Botan 3.0.0-alpha0
Crypto and TLS for C&
mac.h
Go to the documentation of this file.
1/*
2* Base class for message authentiction codes
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_MESSAGE_AUTH_CODE_BASE_H_
9#define BOTAN_MESSAGE_AUTH_CODE_BASE_H_
10
11#include <botan/buf_comp.h>
12#include <botan/sym_algo.h>
13#include <string>
14#include <memory>
15
16namespace Botan {
17
18/**
19* This class represents Message Authentication Code (MAC) objects.
20*/
21class BOTAN_PUBLIC_API(2,0) MessageAuthenticationCode : public Buffered_Computation,
22 public SymmetricAlgorithm
23 {
24 public:
25 /**
26 * Create an instance based on a name
27 * If provider is empty then best available is chosen.
28 * @param algo_spec algorithm name
29 * @param provider provider implementation to use
30 * @return a null pointer if the algo/provider combination cannot be found
31 */
32 static std::unique_ptr<MessageAuthenticationCode>
33 create(const std::string& algo_spec,
34 const std::string& provider = "");
35
36 /*
37 * Create an instance based on a name
38 * If provider is empty then best available is chosen.
39 * @param algo_spec algorithm name
40 * @param provider provider implementation to use
41 * Throws a Lookup_Error if algo/provider combination cannot be found
42 */
43 static std::unique_ptr<MessageAuthenticationCode>
44 create_or_throw(const std::string& algo_spec,
45 const std::string& provider = "");
46
47 /**
48 * @return list of available providers for this algorithm, empty if not available
49 */
50 static std::vector<std::string> providers(const std::string& algo_spec);
51
52 virtual ~MessageAuthenticationCode() = default;
53
54 /**
55 * Prepare for processing a message under the specified nonce
56 *
57 * Most MACs neither require nor support a nonce; for these algorithms
58 * calling `start_msg` is optional and calling it with anything other than
59 * an empty string is an error. One MAC which *requires* a per-message
60 * nonce be specified is GMAC.
61 *
62 * @param nonce the message nonce bytes
63 * @param nonce_len the size of len in bytes
64 * Default implementation simply rejects all non-empty nonces
65 * since most hash/MAC algorithms do not support randomization
66 */
67 virtual void start_msg(const uint8_t nonce[], size_t nonce_len);
68
69 /**
70 * Begin processing a message with a nonce
71 *
72 * @param nonce the per message nonce
73 */
74 template<typename Alloc>
75 void start(const std::vector<uint8_t, Alloc>& nonce)
76 {
77 start_msg(nonce.data(), nonce.size());
78 }
79
80 /**
81 * Begin processing a message.
82 * @param nonce the per message nonce
83 * @param nonce_len length of nonce
84 */
85 void start(const uint8_t nonce[], size_t nonce_len)
86 {
87 start_msg(nonce, nonce_len);
88 }
89
90 /**
91 * Begin processing a message.
92 */
93 void start()
94 {
95 return start_msg(nullptr, 0);
96 }
97
98 /**
99 * Verify a MAC.
100 * @param in the MAC to verify as a byte array
101 * @param length the length of param in
102 * @return true if the MAC is valid, false otherwise
103 */
104 virtual bool verify_mac(const uint8_t in[], size_t length);
105
106 /**
107 * Verify a MAC.
108 * @param in the MAC to verify as a byte array
109 * @return true if the MAC is valid, false otherwise
110 */
111 virtual bool verify_mac(const std::vector<uint8_t>& in)
112 {
113 return verify_mac(in.data(), in.size());
114 }
115
116 /**
117 * Verify a MAC.
118 * @param in the MAC to verify as a byte array
119 * @return true if the MAC is valid, false otherwise
120 */
121 virtual bool verify_mac(const secure_vector<uint8_t>& in)
122 {
123 return verify_mac(in.data(), in.size());
124 }
125
126 /**
127 * @return new object representing the same algorithm as *this
128 */
129 virtual std::unique_ptr<MessageAuthenticationCode> new_object() const = 0;
130
131 /**
132 * Get a new object representing the same algorithm as *this
133 */
134 MessageAuthenticationCode* clone() const
135 {
136 return this->new_object().release();
137 }
138
139 /**
140 * @return provider information about this implementation. Default is "base",
141 * might also return "sse2", "avx2", "openssl", or some other arbitrary string.
142 */
143 virtual std::string provider() const { return "base"; }
144
145 /**
146 * @return if a fresh key must be set for each message that is processed.
147 *
148 * This is required for certain polynomial-based MACs which are insecure
149 * if a key is ever reused for two different messages.
150 */
151 virtual bool fresh_key_required_per_message() const { return false; }
152 };
153
154typedef MessageAuthenticationCode MAC;
155
156}
157
158#endif
Botan::Buffered_Computation
Definition: buf_comp.h:21
Botan::MessageAuthenticationCode::verify_mac
virtual bool verify_mac(const std::vector< uint8_t > &in)
Definition: mac.h:111
Botan::MessageAuthenticationCode::fresh_key_required_per_message
virtual bool fresh_key_required_per_message() const
Definition: mac.h:151
Botan::MessageAuthenticationCode::new_object
virtual std::unique_ptr< MessageAuthenticationCode > new_object() const =0
Botan::MessageAuthenticationCode::provider
virtual std::string provider() const
Definition: mac.h:143
Botan::MessageAuthenticationCode::~MessageAuthenticationCode
virtual ~MessageAuthenticationCode()=default
Botan::MessageAuthenticationCode::verify_mac
virtual bool verify_mac(const secure_vector< uint8_t > &in)
Definition: mac.h:121
Botan::MessageAuthenticationCode::clone
MessageAuthenticationCode * clone() const
Definition: mac.h:134
Botan::MessageAuthenticationCode::start
void start(const std::vector< uint8_t, Alloc > &nonce)
Definition: mac.h:75
Botan::MessageAuthenticationCode::start
void start(const uint8_t nonce[], size_t nonce_len)
Definition: mac.h:85
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
Botan
Definition: alg_id.cpp:13
Botan::MAC
MessageAuthenticationCode MAC
Definition: mac.h:154
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
Generated by doxygen 1.9.3