aead.cpp:52
virtual std::string provider() const
Definition: cipher_mode.h:236

◆ default_nonce_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::default_nonce_length ( ) const
inlinefinaloverridevirtualinherited
Returns
default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely)

Reimplemented from Botan::AEAD_Mode.

Definition at line 41 of file tls_cbc.h.

41 { return m_iv_size; }

◆ finish()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish ( secure_vector< uint8_t > &  final_block,
size_t  offset = 0 
)
overridevirtual

Complete processing of a message.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Implements Botan::Cipher_Mode.

Definition at line 164 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), BOTAN_ASSERT, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state(), Botan::Buffered_Computation::final(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), Botan::Buffered_Computation::update(), Botan::Cipher_Mode::update(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

165  {
166  update(buffer, offset);
167  buffer.resize(offset); // truncate, leaving just header
168  const size_t header_size = offset;
169 
170  buffer.insert(buffer.end(), msg().begin(), msg().end());
171 
172  const size_t input_size = msg().size() + 1 + (use_encrypt_then_mac() ? 0 : tag_size());
173  const size_t enc_size = round_up(input_size, block_size());
174  const size_t pad_val = enc_size - input_size;
175  const size_t buf_size = enc_size + (use_encrypt_then_mac() ? tag_size() : 0);
176 
177  BOTAN_ASSERT(enc_size % block_size() == 0,
178  "Buffer is an even multiple of block size");
179 
180  mac().update(assoc_data());
181 
183  {
184  if(iv_size() > 0)
185  {
186  mac().update(cbc_state());
187  }
188 
189  for(size_t i = 0; i != pad_val + 1; ++i)
190  buffer.push_back(static_cast<uint8_t>(pad_val));
191  cbc_encrypt_record(&buffer[header_size], enc_size);
192  }
193 
194  // EtM also uses ciphertext size instead of plaintext size for AEAD input
195  const uint8_t* mac_input = (use_encrypt_then_mac() ? &buffer[header_size] : msg().data());
196  const size_t mac_input_len = (use_encrypt_then_mac() ? enc_size : msg().size());
197 
198  mac().update(mac_input, mac_input_len);
199 
200  buffer.resize(buffer.size() + tag_size());
201  mac().final(&buffer[buffer.size() - tag_size()]);
202 
203  if(use_encrypt_then_mac() == false)
204  {
205  for(size_t i = 0; i != pad_val + 1; ++i)
206  buffer.push_back(static_cast<uint8_t>(pad_val));
207  cbc_encrypt_record(&buffer[header_size], buf_size);
208  }
209  }
void update(secure_vector< uint8_t > &buffer, size_t offset=0)
Definition: cipher_mode.h:115
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:65
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:43
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:71
void final(uint8_t out[])
Definition: buf_comp.h:89
size_t tag_size() const override final
Definition: tls_cbc.h:39
std::vector< uint8_t > & assoc_data()
Definition: tls_cbc.h:72
void update(const uint8_t in[], size_t length)
Definition: buf_comp.h:34
secure_vector< uint8_t > & msg()
Definition: tls_cbc.h:73
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

◆ iv_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size ( ) const
inlineprotectedinherited

◆ key_spec()

Key_Length_Specification Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::key_spec ( ) const
finaloverridevirtualinherited
Returns
object describing limits on key size

Implements Botan::Cipher_Mode.

Definition at line 83 of file tls_cbc.cpp.

84  {
85  return Key_Length_Specification(m_cipher_keylen + m_mac_keylen);
86  }

◆ mac()

MessageAuthenticationCode& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac ( ) const
inlineprotectedinherited

Definition at line 65 of file tls_cbc.h.

References BOTAN_ASSERT_NONNULL.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear(), finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode().

66  {
67  BOTAN_ASSERT_NONNULL(m_mac);
68  return *m_mac;
69  }
#define BOTAN_ASSERT_NONNULL(ptr)
Definition: assert.h:95

◆ mac_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac_keylen ( ) const
inlineprotectedinherited

Definition at line 57 of file tls_cbc.h.

57 { return m_mac_keylen; }

◆ minimum_final_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::minimum_final_size ( ) const
inlineoverridevirtual
Returns
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Cipher_Mode.

