Botan  2.11.0
Crypto and TLS for C++11
Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption Class Referencefinal

#include <tls_cbc.h>

Inheritance diagram for Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption:
Botan::TLS::TLS_CBC_HMAC_AEAD_Mode

Public Member Functions

void clear () override final
 
size_t default_nonce_length () const override final
 
void finish (secure_vector< uint8_t > &final_block, size_t offset=0) override
 
Key_Length_Specification key_spec () const override final
 
size_t minimum_final_size () const override
 
std::string name () const override final
 
size_t output_length (size_t input_length) const override
 
size_t process (uint8_t buf[], size_t sz) override final
 
void reset () override final
 
void set_associated_data (const uint8_t ad[], size_t ad_len) override
 
size_t tag_size () const override final
 
 TLS_CBC_HMAC_AEAD_Encryption (std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, const size_t cipher_keylen, const size_t mac_keylen, const Protocol_Version version, bool use_encrypt_then_mac)
 
size_t update_granularity () const override final
 
bool valid_nonce_length (size_t nl) const override final
 

Protected Member Functions

std::vector< uint8_t > & assoc_data ()
 
std::vector< uint8_t > assoc_data_with_len (uint16_t len)
 
size_t block_size () const
 
Cipher_Mode & cbc () const
 
secure_vector< uint8_t > & cbc_state ()
 
size_t cipher_keylen () const
 
bool is_datagram_protocol () const
 
size_t iv_size () const
 
MessageAuthenticationCode & mac () const
 
size_t mac_keylen () const
 
secure_vector< uint8_t > & msg ()
 
bool use_encrypt_then_mac () const
 

Detailed Description

TLS_CBC_HMAC_AEAD Encryption

Definition at line 106 of file tls_cbc.h.

Constructor & Destructor Documentation

◆ TLS_CBC_HMAC_AEAD_Encryption()

Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::TLS_CBC_HMAC_AEAD_Encryption ( std::unique_ptr< BlockCipher >  cipher,
std::unique_ptr< MessageAuthenticationCode >  mac,
const size_t  cipher_keylen,
const size_t  mac_keylen,
const Protocol_Version  version,
bool  use_encrypt_then_mac 
)
inline

Definition at line 111 of file tls_cbc.h.

117  :
119  std::move(cipher),
120  std::move(mac),
122  mac_keylen,
123  version,
125  {}
TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir direction, std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, size_t cipher_keylen, size_t mac_keylen, Protocol_Version version, bool use_encrypt_then_mac)
Definition: tls_cbc.cpp:26
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:68
void BlockCipher * cipher
Definition: package.h:29

Member Function Documentation

◆ assoc_data()

std::vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data ( )
inlineprotectedinherited

Definition at line 75 of file tls_cbc.h.

75 { return m_ad; }

Referenced by finish(), and set_associated_data().

◆ assoc_data_with_len()

std::vector< uint8_t > Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data_with_len ( uint16_t  len)
protectedinherited

Definition at line 122 of file tls_cbc.cpp.

123  {
124  std::vector<uint8_t> ad = m_ad;
125  BOTAN_ASSERT(ad.size() == 13, "Expected AAD size");
126  ad[11] = get_byte(0, len);
127  ad[12] = get_byte(1, len);
128  return ad;
129  }
std::string size_t len
Definition: pk_keys.h:305
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:39
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t size_t const uint8_t ad[]
Definition: argon2.h:87

References Botan::ad, BOTAN_ASSERT, Botan::get_byte(), and Botan::len.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ block_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size ( ) const
inlineprotectedinherited

◆ cbc()

Cipher_Mode& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc ( ) const
inlineprotectedinherited

Definition at line 66 of file tls_cbc.h.

66 { return *m_cbc; }

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

◆ cbc_state()

secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state ( )
inlineprotectedinherited

Definition at line 74 of file tls_cbc.h.

74 { return m_cbc_state; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

◆ cipher_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher_keylen ( ) const
inlineprotectedinherited

Definition at line 57 of file tls_cbc.h.

