Botan 3.5.0
Crypto and TLS for C&
siv.h
Go to the documentation of this file.
1/*
2* SIV Mode
3* (C) 2013 Jack Lloyd
4* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_AEAD_SIV_H_
10#define BOTAN_AEAD_SIV_H_
11
12#include <botan/aead.h>
13#include <botan/block_cipher.h>
14#include <botan/stream_cipher.h>
15
16namespace Botan {
17
18class MessageAuthenticationCode;
19
20/**
21* Base class for SIV encryption and decryption (@see RFC 5297)
22*/
24 public:
25 /**
26 * Sets the nth element of the vector of associated data
27 * @param n index into the AD vector
28 * @param ad associated data
29 */
30 void set_associated_data_n(size_t n, std::span<const uint8_t> ad) override final;
31
32 size_t maximum_associated_data_inputs() const override final;
33
34 std::string name() const override final;
35
36 size_t update_granularity() const override final;
37
38 size_t ideal_granularity() const override final;
39
40 Key_Length_Specification key_spec() const override final;
41
42 bool valid_nonce_length(size_t) const override final;
43
44 bool requires_entire_message() const override final;
45
46 void clear() override final;
47
48 void reset() override final;
49
50 size_t tag_size() const override final { return 16; }
51
52 bool has_keying_material() const override final;
53
55
56 protected:
57 explicit SIV_Mode(std::unique_ptr<BlockCipher> cipher);
58
59 size_t block_size() const { return m_bs; }
60
61 StreamCipher& ctr() { return *m_ctr; }
62
63 void set_ctr_iv(secure_vector<uint8_t> V);
64
65 secure_vector<uint8_t>& msg_buf() { return m_msg_buf; }
66
67 secure_vector<uint8_t> S2V(const uint8_t text[], size_t text_len);
68
69 private:
70 void start_msg(const uint8_t nonce[], size_t nonce_len) override final;
71 size_t process_msg(uint8_t buf[], size_t size) override final;
72
73 void key_schedule(std::span<const uint8_t> key) override final;
74
75 const std::string m_name;
76 const size_t m_bs;
77
78 std::unique_ptr<StreamCipher> m_ctr;
79 std::unique_ptr<MessageAuthenticationCode> m_mac;
80 secure_vector<uint8_t> m_nonce, m_msg_buf;
81 std::vector<secure_vector<uint8_t>> m_ad_macs;
82};
83
84/**
85* SIV Encryption
86*/
88 public:
89 /**
90 * @param cipher a block cipher
91 */
92 explicit SIV_Encryption(std::unique_ptr<BlockCipher> cipher) : SIV_Mode(std::move(cipher)) {}
93
94 size_t output_length(size_t input_length) const override { return input_length + tag_size(); }
95
96 size_t minimum_final_size() const override { return 0; }
97
98 private:
99 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
100};
101
102/**
103* SIV Decryption
104*/
106 public:
107 /**
108 * @param cipher a 128-bit block cipher
109 */
110 explicit SIV_Decryption(std::unique_ptr<BlockCipher> cipher) : SIV_Mode(std::move(cipher)) {}
111
112 size_t output_length(size_t input_length) const override {
113 BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
114 return input_length - tag_size();
115 }
116
117 size_t minimum_final_size() const override { return tag_size(); }
118
119 private:
120 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
121};
122
123} // namespace Botan
124
125#endif
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:50
SIV_Decryption(std::unique_ptr< BlockCipher > cipher)
Definition siv.h:110
size_t minimum_final_size() const override
Definition siv.h:117
size_t output_length(size_t input_length) const override
Definition siv.h:112
SIV_Encryption(std::unique_ptr< BlockCipher > cipher)
Definition siv.h:92
size_t minimum_final_size() const override
Definition siv.h:96
size_t output_length(size_t input_length) const override
Definition siv.h:94
StreamCipher & ctr()
Definition siv.h:61
secure_vector< uint8_t > & msg_buf()
Definition siv.h:65
size_t tag_size() const override final
Definition siv.h:50
std::string name
int(* final)(unsigned char *, CTX *)
#define BOTAN_TEST_API
Definition compiler.h:51
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61