Botan 3.12.0
Crypto and TLS for C&
tls_null.h
Go to the documentation of this file.
1/*
2* TLS Null Cipher Handling
3* (C) 2024 Sebastian Ahrens, Dirk Dobkowitz, André Schomburg (Volkswagen AG)
4* (C) 2024 Lars Dürkop (CARIAD SE)
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_TLS_NULL_HMAC_AEAD_H_
10#define BOTAN_TLS_NULL_HMAC_AEAD_H_
11
12#include <botan/aead.h>
13#include <botan/mac.h>
14#include <botan/tls_version.h>
15
16namespace Botan::TLS {
17
18/**
19* TLS NULL+HMAC AEAD base class (GenericStreamCipher in TLS spec)
20*/
21class BOTAN_TEST_API TLS_NULL_HMAC_AEAD_Mode : public AEAD_Mode {
22 public:
23 std::string name() const final;
24
25 void set_associated_data_n(size_t idx, std::span<const uint8_t> ad) override;
26
27 size_t update_granularity() const final;
28
29 size_t ideal_granularity() const final;
30
31 Key_Length_Specification key_spec() const final;
32
33 bool valid_nonce_length(size_t nl) const final;
34
35 size_t tag_size() const final { return m_tag_size; }
36
37 void clear() final;
38
39 void reset() final;
40
41 bool has_keying_material() const final;
42
43 protected:
44 TLS_NULL_HMAC_AEAD_Mode(std::unique_ptr<MessageAuthenticationCode> mac, size_t mac_keylen);
45
46 size_t mac_keylen() const;
47
48 MessageAuthenticationCode& mac() const;
49
50 private:
51 void start_msg(const uint8_t nonce[], size_t nonce_len) final;
52 size_t process_msg(uint8_t buf[], size_t sz) final;
53
54 void key_schedule(std::span<const uint8_t> key) final;
55
56 const std::string m_mac_name;
57 size_t m_mac_keylen;
58 size_t m_tag_size;
59
60 secure_vector<uint8_t> m_key;
61 std::unique_ptr<MessageAuthenticationCode> m_mac;
62
63 // Per the AEAD_Mode contract, associated data set via
64 // set_associated_data persists across messages until reset. finish_msg
65 // calls mac().final() which clears the internal state, so we cache the
66 // AD here and re-feed it at start_msg time.
67 std::vector<uint8_t> m_ad;
68
69 // Single-call contract for process_msg: the TLS record code path is
70 // expected to MAC the entire record in one shot via finish_msg. A second
71 // process_msg call between start_msg and finish_msg would re-feed bytes
72 // to the MAC and produce a tag covering them twice; this flag is
73 // asserted to catch any such future misuse.
74 bool m_processed = false;
75};
76
77/**
78* TLS_NULL_HMAC_AEAD Encryption
79*/
80class BOTAN_TEST_API TLS_NULL_HMAC_AEAD_Encryption final : public TLS_NULL_HMAC_AEAD_Mode {
81 public:
82 TLS_NULL_HMAC_AEAD_Encryption(std::unique_ptr<MessageAuthenticationCode> mac, const size_t mac_keylen) :
83 TLS_NULL_HMAC_AEAD_Mode(std::move(mac), mac_keylen) {}
84
85 void set_associated_data_n(size_t idx, std::span<const uint8_t> ad) override;
86
87 size_t output_length(size_t input_length) const override;
88
89 size_t minimum_final_size() const override { return 0; }
90
91 private:
92 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
93};
94
95/**
96* TLS_NULL_HMAC_AEAD Decryption
97*/
98class BOTAN_TEST_API TLS_NULL_HMAC_AEAD_Decryption final : public TLS_NULL_HMAC_AEAD_Mode {
99 public:
100 TLS_NULL_HMAC_AEAD_Decryption(std::unique_ptr<MessageAuthenticationCode> mac, const size_t mac_keylen) :
101 TLS_NULL_HMAC_AEAD_Mode(std::move(mac), mac_keylen) {}
102
103 size_t output_length(size_t input_length) const override;
104
105 size_t minimum_final_size() const override { return tag_size(); }
106
107 void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
108};
109
110} // namespace Botan::TLS
111
112#endif
BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:41
Botan::AEAD_Mode
Definition aead.h:24
Botan::Key_Length_Specification
Definition sym_algo.h:22
Botan::TLS::TLS_NULL_HMAC_AEAD_Decryption::TLS_NULL_HMAC_AEAD_Decryption
TLS_NULL_HMAC_AEAD_Decryption(std::unique_ptr< MessageAuthenticationCode > mac, const size_t mac_keylen)
Definition tls_null.h:100
Botan::TLS::TLS_NULL_HMAC_AEAD_Decryption::minimum_final_size
size_t minimum_final_size() const override
Definition tls_null.h:105
Botan::TLS::TLS_NULL_HMAC_AEAD_Encryption::minimum_final_size
size_t minimum_final_size() const override
Definition tls_null.h:89
Botan::TLS::TLS_NULL_HMAC_AEAD_Encryption::TLS_NULL_HMAC_AEAD_Encryption
TLS_NULL_HMAC_AEAD_Encryption(std::unique_ptr< MessageAuthenticationCode > mac, const size_t mac_keylen)
Definition tls_null.h:82
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode
Definition tls_null.h:21
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::update_granularity
size_t update_granularity() const final
Definition tls_null.cpp:44
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::ideal_granularity
size_t ideal_granularity() const final
Definition tls_null.cpp:48
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::set_associated_data_n
void set_associated_data_n(size_t idx, std::span< const uint8_t > ad) override
Definition tls_null.cpp:111
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::mac
MessageAuthenticationCode & mac() const
Definition tls_null.cpp:68
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::key_spec
Key_Length_Specification key_spec() const final
Definition tls_null.cpp:56
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::mac_keylen
size_t mac_keylen() const
Definition tls_null.cpp:64
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::name
std::string name() const final
Definition tls_null.cpp:40
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::valid_nonce_length
bool valid_nonce_length(size_t nl) const final
Definition tls_null.cpp:52
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::TLS_NULL_HMAC_AEAD_Mode
TLS_NULL_HMAC_AEAD_Mode(std::unique_ptr< MessageAuthenticationCode > mac, size_t mac_keylen)
Definition tls_null.cpp:22
Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::tag_size
size_t tag_size() const final
Definition tls_null.h:35
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:68
Generated by doxygen 1.16.1