57 { return m_cipher_keylen; }

◆ clear()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear ( )
finaloverrideinherited

Definition at line 54 of file tls_cbc.cpp.

55  {
56  cbc().clear();
57  mac().clear();
58  reset();
59  }
Cipher_Mode & cbc() const
Definition: tls_cbc.h:66
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:68
void reset() override final
Definition: tls_cbc.cpp:61

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

◆ default_nonce_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::default_nonce_length ( ) const
inlinefinaloverrideinherited

Definition at line 42 of file tls_cbc.h.

42 { return m_iv_size; }

◆ finish()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish ( secure_vector< uint8_t > &  final_block,
size_t  offset = 0 
)
override

Definition at line 166 of file tls_cbc.cpp.

167  {
168  update(buffer, offset);
169  buffer.resize(offset); // truncate, leaving just header
170  const size_t header_size = offset;
171 
172  buffer.insert(buffer.end(), msg().begin(), msg().end());
173 
174  const size_t input_size = msg().size() + 1 + (use_encrypt_then_mac() ? 0 : tag_size());
175  const size_t enc_size = round_up(input_size, block_size());
176  const size_t pad_val = enc_size - input_size;
177  const size_t buf_size = enc_size + (use_encrypt_then_mac() ? tag_size() : 0);
178 
179  BOTAN_ASSERT(enc_size % block_size() == 0,
180  "Buffer is an even multiple of block size");
181 
182  mac().update(assoc_data());
183 
185  {
186  if(iv_size() > 0)
187  {
188  mac().update(cbc_state());
189  }
190 
191  for(size_t i = 0; i != pad_val + 1; ++i)
192  buffer.push_back(static_cast<uint8_t>(pad_val));
193  cbc_encrypt_record(&buffer[header_size], enc_size);
194  }
195 
196  // EtM also uses ciphertext size instead of plaintext size for AEAD input
197  const uint8_t* mac_input = (use_encrypt_then_mac() ? &buffer[header_size] : msg().data());
198  const size_t mac_input_len = (use_encrypt_then_mac() ? enc_size : msg().size());
199 
200  mac().update(mac_input, mac_input_len);
201 
202  buffer.resize(buffer.size() + tag_size());
203  mac().final(&buffer[buffer.size() - tag_size()]);
204 
205  if(use_encrypt_then_mac() == false)
206  {
207  for(size_t i = 0; i != pad_val + 1; ++i)
208  buffer.push_back(static_cast<uint8_t>(pad_val));
209  cbc_encrypt_record(&buffer[header_size], buf_size);
210  }
211  }
bool BigInt BigInt size_t size_t const std::vector< uint8_t > size_t offset
Definition: numthry.h:271
MessageAuthenticationCode & mac() const
Definition: tls_cbc.h:68
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:74
uint32_t uint8_t size_t size_t const uint8_t size_t input_size
Definition: ffi.h:512
size_t tag_size() const override final
Definition: tls_cbc.h:40
std::vector< uint8_t > & assoc_data()
Definition: tls_cbc.h:75
int(* update)(CTX *, const void *, CC_LONG len)
secure_vector< uint8_t > & msg()
Definition: tls_cbc.h:76
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), BOTAN_ASSERT, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state(), input_size, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg(), Botan::offset, Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), update, and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ is_datagram_protocol()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::is_datagram_protocol ( ) const
inlineprotectedinherited

Definition at line 64 of file tls_cbc.h.

64 { return m_is_datagram; }

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ iv_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size ( ) const
inlineprotectedinherited

◆ key_spec()

Key_Length_Specification Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::key_spec ( ) const
finaloverrideinherited

Definition at line 85 of file tls_cbc.cpp.

86  {
87  return Key_Length_Specification(m_cipher_keylen + m_mac_keylen);
88  }

◆ mac()

MessageAuthenticationCode& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac ( ) const
inlineprotectedinherited

Definition at line 68 of file tls_cbc.h.

69  {
70  BOTAN_ASSERT_NONNULL(m_mac);
71  return *m_mac;
72  }
#define BOTAN_ASSERT_NONNULL(ptr)
Definition: assert.h:107

References BOTAN_ASSERT_NONNULL.

