#include <eax.h>
Public Types | |
enum | IV_Requirement { UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV, NOT_RESYNCHRONIZABLE } |
Public Member Functions | |
bool | IsForwardTransformation () const |
returns whether this is an encryption object | |
std::string | AlgorithmName () const |
returns name of this algorithm, not universally implemented yet | |
size_t | MinKeyLength () const |
virtual size_t | MinKeyLength () const =0 |
returns smallest valid key length in bytes */ | |
size_t | MaxKeyLength () const |
virtual size_t | MaxKeyLength () const =0 |
returns largest valid key length in bytes */ | |
size_t | DefaultKeyLength () const |
virtual size_t | DefaultKeyLength () const =0 |
returns default (recommended) key length in bytes */ | |
size_t | GetValidKeyLength (size_t n) const |
virtual size_t | GetValidKeyLength (size_t n) const =0 |
returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength()) | |
bool | IsValidKeyLength (size_t n) const |
virtual bool | IsValidKeyLength (size_t n) const |
returns whether n is a valid key length | |
unsigned int | OptimalDataAlignment () const |
returns how input should be aligned for optimal performance | |
virtual unsigned int | OptimalDataAlignment () const |
returns how input should be aligned for optimal performance | |
IV_Requirement | IVRequirement () const |
virtual IV_Requirement | IVRequirement () const =0 |
returns the minimal requirement for secure IVs | |
unsigned int | IVSize () const |
virtual unsigned int | IVSize () const |
unsigned int | MinIVLength () const |
virtual unsigned int | MinIVLength () const |
returns minimal length of IVs accepted by this object | |
unsigned int | MaxIVLength () const |
virtual unsigned int | MaxIVLength () const |
returns maximal length of IVs accepted by this object | |
unsigned int | DigestSize () const |
virtual unsigned int | DigestSize () const =0 |
size of the hash/digest/MAC returned by Final() | |
lword | MaxHeaderLength () const |
the maximum length of AAD that can be input before the encrypted data | |
lword | MaxMessageLength () const |
the maximum length of encrypted data | |
bool | IsRandomAccess () const |
returns whether this cipher supports random access | |
bool | IsSelfInverting () const |
returns whether this transformation is self-inverting (e.g. xor with a keystream) | |
void | UncheckedSetKey (const byte *, unsigned int, const ::NameValuePairs &) |
void | SetKey (const byte *userKey, size_t keylength, const NameValuePairs ¶ms) |
virtual void | SetKey (const byte *key, size_t length, const NameValuePairs ¶ms=g_nullNameValuePairs) |
set or reset the key of this object | |
void | Restart () |
virtual void | Restart () |
discard the current state, and restart with a new message | |
void | Resynchronize (const byte *iv, int length=-1) |
virtual void | Resynchronize (const byte *iv, int ivLength=-1) |
resynchronize with an IV. ivLength=-1 means use IVSize() | |
void | Update (const byte *input, size_t length) |
virtual void | Update (const byte *input, size_t length)=0 |
process more input | |
void | ProcessData (byte *outString, const byte *inString, size_t length) |
encrypt or decrypt an array of bytes of specified length | |
void | TruncatedFinal (byte *mac, size_t macSize) |
virtual void | TruncatedFinal (byte *digest, size_t digestSize)=0 |
truncated version of Final() | |
virtual lword | MaxFooterLength () const |
the maximum length of AAD that can be input after the encrypted data | |
virtual bool | NeedsPrespecifiedDataLengths () const |
if this function returns true, SpecifyDataLengths() must be called before attempting to input data | |
void | SpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength=0) |
this function only needs to be called if NeedsPrespecifiedDataLengths() returns true | |
virtual void | EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength) |
encrypt and generate MAC in one call. will truncate MAC if macSize < TagSize() | |
virtual bool | DecryptAndVerify (byte *message, const byte *mac, size_t macLength, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength) |
decrypt and verify MAC in one call, returning true iff MAC is valid. will assume MAC is truncated if macLength < TagSize() | |
void | SetKeyWithRounds (const byte *key, size_t length, int rounds) |
calls SetKey() with an NameValuePairs object that just specifies "Rounds" | |
void | SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength) |
calls SetKey() with an NameValuePairs object that just specifies "IV" | |
void | SetKeyWithIV (const byte *key, size_t length, const byte *iv) |
calls SetKey() with an NameValuePairs object that just specifies "IV" | |
bool | IsResynchronizable () const |
returns whether this object can be resynchronized (i.e. supports initialization vectors) | |
bool | CanUseRandomIVs () const |
returns whether this object can use random IVs (in addition to ones returned by GetNextIV) | |
bool | CanUsePredictableIVs () const |
returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV) | |
bool | CanUseStructuredIVs () const |
returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV) | |
unsigned int | DefaultIVLength () const |
returns default length of IVs accepted by this object | |
virtual void | GetNextIV (RandomNumberGenerator &rng, byte *IV) |
get a secure IV for the next message | |
HashTransformation & | Ref () |
return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference | |
StreamTransformation & | Ref () |
return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference | |
virtual byte * | CreateUpdateSpace (size_t &size) |
request space to write input into | |
virtual void | Final (byte *digest) |
compute hash for current message, then restart for a new message | |
unsigned int | TagSize () const |
same as DigestSize() | |
virtual unsigned int | BlockSize () const |
block size of underlying compression function, or 0 if not block based | |
virtual unsigned int | OptimalBlockSize () const |
input to Update() should have length a multiple of this for optimal speed | |
virtual unsigned int | OptimalBlockSize () const |
returns the input block size that is most efficient for this cipher | |
virtual void | CalculateDigest (byte *digest, const byte *input, size_t length) |
use this if your input is in one piece and you don't want to call Update() and Final() separately | |
virtual bool | Verify (const byte *digest) |
verify that digest is a valid digest for the current message, then reinitialize the object | |
virtual bool | VerifyDigest (const byte *digest, const byte *input, size_t length) |
use this if your input is in one piece and you don't want to call Update() and Verify() separately | |
virtual void | CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length) |
truncated version of CalculateDigest() | |
virtual bool | TruncatedVerify (const byte *digest, size_t digestLength) |
truncated version of Verify() | |
virtual bool | VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length) |
truncated version of VerifyDigest() | |
virtual Clonable * | Clone () const |
this is not implemented by most classes yet | |
virtual unsigned int | MandatoryBlockSize () const |
returns block size, if input must be processed in blocks, otherwise 1 | |
virtual unsigned int | GetOptimalBlockSizeUsed () const |
returns how much of the current block is used up | |
virtual void | ProcessLastBlock (byte *outString, const byte *inString, size_t length) |
for ciphers where the last block of data is special, encrypt or decrypt the last block of data | |
virtual unsigned int | MinLastBlockSize () const |
returns the minimum size of the last block, 0 indicating the last block is not special | |
void | ProcessString (byte *inoutString, size_t length) |
same as ProcessData(inoutString, inoutString, length) | |
void | ProcessString (byte *outString, const byte *inString, size_t length) |
same as ProcessData(outString, inString, length) | |
byte | ProcessByte (byte input) |
implemented as {ProcessData(&input, &input, 1); return input;} | |
virtual void | Seek (lword n) |
for random access ciphers, seek to an absolute position | |
Static Public Member Functions | |
static std::string | StaticAlgorithmName () |
Protected Types | |
enum | State { State_Start, State_KeySet, State_IVSet, State_AuthUntransformed, State_AuthTransformed, State_AuthFooter } |
Protected Member Functions | |
bool | AuthenticationIsOnPlaintext () const |
unsigned int | AuthenticationBlockSize () const |
void | SetKeyWithoutResync (const byte *userKey, size_t keylength, const NameValuePairs ¶ms) |
void | Resync (const byte *iv, size_t len) |
size_t | AuthenticateBlocks (const byte *data, size_t len) |
void | AuthenticateLastHeaderBlock () |
void | AuthenticateLastFooterBlock (byte *mac, size_t macSize) |
SymmetricCipher & | AccessSymmetricCipher () |
const CMAC_Base & | GetMAC () const |
virtual void | UncheckedSetKey (const byte *key, unsigned int length, const NameValuePairs ¶ms)=0 |
void | AuthenticateData (const byte *data, size_t len) |
const SymmetricCipher & | GetSymmetricCipher () const |
virtual void | AuthenticateLastConfidentialBlock () |
const Algorithm & | GetAlgorithm () const |
const Algorithm & | GetAlgorithm () const |
virtual const Algorithm & | GetAlgorithm () const =0 |
virtual void | UncheckedSpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength) |
void | ThrowIfInvalidKeyLength (size_t length) |
void | ThrowIfResynchronizable () |
void | ThrowIfInvalidIV (const byte *iv) |
size_t | ThrowIfInvalidIVLength (int size) |
const byte * | GetIVAndThrowIfInvalid (const NameValuePairs ¶ms, size_t &size) |
void | AssertValidKeyLength (size_t length) const |
void | ThrowIfInvalidTruncatedSize (size_t size) const |
Protected Attributes | |
CTR_Mode_ExternalCipher::Encryption | m_ctr |
State | m_state |
unsigned int | m_bufferedDataLength |
lword | m_totalHeaderLength |
lword | m_totalMessageLength |
lword | m_totalFooterLength |
AlignedSecByteBlock | m_buffer |
Definition at line 64 of file eax.h.
void SimpleKeyingInterface::SetKey | ( | const byte * | key, | |
size_t | length, | |||
const NameValuePairs & | params = g_nullNameValuePairs | |||
) | [virtual, inherited] |
set or reset the key of this object
params | is used to specify Rounds, BlockSize, etc. |
Definition at line 60 of file cryptlib.cpp.
Referenced by SimpleKeyingInterface::SetKeyWithIV(), and SimpleKeyingInterface::SetKeyWithRounds().
void AuthenticatedSymmetricCipherBase::ProcessData | ( | byte * | outString, | |
const byte * | inString, | |||
size_t | length | |||
) | [virtual, inherited] |
encrypt or decrypt an array of bytes of specified length
Implements StreamTransformation.
Definition at line 104 of file authenc.cpp.
References AuthenticatedSymmetricCipher::AlgorithmName(), StreamTransformation::IsForwardTransformation(), AuthenticatedSymmetricCipher::MaxMessageLength(), and StreamTransformation::ProcessData().
virtual bool AuthenticatedSymmetricCipher::NeedsPrespecifiedDataLengths | ( | ) | const [inline, virtual, inherited] |
if this function returns true, SpecifyDataLengths() must be called before attempting to input data
This is the case for some schemes, such as CCM.
Reimplemented in CCM_Base.
Definition at line 646 of file cryptlib.h.
bool SimpleKeyingInterface::IsResynchronizable | ( | ) | const [inline, inherited] |
returns whether this object can be resynchronized (i.e. supports initialization vectors)
If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.
Definition at line 386 of file cryptlib.h.
void SimpleKeyingInterface::GetNextIV | ( | RandomNumberGenerator & | rng, | |
byte * | IV | |||
) | [virtual, inherited] |
get a secure IV for the next message
This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again. This method is not implemented on decryption objects.
Definition at line 136 of file cryptlib.cpp.
References RandomNumberGenerator::GenerateBlock().
virtual void HashTransformation::Final | ( | byte * | digest | ) | [inline, virtual, inherited] |
compute hash for current message, then restart for a new message
Definition at line 545 of file cryptlib.h.
Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey(), and HMAC_Base::TruncatedFinal().
virtual unsigned int StreamTransformation::OptimalBlockSize | ( | ) | const [inline, virtual, inherited] |
returns the input block size that is most efficient for this cipher
Reimplemented in ECB_OneWay.
Definition at line 481 of file cryptlib.h.
virtual bool HashTransformation::Verify | ( | const byte * | digest | ) | [inline, virtual, inherited] |
verify that digest is a valid digest for the current message, then reinitialize the object
Default implementation is to call Final() and do a bitwise comparison between its output and digest.
Definition at line 575 of file cryptlib.h.
void StreamTransformation::ProcessLastBlock | ( | byte * | outString, | |
const byte * | inString, | |||
size_t | length | |||
) | [virtual, inherited] |
for ciphers where the last block of data is special, encrypt or decrypt the last block of data
For now the only use of this function is for CBC-CTS mode.
Reimplemented in CBC_CTS_Encryption, and CBC_CTS_Decryption.
Definition at line 194 of file cryptlib.cpp.
References Algorithm::AlgorithmName(), StreamTransformation::MandatoryBlockSize(), StreamTransformation::MinLastBlockSize(), and StreamTransformation::ProcessData().