Botan 3.0.0
Crypto and TLS for C&
|
#include <tls_cbc.h>
Public Member Functions | |
virtual bool | associated_data_requires_key () const |
bool | authenticated () const |
void | clear () override final |
size_t | default_nonce_length () const override final |
void | finish (secure_vector< uint8_t > &final_block, size_t offset=0) |
template<concepts::resizable_byte_buffer T> | |
void | finish (T &final_block, size_t offset=0) |
bool | has_keying_material () const override final |
size_t | ideal_granularity () const override final |
Key_Length_Specification | key_spec () const override final |
virtual size_t | maximum_associated_data_inputs () const |
size_t | maximum_keylength () const |
virtual size_t | minimum_final_size () const =0 |
size_t | minimum_keylength () const |
std::string | name () const override final |
virtual size_t | output_length (size_t input_length) const =0 |
size_t | process (std::span< uint8_t > msg) |
size_t | process (uint8_t msg[], size_t msg_len) |
virtual std::string | provider () const |
virtual bool | requires_entire_message () const |
void | reset () override final |
void | set_ad (std::span< const uint8_t > ad) |
void | set_associated_data (const uint8_t ad[], size_t ad_len) |
void | set_associated_data (std::span< const uint8_t > ad) |
void | set_associated_data_n (size_t idx, std::span< const uint8_t > ad) override |
template<typename Alloc > | |
void | set_associated_data_vec (const std::vector< uint8_t, Alloc > &ad) |
void | set_key (const SymmetricKey &key) |
void | set_key (const uint8_t key[], size_t length) |
void | set_key (std::span< const uint8_t > key) |
void | start () |
void | start (const uint8_t nonce[], size_t nonce_len) |
void | start (std::span< const uint8_t > nonce) |
size_t | tag_size () const override final |
template<concepts::resizable_byte_buffer T> | |
void | update (T &buffer, size_t offset=0) |
size_t | update_granularity () const override final |
bool | valid_keylength (size_t length) const |
bool | valid_nonce_length (size_t nl) const override final |
Static Public Member Functions | |
static std::unique_ptr< AEAD_Mode > | create (std::string_view algo, Cipher_Dir direction, std::string_view provider="") |
static std::unique_ptr< AEAD_Mode > | create_or_throw (std::string_view algo, Cipher_Dir direction, std::string_view provider="") |
static std::vector< std::string > | providers (std::string_view algo_spec) |
Protected Member Functions | |
void | assert_key_material_set () const |
void | assert_key_material_set (bool predicate) const |
std::vector< uint8_t > & | assoc_data () |
std::vector< uint8_t > | assoc_data_with_len (uint16_t len) |
size_t | block_size () const |
Cipher_Mode & | cbc () const |
secure_vector< uint8_t > & | cbc_state () |
size_t | cipher_keylen () const |
virtual void | finish_msg (secure_vector< uint8_t > &final_block, size_t offset=0)=0 |
bool | is_datagram_protocol () const |
size_t | iv_size () const |
MessageAuthenticationCode & | mac () const |
size_t | mac_keylen () const |
secure_vector< uint8_t > & | msg () |
TLS_CBC_HMAC_AEAD_Mode (Cipher_Dir direction, std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, size_t cipher_keylen, size_t mac_keylen, Protocol_Version version, bool use_encrypt_then_mac) | |
bool | use_encrypt_then_mac () const |
TLS CBC+HMAC AEAD base class (GenericBlockCipher in TLS spec) This is the weird TLS-specific mode, not for general consumption.
|
protected |
Definition at line 25 of file tls_cbc.cpp.
References Botan::Encryption, Botan::TLS::Protocol_Version::is_datagram_protocol(), mac(), and Botan::Buffered_Computation::output_length().
|
inlineprotectedinherited |
Definition at line 182 of file sym_algo.h.
Referenced by Botan::Salsa20::cipher_bytes(), Botan::AES_128::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::DES::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::Lion::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::AES_128::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::DES::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::Lion::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::GHASH::final(), Botan::GHASH::ghash_update(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::OCB_Mode::set_associated_data_n(), Botan::Salsa20::set_iv_bytes(), Botan::GHASH::update(), and Botan::GHASH::update_associated_data().
|
inlineprotectedinherited |
Definition at line 187 of file sym_algo.h.
|
inlineprotected |
Definition at line 76 of file tls_cbc.h.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data_n().
|
protected |
Definition at line 132 of file tls_cbc.cpp.
References BOTAN_ASSERT.
|
inlinevirtualinherited |
Most AEADs require the key to be set prior to setting the AD A few allow the AD to be set even before the cipher is keyed. Such ciphers would return false from this function.
Reimplemented in Botan::ChaCha20Poly1305_Mode, and Botan::CCM_Mode.
Definition at line 100 of file aead.h.
|
inlineinherited |
Definition at line 239 of file cipher_mode.h.
|
inlineprotected |
Definition at line 61 of file tls_cbc.h.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length(), Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data_n(), and valid_nonce_length().
|
inlineprotected |
Definition at line 67 of file tls_cbc.h.
Referenced by clear(), and has_keying_material().
|
inlineprotected |
|
inlineprotected |
|
finaloverridevirtual |
Reset the internal state. This includes not just the key, but any partial message that may have been in process.
Implements Botan::SymmetricAlgorithm.
Definition at line 54 of file tls_cbc.cpp.
References cbc(), Botan::SymmetricAlgorithm::clear(), mac(), and reset().
|
staticinherited |
Create an AEAD mode
algo | the algorithm to create |
direction | specify if this should be an encryption or decryption AEAD |
provider | optional specification for provider to use |
Definition at line 52 of file aead.cpp.
References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::AEAD_Mode::create(), Botan::BlockCipher::create(), Botan::Encryption, Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().
Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::get_aead().
|
staticinherited |
Create an AEAD mode, or throw
algo | the algorithm to create |
direction | specify if this should be an encryption or decryption AEAD |
provider | optional specification for provider to use |
Definition at line 42 of file aead.cpp.
References Botan::AEAD_Mode::create(), and Botan::Cipher_Mode::provider().
Referenced by Botan::TLS::Cipher_State::advance_with_server_hello(), Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::TLS::Session::decrypt(), and Botan::TLS::Session::encrypt().
|
inlinefinaloverridevirtual |
Reimplemented from Botan::AEAD_Mode.
Definition at line 42 of file tls_cbc.h.
|
inlineinherited |
Complete processing of a message.
final_block | in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output |
offset | an offset into final_block to begin processing |
Definition at line 158 of file cipher_mode.h.
Referenced by botan_cipher_update(), and Botan::TLS::write_record().
|
inlineinherited |
Complete procession of a message.
Note: Using this overload with anything but a Botan::secure_vector<> is copying the bytes in the in/out buffer.
final_block | in/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output |
offset | an offset into final_block to begin processing |
Definition at line 174 of file cipher_mode.h.
|
protectedpure virtualinherited |
|
finaloverridevirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 95 of file tls_cbc.cpp.
References cbc(), Botan::SymmetricAlgorithm::has_keying_material(), and mac().
|
finaloverridevirtual |
Return an ideal granularity. This will be a multiple of the result of update_granularity but may be larger. If so it indicates that better performance may be achieved by providing buffers that are at least that size.
Implements Botan::Cipher_Mode.
Definition at line 78 of file tls_cbc.cpp.
|
inlineprotected |
|
inlineprotected |
Definition at line 60 of file tls_cbc.h.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data_n(), and valid_nonce_length().
|
finaloverridevirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 90 of file tls_cbc.cpp.
|
inlineprotected |
Definition at line 69 of file tls_cbc.h.
References BOTAN_ASSERT_NONNULL.
Referenced by clear(), has_keying_material(), and TLS_CBC_HMAC_AEAD_Mode().
|
inlineprotected |
|
inlinevirtualinherited |
Returns the maximum supported number of associated data inputs which can be provided to set_associated_data_n
If returns 0, then no associated data is supported.
Reimplemented in Botan::SIV_Mode.
Definition at line 93 of file aead.h.
|
inlineinherited |
Definition at line 123 of file sym_algo.h.
|
pure virtualinherited |
Implemented in Botan::CCM_Encryption, Botan::CCM_Decryption, Botan::ChaCha20Poly1305_Encryption, Botan::ChaCha20Poly1305_Decryption, Botan::EAX_Encryption, Botan::EAX_Decryption, Botan::GCM_Encryption, Botan::GCM_Decryption, Botan::OCB_Encryption, Botan::OCB_Decryption, Botan::SIV_Encryption, Botan::SIV_Decryption, Botan::CBC_Encryption, Botan::CTS_Encryption, Botan::CBC_Decryption, Botan::CTS_Decryption, Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption, Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption, Botan::CFB_Mode, and Botan::XTS_Mode.
|
inlineinherited |
Definition at line 131 of file sym_algo.h.
|
inlineprotected |
|
finaloverridevirtual |
Implements Botan::SymmetricAlgorithm.
Definition at line 68 of file tls_cbc.cpp.
|
pure virtualinherited |
Returns the size of the output if this transform is used to process a message with input_length bytes. In most cases the answer is precise. If it is not possible to precise (namely for CBC decryption) instead an upper bound is returned.
Implemented in Botan::CCM_Encryption, Botan::CCM_Decryption, Botan::ChaCha20Poly1305_Encryption, Botan::ChaCha20Poly1305_Decryption, Botan::EAX_Encryption, Botan::EAX_Decryption, Botan::GCM_Encryption, Botan::GCM_Decryption, Botan::OCB_Encryption, Botan::OCB_Decryption, Botan::SIV_Encryption, Botan::SIV_Decryption, Botan::CBC_Encryption, Botan::CTS_Encryption, Botan::CBC_Decryption, Botan::XTS_Encryption, Botan::XTS_Decryption, Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption, Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption, and Botan::CFB_Mode.
Referenced by Botan::TLS::write_record().
|
inlineinherited |
Process message blocks
Input must be a multiple of update_granularity
Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).
msg | the message to be processed |
Definition at line 133 of file cipher_mode.h.
|
inlineinherited |
Definition at line 135 of file cipher_mode.h.
|
inlinevirtualinherited |
Reimplemented in Botan::GCM_Mode.
Definition at line 250 of file cipher_mode.h.
Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::Cipher_Mode::create_or_throw().
|
staticinherited |
algo_spec | algorithm name |
Definition at line 172 of file cipher_mode.cpp.
References Botan::Cipher_Mode::create(), Botan::Encryption, and Botan::Cipher_Mode::providers().
Referenced by Botan::Cipher_Mode::providers().
|
inlinevirtualinherited |
Certain modes require the entire message be available before any processing can occur. For such modes, input will be consumed but not returned, until finish
is called, which returns the entire message.
This function returns true if this mode has this style of operation.
Reimplemented in Botan::CCM_Mode, and Botan::SIV_Mode.
Definition at line 212 of file cipher_mode.h.
|
finaloverridevirtual |
Resets just the message specific state and allows encrypting again under the existing key
Implements Botan::Cipher_Mode.
Definition at line 61 of file tls_cbc.cpp.
References cbc_state().
Referenced by clear().
|
inlineinherited |
Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.
ad | the associated data |
Definition at line 128 of file aead.h.
|
inlineinherited |
Definition at line 62 of file aead.h.
|
inlineinherited |
Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.
Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.
ad | the associated data |
Definition at line 60 of file aead.h.
Referenced by Botan::TLS::write_record().
|
overridevirtual |
Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.
Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.
Some AEADs (namely SIV) support multiple AD inputs. For all other modes only nominal AD input 0 is supported; all other values of idx will cause an exception.
Derived AEADs must implement this. For AEADs where maximum_associated_data_inputs()
returns 1 (the default), the idx
must simply be ignored.
idx | which associated data to set |
ad | the associated data |
Implements Botan::AEAD_Mode.
Reimplemented in Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption.
Definition at line 141 of file tls_cbc.cpp.
References BOTAN_ARG_CHECK.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data_n().
|
inlineinherited |
Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.
ad | the associated data |
|
inlineinherited |
Set the symmetric key of this object.
key | the SymmetricKey to be set. |
Definition at line 150 of file sym_algo.h.
References Botan::OctetString::begin(), and Botan::OctetString::length().
Referenced by Botan::Sodium::crypto_stream_salsa20(), Botan::Sodium::crypto_stream_salsa20_xor_ic(), Botan::Sodium::crypto_stream_xsalsa20(), Botan::Sodium::crypto_stream_xsalsa20_xor_ic(), Botan::FPE::fe1_decrypt(), Botan::FPE::fe1_encrypt(), and Botan::Sodium::randombytes_buf_deterministic().
|
inherited |
Set the symmetric key of this object.
key | the to be set as a byte array. |
length | in bytes of key param |
Definition at line 17 of file sym_algo.cpp.
References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().
|
inlineinherited |
Set the symmetric key of this object.
key | the contiguous byte range to be set. |
Definition at line 159 of file sym_algo.h.
|
inlineinherited |
Begin processing a message.
The exact semantics of this depend on the mode. For many modes, the call will fail since a nonce must be provided.
For certain modes such as CBC this will instead cause the last ciphertext block to be used as the nonce of the new message; doing this isn't a good idea, but some (mostly older) protocols do this.
Definition at line 115 of file cipher_mode.h.
|
inlineinherited |
Begin processing a message with a fresh nonce.
nonce | the per message nonce |
nonce_len | length of nonce |
Definition at line 100 of file cipher_mode.h.
|
inlineinherited |
Begin processing a message with a fresh nonce.
nonce | the per message nonce |
Definition at line 90 of file cipher_mode.h.
Referenced by botan_cipher_start(), and Botan::TLS::write_record().
|
inlinefinaloverridevirtual |
Reimplemented from Botan::Cipher_Mode.
Definition at line 40 of file tls_cbc.h.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length().
|
inlineinherited |
Process some data. Input must be in size update_granularity() uint8_t blocks.
buffer | in/out parameter which will possibly be resized |
offset | an offset into blocks to begin processing |
Definition at line 144 of file cipher_mode.h.
References BOTAN_ASSERT.
Referenced by botan_cipher_update().
|
finaloverridevirtual |
Implements Botan::Cipher_Mode.
Definition at line 73 of file tls_cbc.cpp.
|
inlineprotected |
Definition at line 63 of file tls_cbc.h.
Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data_n().
|
inlineinherited |
Check whether a given key length is valid for this algorithm.
length | the key length to be checked. |
Definition at line 141 of file sym_algo.h.
Referenced by Botan::SymmetricAlgorithm::set_key().
|
finaloverridevirtual |
Implements Botan::Cipher_Mode.
Definition at line 83 of file tls_cbc.cpp.
References block_size(), and iv_size().