Definition at line 127 of file tls_cbc.h.

127 { return 0; }

◆ msg()

secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg ( )
inlineprotectedinherited

Definition at line 73 of file tls_cbc.h.

Referenced by finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

73 { return m_msg; }

◆ name()

std::string Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::name ( ) const
finaloverridevirtualinherited

Implements Botan::Cipher_Mode.

Definition at line 66 of file tls_cbc.cpp.

67  {
68  return "TLS_CBC(" + m_cipher_name + "," + m_mac_name + ")";
69  }
std::string m_cipher_name

◆ output_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length ( size_t  input_length) const
overridevirtual

Returns the size of the output if this transform is used to process a message with input_length bytes. Will throw if unable to give a precise answer.

Implements Botan::Cipher_Mode.

Definition at line 158 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

159  {
160  return round_up(input_length + 1 + (use_encrypt_then_mac() ? 0 : tag_size()), block_size()) +
161  (use_encrypt_then_mac() ? tag_size() : 0);
162  }
size_t tag_size() const override final
Definition: tls_cbc.h:39
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

◆ process()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::process ( uint8_t  msg[],
size_t  msg_len 
)
finaloverridevirtualinherited

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).

Parameters
msgthe message to be processed
msg_lenlength of the message in bytes

Implements Botan::Cipher_Mode.

Definition at line 114 of file tls_cbc.cpp.

115  {
116  m_msg.insert(m_msg.end(), buf, buf + sz);
117  return 0;
118  }

◆ provider()

virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 236 of file cipher_mode.h.

Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::Cipher_Mode::create_or_throw().

236 { return "base"; }

◆ providers()

std::vector< std::string > Botan::Cipher_Mode::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available
Parameters
algo_specalgorithm name

Definition at line 173 of file cipher_mode.cpp.

References Botan::Cipher_Mode::create(), and Botan::ENCRYPTION.

174  {
175  const std::vector<std::string>& possible = { "base", "openssl" };
176  std::vector<std::string> providers;
177  for(auto&& prov : possible)
178  {
179  std::unique_ptr<Cipher_Mode> mode = Cipher_Mode::create(algo_spec, ENCRYPTION, prov);
180  if(mode)
181  {
182  providers.push_back(prov); // available
183  }
184  }
185  return providers;
186  }
static std::unique_ptr< Cipher_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition: cipher_mode.cpp:50
static std::vector< std::string > providers(const std::string &algo_spec)

◆ reset()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset ( )
finaloverridevirtualinherited

Resets just the message specific state and allows encrypting again under the existing key

Implements Botan::Cipher_Mode.

Definition at line 59 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

60  {
61  cbc_state().clear();
62  m_ad.clear();
63  m_msg.clear();
64  }
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:71

◆ set_ad()

template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 88 of file aead.h.

Referenced by Botan::TLS::write_record().

89  {
90  set_associated_data(ad.data(), ad.size());
91  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0

◆ set_associated_data()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)
overridevirtual

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters
adthe associated data
ad_lenlength of add in bytes

Reimplemented from Botan::TLS::TLS_CBC_HMAC_AEAD_Mode.

Definition at line 136 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::make_uint16(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::set_associated_data(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

137  {
139 
141  {
142  // AAD hack for EtM
143  const uint16_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]);
144  const uint16_t enc_size = round_up(iv_size() + pt_size + 1, block_size());
145  assoc_data()[11] = get_byte<uint16_t>(0, enc_size);
146  assoc_data()[12] = get_byte<uint16_t>(1, enc_size);
147  }
148  }
void set_associated_data(const uint8_t ad[], size_t ad_len) override
Definition: tls_cbc.cpp:129
std::vector< uint8_t > & assoc_data()
Definition: tls_cbc.h:72
uint16_t make_uint16(uint8_t i0, uint8_t i1)
Definition: loadstor.h:52
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

◆ set_associated_data_vec()

template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 73 of file aead.h.

74  {
75  set_associated_data(ad.data(), ad.size());
76  }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0

◆ set_key() [1/3]

template<typename Alloc >
void Botan::Cipher_Mode::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material

Definition at line 206 of file cipher_mode.h.

