10#include <botan/cmac.h>
20secure_vector<uint8_t> eax_prf(uint8_t tag,
size_t block_size,
21 MessageAuthenticationCode& mac,
22 const uint8_t in[],
size_t length)
24 for(
size_t i = 0; i != block_size - 1; ++i)
29 mac.update(in, length);
41 m_ctr(new
CTR_BE(m_cipher->clone())),
42 m_cmac(new
CMAC(m_cipher->clone()))
44 if(m_tag_size < 8 || m_tag_size >
m_cmac->output_length())
90void EAX_Mode::key_schedule(
const uint8_t key[],
size_t length)
96 m_ctr->set_key(key, length);
97 m_cmac->set_key(key, length);
106 throw Invalid_State(
"Cannot set AD for EAX while processing a message");
110void EAX_Mode::start_msg(
const uint8_t nonce[],
size_t nonce_len)
127 m_ctr->cipher(buf, buf, sz);
147 buffer += std::make_pair(data_mac.data(),
tag_size());
154 m_ctr->cipher(buf, buf, sz);
160 BOTAN_ASSERT(buffer.size() >= offset,
"Offset is sane");
161 const size_t sz = buffer.size() - offset;
162 uint8_t* buf = buffer.data() + offset;
166 const size_t remaining = sz -
tag_size();
170 m_cmac->update(buf, remaining);
171 m_ctr->cipher(buf, buf, remaining);
174 const uint8_t* included_tag = &buf[remaining];
189 buffer.resize(offset + remaining);
#define BOTAN_ASSERT_NOMSG(expr)
#define BOTAN_STATE_CHECK(expr)
#define BOTAN_ASSERT(expr, assertion_made)
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
size_t process(uint8_t buf[], size_t size) override
void finish(secure_vector< uint8_t > &final_block, size_t offset=0) override
size_t process(uint8_t buf[], size_t size) override
void set_associated_data(const uint8_t ad[], size_t ad_len) override
EAX_Mode(BlockCipher *cipher, size_t tag_size)
size_t block_size() const
Key_Length_Specification key_spec() const override
std::string name() const override
std::unique_ptr< BlockCipher > m_cipher
size_t tag_size() const override
std::unique_ptr< StreamCipher > m_ctr
bool valid_nonce_length(size_t) const override
std::unique_ptr< MessageAuthenticationCode > m_cmac
size_t update_granularity() const override
secure_vector< uint8_t > m_nonce_mac
secure_vector< uint8_t > m_ad_mac
int(* update)(CTX *, const void *, CC_LONG len)
bool constant_time_compare(const uint8_t x[], const uint8_t y[], size_t len)
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
std::vector< T, secure_allocator< T > > secure_vector