interface for for one direction (encryption or decryption) of a stream cipher or block cipher mode with authentication More...
#include <cryptlib.h>
Classes | |
| class | BadState |
| this indicates that a member function was called in the wrong state, for example trying to encrypt a message before having set the key or IV More... | |
Public Types | |
| enum | IV_Requirement { UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV, NOT_RESYNCHRONIZABLE } |
Public Member Functions | |
| virtual lword | MaxHeaderLength () const =0 |
| the maximum length of AAD that can be input before the encrypted data | |
| virtual lword | MaxMessageLength () const =0 |
| the maximum length of encrypted data | |
| virtual lword | MaxFooterLength () const |
| the maximum length of AAD that can be input after the encrypted data | |
| virtual bool | NeedsPrespecifiedDataLengths () const |
| if this function returns true, SpecifyDataLengths() must be called before attempting to input data | |
| void | SpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength=0) |
| this function only needs to be called if NeedsPrespecifiedDataLengths() returns true | |
| virtual void | EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength) |
| encrypt and generate MAC in one call. will truncate MAC if macSize < TagSize() | |
| virtual bool | DecryptAndVerify (byte *message, const byte *mac, size_t macLength, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength) |
| decrypt and verify MAC in one call, returning true iff MAC is valid. will assume MAC is truncated if macLength < TagSize() | |
| virtual std::string | AlgorithmName () const =0 |
| returns name of this algorithm, not universally implemented yet | |
| virtual size_t | MinKeyLength () const =0 |
| returns smallest valid key length in bytes */ | |
| virtual size_t | MaxKeyLength () const =0 |
| returns largest valid key length in bytes */ | |
| virtual size_t | DefaultKeyLength () const =0 |
| returns default (recommended) key length in bytes */ | |
| virtual size_t | GetValidKeyLength (size_t n) const =0 |
| returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength()) | |
| virtual bool | IsValidKeyLength (size_t n) const |
| returns whether n is a valid key length | |
| virtual void | SetKey (const byte *key, size_t length, const NameValuePairs ¶ms=g_nullNameValuePairs) |
| set or reset the key of this object | |
| void | SetKeyWithRounds (const byte *key, size_t length, int rounds) |
| calls SetKey() with an NameValuePairs object that just specifies "Rounds" | |
| void | SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength) |
| calls SetKey() with an NameValuePairs object that just specifies "IV" | |
| void | SetKeyWithIV (const byte *key, size_t length, const byte *iv) |
| calls SetKey() with an NameValuePairs object that just specifies "IV" | |
| virtual IV_Requirement | IVRequirement () const =0 |
| returns the minimal requirement for secure IVs | |
| bool | IsResynchronizable () const |
| returns whether this object can be resynchronized (i.e. supports initialization vectors) | |
| bool | CanUseRandomIVs () const |
| returns whether this object can use random IVs (in addition to ones returned by GetNextIV) | |
| bool | CanUsePredictableIVs () const |
| returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV) | |
| bool | CanUseStructuredIVs () const |
| returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV) | |
| virtual unsigned int | IVSize () const |
| unsigned int | DefaultIVLength () const |
| returns default length of IVs accepted by this object | |
| virtual unsigned int | MinIVLength () const |
| returns minimal length of IVs accepted by this object | |
| virtual unsigned int | MaxIVLength () const |
| returns maximal length of IVs accepted by this object | |
| virtual void | Resynchronize (const byte *iv, int ivLength=-1) |
| resynchronize with an IV. ivLength=-1 means use IVSize() | |
| virtual void | GetNextIV (RandomNumberGenerator &rng, byte *IV) |
| get a secure IV for the next message | |
| HashTransformation & | Ref () |
| return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference | |
| virtual void | Update (const byte *input, size_t length)=0 |
| process more input | |
| virtual byte * | CreateUpdateSpace (size_t &size) |
| request space to write input into | |
| virtual void | Final (byte *digest) |
| compute hash for current message, then restart for a new message | |
| virtual void | Restart () |
| discard the current state, and restart with a new message | |
| virtual unsigned int | DigestSize () const =0 |
| size of the hash/digest/MAC returned by Final() | |
| unsigned int | TagSize () const |
| same as DigestSize() | |
| virtual unsigned int | BlockSize () const |
| block size of underlying compression function, or 0 if not block based | |
| virtual unsigned int | OptimalBlockSize () const |
| input to Update() should have length a multiple of this for optimal speed | |
| virtual unsigned int | OptimalDataAlignment () const |
| returns how input should be aligned for optimal performance | |
| virtual void | CalculateDigest (byte *digest, const byte *input, size_t length) |
| use this if your input is in one piece and you don't want to call Update() and Final() separately | |
| virtual bool | Verify (const byte *digest) |
| verify that digest is a valid digest for the current message, then reinitialize the object | |
| virtual bool | VerifyDigest (const byte *digest, const byte *input, size_t length) |
| use this if your input is in one piece and you don't want to call Update() and Verify() separately | |
| virtual void | TruncatedFinal (byte *digest, size_t digestSize)=0 |
| truncated version of Final() | |
| virtual void | CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length) |
| truncated version of CalculateDigest() | |
| virtual bool | TruncatedVerify (const byte *digest, size_t digestLength) |
| truncated version of Verify() | |
| virtual bool | VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length) |
| truncated version of VerifyDigest() | |
| virtual Clonable * | Clone () const |
| this is not implemented by most classes yet | |
| StreamTransformation & | Ref () |
| return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference | |
| virtual unsigned int | MandatoryBlockSize () const |
| returns block size, if input must be processed in blocks, otherwise 1 | |
| virtual unsigned int | OptimalBlockSize () const |
| returns the input block size that is most efficient for this cipher | |
| virtual unsigned int | GetOptimalBlockSizeUsed () const |
| returns how much of the current block is used up | |
| virtual unsigned int | OptimalDataAlignment () const |
| returns how input should be aligned for optimal performance | |
| virtual void | ProcessData (byte *outString, const byte *inString, size_t length)=0 |
| encrypt or decrypt an array of bytes of specified length | |
| virtual void | ProcessLastBlock (byte *outString, const byte *inString, size_t length) |
| for ciphers where the last block of data is special, encrypt or decrypt the last block of data | |
| virtual unsigned int | MinLastBlockSize () const |
| returns the minimum size of the last block, 0 indicating the last block is not special | |
| void | ProcessString (byte *inoutString, size_t length) |
| same as ProcessData(inoutString, inoutString, length) | |
| void | ProcessString (byte *outString, const byte *inString, size_t length) |
| same as ProcessData(outString, inString, length) | |
| byte | ProcessByte (byte input) |
| implemented as {ProcessData(&input, &input, 1); return input;} | |
| virtual bool | IsRandomAccess () const =0 |
| returns whether this cipher supports random access | |
| virtual void | Seek (lword n) |
| for random access ciphers, seek to an absolute position | |
| virtual bool | IsSelfInverting () const =0 |
| returns whether this transformation is self-inverting (e.g. xor with a keystream) | |
| virtual bool | IsForwardTransformation () const =0 |
| returns whether this is an encryption object | |
Protected Member Functions | |
| const Algorithm & | GetAlgorithm () const |
| virtual void | UncheckedSpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength) |
| const Algorithm & | GetAlgorithm () const |
| virtual const Algorithm & | GetAlgorithm () const =0 |
| virtual void | UncheckedSetKey (const byte *key, unsigned int length, const NameValuePairs ¶ms)=0 |
| void | ThrowIfInvalidKeyLength (size_t length) |
| void | ThrowIfResynchronizable () |
| void | ThrowIfInvalidIV (const byte *iv) |
| size_t | ThrowIfInvalidIVLength (int size) |
| const byte * | GetIVAndThrowIfInvalid (const NameValuePairs ¶ms, size_t &size) |
| void | AssertValidKeyLength (size_t length) const |
| void | ThrowIfInvalidTruncatedSize (size_t size) const |
Detailed Description
interface for for one direction (encryption or decryption) of a stream cipher or block cipher mode with authentication
The StreamTransformation part of this interface is used to encrypt/decrypt the data, and the MessageAuthenticationCode part of this interface is used to input additional authenticated data (AAD, which is MAC'ed but not encrypted), and to generate/verify the MAC.
Definition at line 627 of file cryptlib.h.
Member Function Documentation
| virtual bool AuthenticatedSymmetricCipher::NeedsPrespecifiedDataLengths | ( | ) | const [inline, virtual] |
if this function returns true, SpecifyDataLengths() must be called before attempting to input data
This is the case for some schemes, such as CCM.
Reimplemented in CCM_Base.
Definition at line 646 of file cryptlib.h.
| void SimpleKeyingInterface::SetKey | ( | const byte * | key, | |
| size_t | length, | |||
| const NameValuePairs & | params = g_nullNameValuePairs | |||
| ) | [virtual, inherited] |
set or reset the key of this object
- Parameters:
-
params is used to specify Rounds, BlockSize, etc.
Definition at line 60 of file cryptlib.cpp.
Referenced by SimpleKeyingInterface::SetKeyWithIV(), and SimpleKeyingInterface::SetKeyWithRounds().
| bool SimpleKeyingInterface::IsResynchronizable | ( | ) | const [inline, inherited] |
returns whether this object can be resynchronized (i.e. supports initialization vectors)
If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.
Definition at line 386 of file cryptlib.h.
| void SimpleKeyingInterface::GetNextIV | ( | RandomNumberGenerator & | rng, | |
| byte * | IV | |||
| ) | [virtual, inherited] |
get a secure IV for the next message
This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again. This method is not implemented on decryption objects.
Definition at line 136 of file cryptlib.cpp.
References RandomNumberGenerator::GenerateBlock().
| virtual void HashTransformation::Final | ( | byte * | digest | ) | [inline, virtual, inherited] |
compute hash for current message, then restart for a new message
- Precondition:
- size of digest == DigestSize().
Definition at line 545 of file cryptlib.h.
Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey(), and HMAC_Base::TruncatedFinal().
| virtual bool HashTransformation::Verify | ( | const byte * | digest | ) | [inline, virtual, inherited] |
verify that digest is a valid digest for the current message, then reinitialize the object
Default implementation is to call Final() and do a bitwise comparison between its output and digest.
Definition at line 575 of file cryptlib.h.
| virtual unsigned int StreamTransformation::OptimalBlockSize | ( | ) | const [inline, virtual, inherited] |
returns the input block size that is most efficient for this cipher
- Note:
- optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0
Reimplemented in ECB_OneWay.
Definition at line 481 of file cryptlib.h.
| virtual void StreamTransformation::ProcessData | ( | byte * | outString, | |
| const byte * | inString, | |||
| size_t | length | |||
| ) | [pure virtual, inherited] |
encrypt or decrypt an array of bytes of specified length
- Note:
- either inString == outString, or they don't overlap
Implemented in AuthenticatedSymmetricCipherBase, PublicBlumBlumShub, ECB_OneWay, CBC_Encryption, and CBC_Decryption.
Referenced by AuthenticatedSymmetricCipherBase::ProcessData(), and StreamTransformation::ProcessLastBlock().
| void StreamTransformation::ProcessLastBlock | ( | byte * | outString, | |
| const byte * | inString, | |||
| size_t | length | |||
| ) | [virtual, inherited] |
for ciphers where the last block of data is special, encrypt or decrypt the last block of data
For now the only use of this function is for CBC-CTS mode.
Reimplemented in CBC_CTS_Encryption, and CBC_CTS_Decryption.
Definition at line 194 of file cryptlib.cpp.
References Algorithm::AlgorithmName(), StreamTransformation::MandatoryBlockSize(), StreamTransformation::MinLastBlockSize(), and StreamTransformation::ProcessData().
The documentation for this class was generated from the following files:
Generated on Mon Aug 9 2010 15:56:46 for Crypto++ by
1.7.1