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear(), finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode().

◆ mac_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac_keylen ( ) const
inlineprotectedinherited

Definition at line 58 of file tls_cbc.h.

58 { return m_mac_keylen; }

◆ minimum_final_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::minimum_final_size ( ) const
inlineoverride

Definition at line 131 of file tls_cbc.h.

131 { return 0; }

◆ msg()

secure_vector<uint8_t>& Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg ( )
inlineprotectedinherited

Definition at line 76 of file tls_cbc.h.

76 { return m_msg; }

Referenced by finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ name()

std::string Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::name ( ) const
finaloverrideinherited

Definition at line 68 of file tls_cbc.cpp.

69  {
70  return "TLS_CBC(" + m_cipher_name + "," + m_mac_name + ")";
71  }

◆ output_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length ( size_t  input_length) const
override

Definition at line 160 of file tls_cbc.cpp.

161  {
162  return round_up(input_length + 1 + (use_encrypt_then_mac() ? 0 : tag_size()), block_size()) +
163  (use_encrypt_then_mac() ? tag_size() : 0);
164  }
size_t const uint8_t size_t input_length
Definition: base32.h:30
size_t tag_size() const override final
Definition: tls_cbc.h:40
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::input_length, Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ process()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::process ( uint8_t  buf[],
size_t  sz 
)
finaloverrideinherited

Definition at line 116 of file tls_cbc.cpp.

117  {
118  m_msg.insert(m_msg.end(), buf, buf + sz);
119  return 0;
120  }
const uint8_t * buf
Definition: ffi.h:371

References buf.

◆ reset()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset ( )
finaloverrideinherited

Definition at line 61 of file tls_cbc.cpp.

62  {
63  cbc_state().clear();
64  m_ad.clear();
65  m_msg.clear();
66  }
secure_vector< uint8_t > & cbc_state()
Definition: tls_cbc.h:74

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

◆ set_associated_data()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)
override

Definition at line 138 of file tls_cbc.cpp.

139  {
141 
143  {
144  // AAD hack for EtM
145  const uint16_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]);
146  const uint16_t enc_size = static_cast<uint16_t>(round_up(iv_size() + pt_size + 1, block_size()));
147  assoc_data()[11] = get_byte<uint16_t>(0, enc_size);
148  assoc_data()[12] = get_byte<uint16_t>(1, enc_size);
149  }
150  }
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t size_t const uint8_t size_t ad_len
Definition: argon2.h:87
void set_associated_data(const uint8_t ad[], size_t ad_len) override
Definition: tls_cbc.cpp:131
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t size_t const uint8_t ad[]
Definition: argon2.h:87
std::vector< uint8_t > & assoc_data()
Definition: tls_cbc.h:75
constexpr uint16_t make_uint16(uint8_t i0, uint8_t i1)
Definition: loadstor.h:52
size_t round_up(size_t n, size_t align_to)
Definition: rounding.h:21

References Botan::ad, Botan::ad_len, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::make_uint16(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::set_associated_data(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ tag_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size ( ) const
inlinefinaloverrideinherited

Definition at line 40 of file tls_cbc.h.

40 { return m_tag_size; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and output_length().

◆ update_granularity()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::update_granularity ( ) const
finaloverrideinherited

Definition at line 73 of file tls_cbc.cpp.

74  {
75  return 1; // just buffers anyway
76  }

◆ use_encrypt_then_mac()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac ( ) const
inlineprotectedinherited

Definition at line 62 of file tls_cbc.h.

62 { return m_use_encrypt_then_mac; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), output_length(), and set_associated_data().

◆ valid_nonce_length()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::valid_nonce_length ( size_t  nl) const
finaloverrideinherited

Definition at line 78 of file tls_cbc.cpp.

79  {
80  if(m_cbc_state.empty())
81  return nl == block_size();
82  return nl == iv_size();
83  }
size_t nl
Definition: ffi.h:445

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), and nl.


The documentation for this class was generated from the following files: