10#include <botan/internal/poly_dbl.h>
16 m_cipher_block_size(m_cipher->block_size()),
17 m_cipher_parallelism(m_cipher->parallel_bytes())
24 m_tweak_cipher.reset(m_cipher->clone());
30 m_tweak_cipher->clear();
64void XTS_Mode::key_schedule(
const uint8_t key[],
size_t length)
66 const size_t key_half = length / 2;
68 if(length % 2 == 1 || !m_cipher->valid_keylength(key_half))
71 m_cipher->set_key(key, key_half);
72 m_tweak_cipher->set_key(&key[key_half], key_half);
75void XTS_Mode::start_msg(
const uint8_t nonce[],
size_t nonce_len)
78 throw Invalid_IV_Length(
name(), nonce_len);
81 copy_mem(m_tweak.data(), nonce, nonce_len);
82 m_tweak_cipher->encrypt(m_tweak.data());
89 const size_t BS = m_tweak_cipher->block_size();
96 for(
size_t i = 1; i < blocks_in_tweak; ++i)
111 size_t blocks = sz / BS;
117 const size_t to_proc = std::min(blocks, blocks_in_tweak);
132 BOTAN_ASSERT(buffer.size() >= offset,
"Offset is sane");
133 const size_t sz = buffer.size() - offset;
134 uint8_t* buf = buffer.data() + offset;
147 const size_t full_blocks = ((sz / BS) - 1) * BS;
148 const size_t final_bytes = sz - full_blocks;
149 BOTAN_ASSERT(final_bytes > BS && final_bytes < 2*BS,
"Left over size in expected range");
152 buffer.resize(full_blocks + offset);
159 for(
size_t i = 0; i != final_bytes - BS; ++i)
161 last[i] ^= last[i + BS];
162 last[i + BS] ^= last[i];
163 last[i] ^= last[i + BS];
185 size_t blocks = sz / BS;
191 const size_t to_proc = std::min(blocks, blocks_in_tweak);
206 BOTAN_ASSERT(buffer.size() >= offset,
"Offset is sane");
207 const size_t sz = buffer.size() - offset;
208 uint8_t* buf = buffer.data() + offset;
221 const size_t full_blocks = ((sz / BS) - 1) * BS;
222 const size_t final_bytes = sz - full_blocks;
223 BOTAN_ASSERT(final_bytes > BS && final_bytes < 2*BS,
"Left over size in expected range");
226 buffer.resize(full_blocks + offset);
233 for(
size_t i = 0; i != final_bytes - BS; ++i)
235 last[i] ^= last[i + BS];
236 last[i + BS] ^= last[i];
237 last[i] ^= last[i + BS];
#define BOTAN_STATE_CHECK(expr)
#define BOTAN_ASSERT(expr, assertion_made)
void encrypt(const uint8_t in[], uint8_t out[]) const
void decrypt(const uint8_t in[], uint8_t out[]) const
virtual void encrypt_n_xex(uint8_t data[], const uint8_t mask[], size_t blocks) const
virtual void decrypt_n_xex(uint8_t data[], const uint8_t mask[], size_t blocks) const
Key_Length_Specification multiple(size_t n) const
virtual std::string name() const =0
virtual Key_Length_Specification key_spec() const =0
size_t output_length(size_t input_length) const override
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
size_t process(uint8_t buf[], size_t size) override
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
size_t output_length(size_t input_length) const override
size_t process(uint8_t buf[], size_t size) override
std::string name() const override
const uint8_t * tweak() const
Key_Length_Specification key_spec() const override
size_t cipher_block_size() const
XTS_Mode(BlockCipher *cipher)
size_t minimum_final_size() const override
size_t update_granularity() const override
const BlockCipher & cipher() const
size_t default_nonce_length() const override
void update_tweak(size_t last_used)
bool valid_nonce_length(size_t n) const override
int(* update)(CTX *, const void *, CC_LONG len)
void poly_double_n_le(uint8_t out[], const uint8_t in[], size_t n)
void copy_mem(T *out, const T *in, size_t n)
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
bool poly_double_supported_size(size_t n)
std::vector< T, secure_allocator< T > > secure_vector