Referenced by botan_cipher_set_key().

207  {
208  set_key(key.data(), key.size());
209  }
void set_key(const std::vector< uint8_t, Alloc > &key)
Definition: cipher_mode.h:206

◆ set_key() [2/3]

void Botan::Cipher_Mode::set_key ( const SymmetricKey key)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material

Definition at line 215 of file cipher_mode.h.

References Botan::OctetString::begin(), and Botan::OctetString::length().

216  {
217  set_key(key.begin(), key.length());
218  }
void set_key(const std::vector< uint8_t, Alloc > &key)
Definition: cipher_mode.h:206

◆ set_key() [3/3]

void Botan::Cipher_Mode::set_key ( const uint8_t  key[],
size_t  length 
)
inlineinherited

Set the symmetric key of this transform

Parameters
keycontains the key material
lengthin bytes of key param

Definition at line 225 of file cipher_mode.h.

226  {
227  if(!valid_keylength(length))
228  throw Invalid_Key_Length(name(), length);
229  key_schedule(key, length);
230  }
virtual std::string name() const =0
bool valid_keylength(size_t length) const
Definition: cipher_mode.h:196

◆ start() [1/3]

template<typename Alloc >
void Botan::Cipher_Mode::start ( const std::vector< uint8_t, Alloc > &  nonce)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce

Definition at line 72 of file cipher_mode.h.

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

73  {
74  start_msg(nonce.data(), nonce.size());
75  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0

◆ start() [2/3]

void Botan::Cipher_Mode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 82 of file cipher_mode.h.

83  {
84  start_msg(nonce, nonce_len);
85  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0

◆ start() [3/3]

void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

Definition at line 90 of file cipher_mode.h.

91  {
92  return start_msg(nullptr, 0);
93  }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0

◆ tag_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size ( ) const
inlinefinaloverridevirtualinherited
Returns
the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 39 of file tls_cbc.h.

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and output_length().

39 { return m_tag_size; }

◆ update()

void Botan::Cipher_Mode::update ( secure_vector< uint8_t > &  buffer,
size_t  offset = 0 
)
inlineinherited

Process some data. Input must be in size update_granularity() uint8_t blocks.

Parameters
bufferin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 115 of file cipher_mode.h.

References BOTAN_ASSERT.

Referenced by botan_cipher_update(), Botan::XTS_Encryption::finish(), Botan::ChaCha20Poly1305_Encryption::finish(), Botan::CFB_Encryption::finish(), Botan::CBC_Encryption::finish(), Botan::EAX_Encryption::finish(), Botan::XTS_Decryption::finish(), Botan::CFB_Decryption::finish(), Botan::CTS_Encryption::finish(), Botan::CBC_Decryption::finish(), finish(), Botan::CTS_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

116  {
117  BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
118  uint8_t* buf = buffer.data() + offset;
119  const size_t buf_size = buffer.size() - offset;
120 
121  const size_t written = process(buf, buf_size);
122  buffer.resize(offset + written);
123  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:43
virtual size_t process(uint8_t msg[], size_t msg_len)=0

◆ update_granularity()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::update_granularity ( ) const
finaloverridevirtualinherited
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 71 of file tls_cbc.cpp.

72  {
73  return 1; // just buffers anyway
74  }

◆ use_encrypt_then_mac()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac ( ) const
inlineprotectedinherited

Definition at line 61 of file tls_cbc.h.

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), output_length(), and set_associated_data().

61 { return m_use_encrypt_then_mac; }

◆ valid_keylength()

bool Botan::Cipher_Mode::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 196 of file cipher_mode.h.

197  {
198  return key_spec().valid_keylength(length);
199  }
virtual Key_Length_Specification key_spec() const =0
bool valid_keylength(size_t length) const
Definition: key_spec.h:51

◆ valid_nonce_length()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::valid_nonce_length ( size_t  nonce_len) const
finaloverridevirtualinherited
Returns
true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 76 of file tls_cbc.cpp.

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size().

77  {
78  if(m_cbc_state.empty())
79  return nl == block_size();
80  return nl == iv_size();
81  }

The documentation for this class was generated from the following files: