Botan  2.4.0
Crypto and TLS for C++11
ocb.h
Go to the documentation of this file.
1 /*
2 * OCB Mode
3 * (C) 2013,2014 Jack Lloyd
4 * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_AEAD_OCB_H_
10 #define BOTAN_AEAD_OCB_H_
11 
12 #include <botan/aead.h>
13 
14 namespace Botan {
15 
16 class BlockCipher;
17 class L_computer;
18 
19 /**
20 * OCB Mode (base class for OCB_Encryption and OCB_Decryption). Note
21 * that OCB is patented, but is freely licensed in some circumstances.
22 *
23 * @see "The OCB Authenticated-Encryption Algorithm" RFC 7253
24 * https://tools.ietf.org/html/rfc7253
25 * @see "OCB For Block Ciphers Without 128-Bit Blocks"
26 * (draft-krovetz-ocb-wide-d3) for the extension of OCB to
27 * block ciphers with larger block sizes.
28 * @see Free Licenses http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm
29 * @see OCB home page http://www.cs.ucdavis.edu/~rogaway/ocb
30 */
31 class BOTAN_PUBLIC_API(2,0) OCB_Mode : public AEAD_Mode
32  {
33  public:
34  void set_associated_data(const uint8_t ad[], size_t ad_len) override;
35 
36  std::string name() const override;
37 
38  size_t update_granularity() const override;
39 
40  Key_Length_Specification key_spec() const override;
41 
42  bool valid_nonce_length(size_t) const override;
43 
44  size_t tag_size() const override { return m_tag_size; }
45 
46  void clear() override;
47 
48  void reset() override;
49 
50  ~OCB_Mode();
51  protected:
52  /**
53  * @param cipher the block cipher to use
54  * @param tag_size is how big the auth tag will be
55  */
56  OCB_Mode(BlockCipher* cipher, size_t tag_size);
57 
58  size_t block_size() const { return m_block_size; }
59  size_t par_blocks() const { return m_par_blocks; }
60  size_t par_bytes() const { return m_checksum.size(); }
61 
62  // fixme make these private
63  std::unique_ptr<BlockCipher> m_cipher;
64  std::unique_ptr<L_computer> m_L;
65 
66  size_t m_block_index = 0;
67 
70  private:
71  void start_msg(const uint8_t nonce[], size_t nonce_len) override;
72 
73  void key_schedule(const uint8_t key[], size_t length) override;
74 
75  secure_vector<uint8_t> update_nonce(const uint8_t nonce[], size_t nonce_len);
76 
77  const size_t m_tag_size;
78  const size_t m_block_size;
79  const size_t m_par_blocks;
80  secure_vector<uint8_t> m_last_nonce;
81  secure_vector<uint8_t> m_stretch;
82  };
83 
84 class BOTAN_PUBLIC_API(2,0) OCB_Encryption final : public OCB_Mode
85  {
86  public:
87  /**
88  * @param cipher the block cipher to use
89  * @param tag_size is how big the auth tag will be
90  */
91  OCB_Encryption(BlockCipher* cipher, size_t tag_size = 16) :
92  OCB_Mode(cipher, tag_size) {}
93 
94  size_t output_length(size_t input_length) const override
95  { return input_length + tag_size(); }
96 
97  size_t minimum_final_size() const override { return 0; }
98 
99  size_t process(uint8_t buf[], size_t size) override;
100 
101  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
102  private:
103  void encrypt(uint8_t input[], size_t blocks);
104  };
105 
106 class BOTAN_PUBLIC_API(2,0) OCB_Decryption final : public OCB_Mode
107  {
108  public:
109  /**
110  * @param cipher the block cipher to use
111  * @param tag_size is how big the auth tag will be
112  */
113  OCB_Decryption(BlockCipher* cipher, size_t tag_size = 16) :
114  OCB_Mode(cipher, tag_size) {}
115 
116  size_t output_length(size_t input_length) const override
117  {
118  BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
119  return input_length - tag_size();
120  }
121 
122  size_t minimum_final_size() const override { return tag_size(); }
123 
124  size_t process(uint8_t buf[], size_t size) override;
125 
126  void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
127  private:
128  void decrypt(uint8_t input[], size_t blocks);
129  };
130 
131 }
132 
133 #endif
std::unique_ptr< BlockCipher > m_cipher
Definition: ocb.h:63
size_t output_length(size_t input_length) const override
Definition: ocb.h:116
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
size_t tag_size() const override
Definition: ocb.h:44
size_t par_blocks() const
Definition: ocb.h:59
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:29
OCB_Decryption(BlockCipher *cipher, size_t tag_size=16)
Definition: ocb.h:113
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
Definition: cryptobox.cpp:162
OCB_Encryption(BlockCipher *cipher, size_t tag_size=16)
Definition: ocb.h:91
Definition: alg_id.cpp:13
std::unique_ptr< L_computer > m_L
Definition: ocb.h:64
size_t output_length(size_t input_length) const override
Definition: ocb.h:94
size_t block_size() const
Definition: ocb.h:58
secure_vector< uint8_t > m_ad_hash
Definition: ocb.h:69
size_t minimum_final_size() const override
Definition: ocb.h:122
secure_vector< uint8_t > m_checksum
Definition: ocb.h:68
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
size_t minimum_final_size() const override
Definition: ocb.h:97
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
Definition: cryptobox.cpp:43
size_t par_bytes() const
Definition: ocb.h:60