Botan 2.19.3
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption Class Referencefinal

#include <tls_cbc.h>

Inheritance diagram for Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption:
Botan::TLS::TLS_CBC_HMAC_AEAD_Mode Botan::AEAD_Mode Botan::Cipher_Mode Botan::SymmetricAlgorithm

Public Member Functions

virtual bool associated_data_requires_key () const
 
bool authenticated () const override
 
void clear () override final
 
size_t default_nonce_length () const override final
 
void finish (secure_vector< uint8_t > &final_block, size_t offset=0) override
 
Key_Length_Specification key_spec () const override final
 
virtual size_t maximum_associated_data_inputs () const
 
size_t maximum_keylength () const
 
size_t minimum_final_size () const override
 
size_t minimum_keylength () const
 
std::string name () const override final
 
size_t output_length (size_t input_length) const override
 
size_t process (uint8_t buf[], size_t sz) override final
 
virtual std::string provider () const
 
void reset () override final
 
template<typename Alloc >
void set_ad (const std::vector< uint8_t, Alloc > &ad)
 
void set_associated_data (const uint8_t ad[], size_t ad_len) override
 
virtual void set_associated_data_n (size_t i, const uint8_t ad[], size_t ad_len)
 
template<typename Alloc >
void set_associated_data_vec (const std::vector< uint8_t, Alloc > &ad)
 
template<typename Alloc >
void set_key (const std::vector< uint8_t, Alloc > &key)
 
void set_key (const SymmetricKey &key)
 
void set_key (const uint8_t key[], size_t length)
 
void start ()
 
template<typename Alloc >
void start (const std::vector< uint8_t, Alloc > &nonce)
 
void start (const uint8_t nonce[], size_t nonce_len)
 
size_t tag_size () const override final
 
 TLS_CBC_HMAC_AEAD_Encryption (std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, const size_t cipher_keylen, const size_t mac_keylen, const Protocol_Version version, bool use_encrypt_then_mac)
 
void update (secure_vector< uint8_t > &buffer, size_t offset=0)
 
size_t update_granularity () const override final
 
bool valid_keylength (size_t length) const
 
bool valid_nonce_length (size_t nl) const override final
 

Static Public Member Functions

static std::unique_ptr< AEAD_Modecreate (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::unique_ptr< AEAD_Modecreate_or_throw (const std::string &algo, Cipher_Dir direction, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Protected Member Functions

std::vector< uint8_t > & assoc_data ()
 
std::vector< uint8_t > assoc_data_with_len (uint16_t len)
 
size_t block_size () const
 
Cipher_Modecbc () const
 
secure_vector< uint8_t > & cbc_state ()
 
size_t cipher_keylen () const
 
bool is_datagram_protocol () const
 
size_t iv_size () const
 
MessageAuthenticationCodemac () const
 
size_t mac_keylen () const
 
secure_vector< uint8_t > & msg ()
 
bool use_encrypt_then_mac () const
 
void verify_key_set (bool cond) const
 

Detailed Description

TLS_CBC_HMAC_AEAD Encryption

Definition at line 106 of file tls_cbc.h.

Constructor & Destructor Documentation

◆ TLS_CBC_HMAC_AEAD_Encryption()

Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::TLS_CBC_HMAC_AEAD_Encryption ( std::unique_ptr< BlockCipher cipher,
std::unique_ptr< MessageAuthenticationCode mac,
const size_t  cipher_keylen,
const size_t  mac_keylen,
const Protocol_Version  version,
bool  use_encrypt_then_mac 
)
inline

Definition at line 111 of file tls_cbc.h.

117 :
119 std::move(cipher),
120 std::move(mac),
123 version,
125 {}
TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir direction, std::unique_ptr< BlockCipher > cipher, std::unique_ptr< MessageAuthenticationCode > mac, size_t cipher_keylen, size_t mac_keylen, Protocol_Version version, bool use_encrypt_then_mac)
Definition tls_cbc.cpp:27
MessageAuthenticationCode & mac() const
Definition tls_cbc.h:68
@ ENCRYPTION
Definition cipher_mode.h:23

References Botan::ENCRYPTION.

Member Function Documentation

◆ assoc_data()

std::vector< uint8_t > & Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data ( )
inlineprotectedinherited

Definition at line 75 of file tls_cbc.h.

75{ return m_ad; }

Referenced by finish(), and set_associated_data().

◆ assoc_data_with_len()

std::vector< uint8_t > Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data_with_len ( uint16_t  len)
protectedinherited

Definition at line 123 of file tls_cbc.cpp.

124 {
125 std::vector<uint8_t> ad = m_ad;
126 BOTAN_ASSERT(ad.size() == 13, "Expected AAD size");
127 ad[11] = get_byte(0, len);
128 ad[12] = get_byte(1, len);
129 return ad;
130 }
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:55
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition loadstor.h:41

References BOTAN_ASSERT, and Botan::get_byte().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ associated_data_requires_key()

virtual bool Botan::AEAD_Mode::associated_data_requires_key ( ) const
inlinevirtualinherited

Most AEADs require the key to be set prior to setting the AD A few allow the AD to be set even before the cipher is keyed. Such ciphers would return false from this function.

Reimplemented in Botan::CCM_Mode, and Botan::ChaCha20Poly1305_Mode.

Definition at line 94 of file aead.h.

94{ return true; }

◆ authenticated()

bool Botan::AEAD_Mode::authenticated ( ) const
inlineoverridevirtualinherited
Returns
true iff this mode provides authentication as well as confidentiality.

Reimplemented from Botan::Cipher_Mode.

Definition at line 47 of file aead.h.

47{ return true; }

◆ block_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size ( ) const
inlineprotectedinherited

◆ cbc()

Cipher_Mode & Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc ( ) const
inlineprotectedinherited

Definition at line 66 of file tls_cbc.h.

66{ return *m_cbc; }

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

◆ cbc_state()

secure_vector< uint8_t > & Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state ( )
inlineprotectedinherited

Definition at line 74 of file tls_cbc.h.

74{ return m_cbc_state; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset().

◆ cipher_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cipher_keylen ( ) const
inlineprotectedinherited

Definition at line 57 of file tls_cbc.h.

57{ return m_cipher_keylen; }

◆ clear()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear ( )
finaloverridevirtualinherited

◆ create()

std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode or a null pointer if not available

Definition at line 60 of file aead.cpp.

63 {
65#if defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
66 if(algo == "ChaCha20Poly1305")
67 {
68 if(dir == ENCRYPTION)
69 return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Encryption);
70 else
71 return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Decryption);
72
73 }
74#endif
75
76 if(algo.find('/') != std::string::npos)
77 {
78 const std::vector<std::string> algo_parts = split_on(algo, '/');
79 const std::string cipher_name = algo_parts[0];
80 const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
81
82 if(mode_info.empty())
83 return std::unique_ptr<AEAD_Mode>();
84
85 std::ostringstream alg_args;
86
87 alg_args << '(' << cipher_name;
88 for(size_t i = 1; i < mode_info.size(); ++i)
89 alg_args << ',' << mode_info[i];
90 for(size_t i = 2; i < algo_parts.size(); ++i)
91 alg_args << ',' << algo_parts[i];
92 alg_args << ')';
93
94 const std::string mode_name = mode_info[0] + alg_args.str();
95 return AEAD_Mode::create(mode_name, dir);
96 }
97
98#if defined(BOTAN_HAS_BLOCK_CIPHER)
99
100 SCAN_Name req(algo);
101
102 if(req.arg_count() == 0)
103 {
104 return std::unique_ptr<AEAD_Mode>();
105 }
106
107 std::unique_ptr<BlockCipher> bc(BlockCipher::create(req.arg(0), provider));
108
109 if(!bc)
110 {
111 return std::unique_ptr<AEAD_Mode>();
112 }
113
114#if defined(BOTAN_HAS_AEAD_CCM)
115 if(req.algo_name() == "CCM")
116 {
117 size_t tag_len = req.arg_as_integer(1, 16);
118 size_t L_len = req.arg_as_integer(2, 3);
119 if(dir == ENCRYPTION)
120 return std::unique_ptr<AEAD_Mode>(new CCM_Encryption(bc.release(), tag_len, L_len));
121 else
122 return std::unique_ptr<AEAD_Mode>(new CCM_Decryption(bc.release(), tag_len, L_len));
123 }
124#endif
125
126#if defined(BOTAN_HAS_AEAD_GCM)
127 if(req.algo_name() == "GCM")
128 {
129 size_t tag_len = req.arg_as_integer(1, 16);
130 if(dir == ENCRYPTION)
131 return std::unique_ptr<AEAD_Mode>(new GCM_Encryption(bc.release(), tag_len));
132 else
133 return std::unique_ptr<AEAD_Mode>(new GCM_Decryption(bc.release(), tag_len));
134 }
135#endif
136
137#if defined(BOTAN_HAS_AEAD_OCB)
138 if(req.algo_name() == "OCB")
139 {
140 size_t tag_len = req.arg_as_integer(1, 16);
141 if(dir == ENCRYPTION)
142 return std::unique_ptr<AEAD_Mode>(new OCB_Encryption(bc.release(), tag_len));
143 else
144 return std::unique_ptr<AEAD_Mode>(new OCB_Decryption(bc.release(), tag_len));
145 }
146#endif
147
148#if defined(BOTAN_HAS_AEAD_EAX)
149 if(req.algo_name() == "EAX")
150 {
151 size_t tag_len = req.arg_as_integer(1, bc->block_size());
152 if(dir == ENCRYPTION)
153 return std::unique_ptr<AEAD_Mode>(new EAX_Encryption(bc.release(), tag_len));
154 else
155 return std::unique_ptr<AEAD_Mode>(new EAX_Decryption(bc.release(), tag_len));
156 }
157#endif
158
159#if defined(BOTAN_HAS_AEAD_SIV)
160 if(req.algo_name() == "SIV")
161 {
162 if(dir == ENCRYPTION)
163 return std::unique_ptr<AEAD_Mode>(new SIV_Encryption(bc.release()));
164 else
165 return std::unique_ptr<AEAD_Mode>(new SIV_Decryption(bc.release()));
166 }
167#endif
168
169#endif
170
171 return std::unique_ptr<AEAD_Mode>();
172 }
#define BOTAN_UNUSED(...)
Definition assert.h:142
static std::unique_ptr< AEAD_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")
Definition aead.cpp:60
static std::unique_ptr< BlockCipher > create(const std::string &algo_spec, const std::string &provider="")
virtual std::string provider() const
std::vector< std::string > split_on(const std::string &str, char delim)
Definition parsing.cpp:148
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition parsing.cpp:95

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::AEAD_Mode::create(), Botan::BlockCipher::create(), Botan::ENCRYPTION, Botan::parse_algorithm_name(), Botan::Cipher_Mode::provider(), and Botan::split_on().

Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::get_aead().

◆ create_or_throw()

std::unique_ptr< AEAD_Mode > Botan::AEAD_Mode::create_or_throw ( const std::string &  algo,
Cipher_Dir  direction,
const std::string &  provider = "" 
)
staticinherited

Create an AEAD mode, or throw

Parameters
algothe algorithm to create
directionspecify if this should be an encryption or decryption AEAD
provideroptional specification for provider to use
Returns
an AEAD mode, or throw an exception

Definition at line 50 of file aead.cpp.

53 {
54 if(auto aead = AEAD_Mode::create(algo, dir, provider))
55 return aead;
56
57 throw Lookup_Error("AEAD", algo, provider);
58 }

References Botan::AEAD_Mode::create(), and Botan::Cipher_Mode::provider().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::TLS::Session::decrypt(), Botan::TLS::Session::encrypt(), Botan::mceies_decrypt(), and Botan::mceies_encrypt().

◆ default_nonce_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::default_nonce_length ( ) const
inlinefinaloverridevirtualinherited
Returns
default AEAD nonce size (a commonly supported value among AEAD modes, and large enough that random collisions are unlikely)

Reimplemented from Botan::AEAD_Mode.

Definition at line 42 of file tls_cbc.h.

42{ return m_iv_size; }

◆ finish()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::finish ( secure_vector< uint8_t > &  final_block,
size_t  offset = 0 
)
overridevirtual

Complete processing of a message.

Parameters
final_blockin/out parameter which must be at least minimum_final_size() bytes, and will be set to any final output
offsetan offset into final_block to begin processing

Implements Botan::Cipher_Mode.

Definition at line 192 of file tls_cbc.cpp.

193 {
194 update(buffer, offset);
195
196 const size_t msg_size = msg().size();
197
198 const size_t input_size = msg_size + 1 + (use_encrypt_then_mac() ? 0 : tag_size());
199 const size_t enc_size = round_up(input_size, block_size());
200 BOTAN_DEBUG_ASSERT(enc_size % block_size() == 0);
201
202 const uint8_t padding_val = static_cast<uint8_t>(enc_size - input_size);
203 const size_t padding_length = static_cast<size_t>(padding_val) + 1;
204
205 buffer.reserve(offset + msg_size + padding_length + tag_size());
206 buffer.resize(offset + msg_size);
207 copy_mem(&buffer[offset], msg().data(), msg_size);
208
209 mac().update(assoc_data());
210
212 {
213 if(iv_size() > 0)
214 {
215 mac().update(cbc_state());
216 }
217
218 cbc_encrypt_record(buffer, offset, padding_length);
219 mac().update(&buffer[offset], enc_size);
220 buffer.resize(buffer.size() + tag_size());
221 mac().final(&buffer[buffer.size() - tag_size()]);
222 }
223 else
224 {
225 mac().update(&buffer[offset], msg_size);
226 buffer.resize(buffer.size() + tag_size());
227 mac().final(&buffer[buffer.size() - tag_size()]);
228 cbc_encrypt_record(buffer, offset, padding_length);
229 }
230 }
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:123
void update(const uint8_t in[], size_t length)
Definition buf_comp.h:33
void final(uint8_t out[])
Definition buf_comp.h:83
secure_vector< uint8_t > & cbc_state()
Definition tls_cbc.h:74
std::vector< uint8_t > & assoc_data()
Definition tls_cbc.h:75
secure_vector< uint8_t > & msg()
Definition tls_cbc.h:76
size_t tag_size() const override final
Definition tls_cbc.h:40
int(* update)(CTX *, const void *, CC_LONG len)
void copy_mem(T *out, const T *in, size_t n)
Definition mem_ops.h:133
size_t round_up(size_t n, size_t align_to)
Definition rounding.h:21

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), BOTAN_DEBUG_ASSERT, Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state(), Botan::copy_mem(), Botan::Buffered_Computation::final(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), Botan::Buffered_Computation::update(), update, and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ is_datagram_protocol()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::is_datagram_protocol ( ) const
inlineprotectedinherited

Definition at line 64 of file tls_cbc.h.

64{ return m_is_datagram; }

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ iv_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size ( ) const
inlineprotectedinherited

◆ key_spec()

Key_Length_Specification Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::key_spec ( ) const
finaloverridevirtualinherited
Returns
object describing limits on key size

Implements Botan::SymmetricAlgorithm.

Definition at line 86 of file tls_cbc.cpp.

87 {
88 return Key_Length_Specification(m_cipher_keylen + m_mac_keylen);
89 }

◆ mac()

MessageAuthenticationCode & Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac ( ) const
inlineprotectedinherited

◆ mac_keylen()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::mac_keylen ( ) const
inlineprotectedinherited

Definition at line 58 of file tls_cbc.h.

58{ return m_mac_keylen; }

◆ maximum_associated_data_inputs()

virtual size_t Botan::AEAD_Mode::maximum_associated_data_inputs ( ) const
inlinevirtualinherited

Returns the maximum supported number of associated data inputs which can be provided to set_associated_data_n

If returns 0, then no associated data is supported.

Reimplemented in Botan::SIV_Mode.

Definition at line 87 of file aead.h.

87{ return 1; }

◆ maximum_keylength()

size_t Botan::SymmetricAlgorithm::maximum_keylength ( ) const
inlineinherited
Returns
maximum allowed key length

Definition at line 120 of file sym_algo.h.

121 {
122 return key_spec().maximum_keylength();
123 }
size_t maximum_keylength() const
Definition sym_algo.h:70
virtual Key_Length_Specification key_spec() const =0

◆ minimum_final_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::minimum_final_size ( ) const
inlineoverridevirtual
Returns
required minimium size to finalize() - may be any length larger than this.

Implements Botan::Cipher_Mode.

Definition at line 131 of file tls_cbc.h.

131{ return 0; }

◆ minimum_keylength()

size_t Botan::SymmetricAlgorithm::minimum_keylength ( ) const
inlineinherited
Returns
minimum allowed key length

Definition at line 128 of file sym_algo.h.

129 {
130 return key_spec().minimum_keylength();
131 }
size_t minimum_keylength() const
Definition sym_algo.h:62

Referenced by botan_block_cipher_get_keyspec(), and botan_mac_get_keyspec().

◆ msg()

secure_vector< uint8_t > & Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::msg ( )
inlineprotectedinherited

Definition at line 76 of file tls_cbc.h.

76{ return m_msg; }

Referenced by finish(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

◆ name()

std::string Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::name ( ) const
finaloverridevirtualinherited
Returns
the algorithm name

Implements Botan::SymmetricAlgorithm.

Definition at line 69 of file tls_cbc.cpp.

70 {
71 return "TLS_CBC(" + m_cipher_name + "," + m_mac_name + ")";
72 }

◆ output_length()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::output_length ( size_t  input_length) const
overridevirtual

Returns the size of the output if this transform is used to process a message with input_length bytes. In most cases the answer is precise. If it is not possible to precise (namely for CBC decryption) instead a lower bound is returned.

Implements Botan::Cipher_Mode.

Definition at line 186 of file tls_cbc.cpp.

187 {
188 return round_up(input_length + 1 + (use_encrypt_then_mac() ? 0 : tag_size()), block_size()) +
189 (use_encrypt_then_mac() ? tag_size() : 0);
190 }

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ process()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::process ( uint8_t  msg[],
size_t  msg_len 
)
finaloverridevirtualinherited

Process message blocks

Input must be a multiple of update_granularity

Processes msg in place and returns bytes written. Normally this will be either msg_len (indicating the entire message was processed) or for certain AEAD modes zero (indicating that the mode requires the entire message be processed in one pass).

Parameters
msgthe message to be processed
msg_lenlength of the message in bytes

Implements Botan::Cipher_Mode.

Definition at line 117 of file tls_cbc.cpp.

118 {
119 m_msg.insert(m_msg.end(), buf, buf + sz);
120 return 0;
121 }

◆ provider()

virtual std::string Botan::Cipher_Mode::provider ( ) const
inlinevirtualinherited
Returns
provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.

Reimplemented in Botan::GCM_Mode.

Definition at line 180 of file cipher_mode.h.

180{ return "base"; }

Referenced by Botan::AEAD_Mode::create(), Botan::Cipher_Mode::create(), Botan::AEAD_Mode::create_or_throw(), and Botan::Cipher_Mode::create_or_throw().

◆ providers()

std::vector< std::string > Botan::Cipher_Mode::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available
Parameters
algo_specalgorithm name

Definition at line 173 of file cipher_mode.cpp.

174 {
175 const std::vector<std::string>& possible = { "base", "openssl", "commoncrypto" };
176 std::vector<std::string> providers;
177 for(auto&& prov : possible)
178 {
179 std::unique_ptr<Cipher_Mode> mode = Cipher_Mode::create(algo_spec, ENCRYPTION, prov);
180 if(mode)
181 {
182 providers.push_back(prov); // available
183 }
184 }
185 return providers;
186 }
static std::vector< std::string > providers(const std::string &algo_spec)
static std::unique_ptr< Cipher_Mode > create(const std::string &algo, Cipher_Dir direction, const std::string &provider="")

References Botan::Cipher_Mode::create(), Botan::ENCRYPTION, and Botan::Cipher_Mode::providers().

Referenced by Botan::Cipher_Mode::providers().

◆ reset()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::reset ( )
finaloverridevirtualinherited

Resets just the message specific state and allows encrypting again under the existing key

Implements Botan::Cipher_Mode.

Definition at line 62 of file tls_cbc.cpp.

63 {
64 cbc_state().clear();
65 m_ad.clear();
66 m_msg.clear();
67 }

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::cbc_state().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::clear().

◆ set_ad()

template<typename Alloc >
void Botan::AEAD_Mode::set_ad ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 121 of file aead.h.

122 {
123 set_associated_data(ad.data(), ad.size());
124 }
virtual void set_associated_data(const uint8_t ad[], size_t ad_len)=0

Referenced by Botan::TLS::write_record().

◆ set_associated_data()

void Botan::TLS::TLS_CBC_HMAC_AEAD_Encryption::set_associated_data ( const uint8_t  ad[],
size_t  ad_len 
)
overridevirtual

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Parameters
adthe associated data
ad_lenlength of add in bytes

Implements Botan::AEAD_Mode.

Definition at line 139 of file tls_cbc.cpp.

140 {
142
144 {
145 // AAD hack for EtM
146 // EtM uses ciphertext size instead of plaintext size for AEAD input
147 const uint16_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]);
148 const uint16_t enc_size = static_cast<uint16_t>(round_up(iv_size() + pt_size + 1, block_size()));
149 assoc_data()[11] = get_byte<uint16_t>(0, enc_size);
150 assoc_data()[12] = get_byte<uint16_t>(1, enc_size);
151 }
152 }
void set_associated_data(const uint8_t ad[], size_t ad_len) override
Definition tls_cbc.cpp:132
constexpr uint16_t make_uint16(uint8_t i0, uint8_t i1)
Definition loadstor.h:54

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::assoc_data(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size(), Botan::make_uint16(), Botan::round_up(), Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::set_associated_data(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac().

◆ set_associated_data_n()

void Botan::AEAD_Mode::set_associated_data_n ( size_t  i,
const uint8_t  ad[],
size_t  ad_len 
)
virtualinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

Unless reset by another call, the associated data is kept between messages. Thus, if the AD does not change, calling once (after set_key) is the optimum.

Some AEADs (namely SIV) support multiple AD inputs. For all other modes only nominal AD input 0 is supported; all other values of i will cause an exception.

Parameters
adthe associated data
ad_lenlength of add in bytes

Reimplemented in Botan::SIV_Mode.

Definition at line 42 of file aead.cpp.

43 {
44 if(i == 0)
45 this->set_associated_data(ad, ad_len);
46 else
47 throw Invalid_Argument("AEAD '" + name() + "' does not support multiple associated data");
48 }
virtual std::string name() const =0

References Botan::SymmetricAlgorithm::name(), and Botan::AEAD_Mode::set_associated_data().

Referenced by Botan::SIV_Mode::set_associated_data().

◆ set_associated_data_vec()

template<typename Alloc >
void Botan::AEAD_Mode::set_associated_data_vec ( const std::vector< uint8_t, Alloc > &  ad)
inlineinherited

Set associated data that is not included in the ciphertext but that should be authenticated. Must be called after set_key and before start.

See set_associated_data().

Parameters
adthe associated data

Definition at line 106 of file aead.h.

107 {
108 set_associated_data(ad.data(), ad.size());
109 }

◆ set_key() [1/3]

template<typename Alloc >
void Botan::SymmetricAlgorithm::set_key ( const std::vector< uint8_t, Alloc > &  key)
inlineinherited

Definition at line 153 of file sym_algo.h.

154 {
155 set_key(key.data(), key.size());
156 }
void set_key(const SymmetricKey &key)
Definition sym_algo.h:147

◆ set_key() [2/3]

void Botan::SymmetricAlgorithm::set_key ( const SymmetricKey key)
inlineinherited

◆ set_key() [3/3]

void Botan::SymmetricAlgorithm::set_key ( const uint8_t  key[],
size_t  length 
)
inherited

Set the symmetric key of this object.

Parameters
keythe to be set as a byte array.
lengthin bytes of key param

Definition at line 17 of file sym_algo.cpp.

18 {
19 if(!valid_keylength(length))
20 throw Invalid_Key_Length(name(), length);
21 key_schedule(key, length);
22 }
bool valid_keylength(size_t length) const
Definition sym_algo.h:138

References Botan::SymmetricAlgorithm::name(), and Botan::SymmetricAlgorithm::valid_keylength().

◆ start() [1/3]

void Botan::Cipher_Mode::start ( )
inlineinherited

Begin processing a message.

Definition at line 87 of file cipher_mode.h.

88 {
89 return start_msg(nullptr, 0);
90 }
virtual void start_msg(const uint8_t nonce[], size_t nonce_len)=0

◆ start() [2/3]

template<typename Alloc >
void Botan::Cipher_Mode::start ( const std::vector< uint8_t, Alloc > &  nonce)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce

Definition at line 69 of file cipher_mode.h.

70 {
71 start_msg(nonce.data(), nonce.size());
72 }

Referenced by botan_cipher_start(), and Botan::TLS::write_record().

◆ start() [3/3]

void Botan::Cipher_Mode::start ( const uint8_t  nonce[],
size_t  nonce_len 
)
inlineinherited

Begin processing a message.

Parameters
noncethe per message nonce
nonce_lenlength of nonce

Definition at line 79 of file cipher_mode.h.

80 {
81 start_msg(nonce, nonce_len);
82 }

◆ tag_size()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::tag_size ( ) const
inlinefinaloverridevirtualinherited
Returns
the size of the authentication tag used (in bytes)

Reimplemented from Botan::Cipher_Mode.

Definition at line 40 of file tls_cbc.h.

40{ return m_tag_size; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), and output_length().

◆ update()

void Botan::Cipher_Mode::update ( secure_vector< uint8_t > &  buffer,
size_t  offset = 0 
)
inlineinherited

Process some data. Input must be in size update_granularity() uint8_t blocks.

Parameters
bufferin/out parameter which will possibly be resized
offsetan offset into blocks to begin processing

Definition at line 112 of file cipher_mode.h.

113 {
114 BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
115 uint8_t* buf = buffer.data() + offset;
116 const size_t buf_size = buffer.size() - offset;
117
118 const size_t written = process(buf, buf_size);
119 buffer.resize(offset + written);
120 }
virtual size_t process(uint8_t msg[], size_t msg_len)=0

References BOTAN_ASSERT.

Referenced by botan_cipher_update().

◆ update_granularity()

size_t Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::update_granularity ( ) const
finaloverridevirtualinherited
Returns
size of required blocks to update

Implements Botan::Cipher_Mode.

Definition at line 74 of file tls_cbc.cpp.

75 {
76 return 1; // just buffers anyway
77 }

◆ use_encrypt_then_mac()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::use_encrypt_then_mac ( ) const
inlineprotectedinherited

Definition at line 62 of file tls_cbc.h.

62{ return m_use_encrypt_then_mac; }

Referenced by finish(), Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish(), output_length(), and set_associated_data().

◆ valid_keylength()

bool Botan::SymmetricAlgorithm::valid_keylength ( size_t  length) const
inlineinherited

Check whether a given key length is valid for this algorithm.

Parameters
lengththe key length to be checked.
Returns
true if the key length is valid.

Definition at line 138 of file sym_algo.h.

139 {
140 return key_spec().valid_keylength(length);
141 }
bool valid_keylength(size_t length) const
Definition sym_algo.h:52

Referenced by Botan::aont_package(), Botan::aont_unpackage(), and Botan::SymmetricAlgorithm::set_key().

◆ valid_nonce_length()

bool Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::valid_nonce_length ( size_t  nonce_len) const
finaloverridevirtualinherited
Returns
true iff nonce_len is a valid length for the nonce

Implements Botan::Cipher_Mode.

Definition at line 79 of file tls_cbc.cpp.

80 {
81 if(m_cbc_state.empty())
82 return nl == block_size();
83 return nl == iv_size();
84 }

References Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::block_size(), and Botan::TLS::TLS_CBC_HMAC_AEAD_Mode::iv_size().

◆ verify_key_set()

void Botan::SymmetricAlgorithm::verify_key_set ( bool  cond) const
inlineprotectedinherited

Definition at line 171 of file sym_algo.h.

172 {
173 if(cond == false)
174 throw_key_not_set_error();
175 }

Referenced by Botan::ChaCha::cipher(), Botan::CTR_BE::cipher(), Botan::RC4::cipher(), Botan::Salsa20::cipher(), Botan::SHAKE_128_Cipher::cipher(), Botan::AES_128::decrypt_n(), Botan::AES_192::decrypt_n(), Botan::AES_256::decrypt_n(), Botan::ARIA_128::decrypt_n(), Botan::ARIA_192::decrypt_n(), Botan::ARIA_256::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::Camellia_128::decrypt_n(), Botan::Camellia_192::decrypt_n(), Botan::Camellia_256::decrypt_n(), Botan::CAST_128::decrypt_n(), Botan::CAST_256::decrypt_n(), Botan::DES::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::DESX::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::IDEA::decrypt_n(), Botan::KASUMI::decrypt_n(), Botan::Lion::decrypt_n(), Botan::MISTY1::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::SHACAL2::decrypt_n(), Botan::SM4::decrypt_n(), Botan::Threefish_512::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::XTEA::decrypt_n(), Botan::AES_128::encrypt_n(), Botan::AES_192::encrypt_n(), Botan::AES_256::encrypt_n(), Botan::ARIA_128::encrypt_n(), Botan::ARIA_192::encrypt_n(), Botan::ARIA_256::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::Camellia_128::encrypt_n(), Botan::Camellia_192::encrypt_n(), Botan::Camellia_256::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::CAST_256::encrypt_n(), Botan::DES::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::DESX::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::IDEA::encrypt_n(), Botan::KASUMI::encrypt_n(), Botan::Lion::encrypt_n(), Botan::MISTY1::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::SHACAL2::encrypt_n(), Botan::SM4::encrypt_n(), Botan::Threefish_512::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::XTEA::encrypt_n(), Botan::OCB_Encryption::finish(), Botan::OCB_Decryption::finish(), Botan::GHASH::ghash_update(), Botan::CFB_Encryption::process(), Botan::CFB_Decryption::process(), Botan::ChaCha::seek(), Botan::CTR_BE::seek(), Botan::Salsa20::seek(), Botan::OCB_Mode::set_associated_data(), Botan::ChaCha::set_iv(), Botan::Salsa20::set_iv(), Botan::GHASH::update(), Botan::GHASH::update_associated_data(), and Botan::ChaCha::write_keystream().


The documentation for this class was generated from the following files: