Crypto++
Public Types | Public Member Functions | Protected Types | Protected Member Functions | Protected Attributes | List of all members
CCM_Base Class Referenceabstract

More...

#include <ccm.h>

Inheritance diagram for CCM_Base:
AuthenticatedSymmetricCipherBase AuthenticatedSymmetricCipher MessageAuthenticationCode StreamTransformation SimpleKeyingInterface HashTransformation Algorithm Algorithm Clonable Clonable CCM_Final< T_BlockCipher, T_DefaultDigestSize, T_IsEncryption >

Public Types

enum  IV_Requirement {
  UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV,
  NOT_RESYNCHRONIZABLE
}
 

Public Member Functions

std::string AlgorithmName () const
 returns name of this algorithm, not universally implemented yet
 
size_t MinKeyLength () const
 returns smallest valid key length in bytes */
 
size_t MaxKeyLength () const
 returns largest valid key length in bytes */
 
size_t DefaultKeyLength () const
 returns default (recommended) key length in bytes */
 
size_t GetValidKeyLength (size_t n) const
 returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength())
 
bool IsValidKeyLength (size_t n) const
 returns whether n is a valid key length
 
unsigned int OptimalDataAlignment () const
 returns how input should be aligned for optimal performance
 
IV_Requirement IVRequirement () const
 returns the minimal requirement for secure IVs
 
unsigned int IVSize () const
 
unsigned int MinIVLength () const
 returns minimal length of IVs accepted by this object
 
unsigned int MaxIVLength () const
 returns maximal length of IVs accepted by this object
 
unsigned int DigestSize () const
 size of the hash/digest/MAC returned by Final()
 
lword MaxHeaderLength () const
 the maximum length of AAD that can be input before the encrypted data
 
lword MaxMessageLength () const
 the maximum length of encrypted data
 
bool NeedsPrespecifiedDataLengths () const
 if this function returns true, SpecifyDataLengths() must be called before attempting to input data More...
 
void UncheckedSpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength)
 
bool IsRandomAccess () const
 returns whether this cipher supports random access
 
bool IsSelfInverting () const
 returns whether this transformation is self-inverting (e.g. xor with a keystream)
 
void UncheckedSetKey (const byte *, unsigned int, const ::NameValuePairs &)
 
void SetKey (const byte *userKey, size_t keylength, const NameValuePairs &params)
 set or reset the key of this object More...
 
void Restart ()
 discard the current state, and restart with a new message
 
void Resynchronize (const byte *iv, int length=-1)
 resynchronize with an IV. ivLength=-1 means use IVSize()
 
void Update (const byte *input, size_t length)
 process more input
 
void ProcessData (byte *outString, const byte *inString, size_t length)
 encrypt or decrypt an array of bytes of specified length More...
 
void TruncatedFinal (byte *mac, size_t macSize)
 truncated version of Final()
 
virtual lword MaxFooterLength () const
 the maximum length of AAD that can be input after the encrypted data
 
void SpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength=0)
 this function only needs to be called if NeedsPrespecifiedDataLengths() returns true
 
virtual void EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength)
 encrypt and generate MAC in one call. will truncate MAC if macSize < TagSize()
 
virtual bool DecryptAndVerify (byte *message, const byte *mac, size_t macLength, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength)
 decrypt and verify MAC in one call, returning true iff MAC is valid. will assume MAC is truncated if macLength < TagSize()
 
void SetKeyWithRounds (const byte *key, size_t length, int rounds)
 calls SetKey() with an NameValuePairs object that just specifies "Rounds"
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength)
 calls SetKey() with an NameValuePairs object that just specifies "IV"
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv)
 calls SetKey() with an NameValuePairs object that just specifies "IV"
 
bool IsResynchronizable () const
 returns whether this object can be resynchronized (i.e. supports initialization vectors) More...
 
bool CanUseRandomIVs () const
 returns whether this object can use random IVs (in addition to ones returned by GetNextIV)
 
bool CanUsePredictableIVs () const
 returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
 
bool CanUseStructuredIVs () const
 returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
 
unsigned int DefaultIVLength () const
 returns default length of IVs accepted by this object
 
virtual void GetNextIV (RandomNumberGenerator &rng, byte *IV)
 get a secure IV for the next message More...
 
HashTransformationRef ()
 return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference
 
StreamTransformationRef ()
 return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference
 
virtual byte * CreateUpdateSpace (size_t &size)
 request space to write input into
 
virtual void Final (byte *digest)
 compute hash for current message, then restart for a new message More...
 
unsigned int TagSize () const
 same as DigestSize()
 
virtual unsigned int BlockSize () const
 block size of underlying compression function, or 0 if not block based
 
virtual unsigned int OptimalBlockSize () const
 input to Update() should have length a multiple of this for optimal speed
 
virtual unsigned int OptimalBlockSize () const
 returns the input block size that is most efficient for this cipher More...
 
virtual void CalculateDigest (byte *digest, const byte *input, size_t length)
 use this if your input is in one piece and you don't want to call Update() and Final() separately
 
virtual bool Verify (const byte *digest)
 verify that digest is a valid digest for the current message, then reinitialize the object More...
 
virtual bool VerifyDigest (const byte *digest, const byte *input, size_t length)
 use this if your input is in one piece and you don't want to call Update() and Verify() separately
 
virtual void CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length)
 truncated version of CalculateDigest()
 
virtual bool TruncatedVerify (const byte *digest, size_t digestLength)
 truncated version of Verify()
 
virtual bool VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length)
 truncated version of VerifyDigest()
 
virtual ClonableClone () const
 this is not implemented by most classes yet
 
virtual unsigned int MandatoryBlockSize () const
 returns block size, if input must be processed in blocks, otherwise 1
 
virtual unsigned int GetOptimalBlockSizeUsed () const
 returns how much of the current block is used up
 
virtual void ProcessLastBlock (byte *outString, const byte *inString, size_t length)
 for ciphers where the last block of data is special, encrypt or decrypt the last block of data More...
 
virtual unsigned int MinLastBlockSize () const
 returns the minimum size of the last block, 0 indicating the last block is not special
 
void ProcessString (byte *inoutString, size_t length)
 same as ProcessData(inoutString, inoutString, length)
 
void ProcessString (byte *outString, const byte *inString, size_t length)
 same as ProcessData(outString, inString, length)
 
byte ProcessByte (byte input)
 implemented as {ProcessData(&input, &input, 1); return input;}
 
virtual void Seek (lword n)
 for random access ciphers, seek to an absolute position
 
virtual bool IsForwardTransformation () const =0
 returns whether this is an encryption object
 

Protected Types

enum  { REQUIRED_BLOCKSIZE = 16 }
 
enum  State {
  State_Start, State_KeySet, State_IVSet, State_AuthUntransformed,
  State_AuthTransformed, State_AuthFooter
}
 

Protected Member Functions

bool AuthenticationIsOnPlaintext () const
 
unsigned int AuthenticationBlockSize () const
 
void SetKeyWithoutResync (const byte *userKey, size_t keylength, const NameValuePairs &params)
 
void Resync (const byte *iv, size_t len)
 
size_t AuthenticateBlocks (const byte *data, size_t len)
 
void AuthenticateLastHeaderBlock ()
 
void AuthenticateLastConfidentialBlock ()
 
void AuthenticateLastFooterBlock (byte *mac, size_t macSize)
 
SymmetricCipherAccessSymmetricCipher ()
 
virtual BlockCipherAccessBlockCipher ()=0
 
virtual int DefaultDigestSize () const =0
 
const BlockCipherGetBlockCipher () const
 
byte * CBC_Buffer ()
 
virtual void UncheckedSetKey (const byte *key, unsigned int length, const NameValuePairs &params)=0
 
void AuthenticateData (const byte *data, size_t len)
 
const SymmetricCipherGetSymmetricCipher () const
 
const AlgorithmGetAlgorithm () const
 
void ThrowIfInvalidKeyLength (size_t length)
 
void ThrowIfResynchronizable ()
 
void ThrowIfInvalidIV (const byte *iv)
 
size_t ThrowIfInvalidIVLength (int size)
 
const byte * GetIVAndThrowIfInvalid (const NameValuePairs &params, size_t &size)
 
void AssertValidKeyLength (size_t length) const
 
void ThrowIfInvalidTruncatedSize (size_t size) const
 

Protected Attributes

int m_digestSize
 
int m_L
 
word64 m_messageLength
 
word64 m_aadLength
 
CTR_Mode_ExternalCipher::Encryption m_ctr
 
State m_state
 
unsigned int m_bufferedDataLength
 
lword m_totalHeaderLength
 
lword m_totalMessageLength
 
lword m_totalFooterLength
 
AlignedSecByteBlock m_buffer
 

Detailed Description

Definition at line 10 of file ccm.h.

Member Function Documentation

bool CCM_Base::NeedsPrespecifiedDataLengths ( ) const
inlinevirtual

if this function returns true, SpecifyDataLengths() must be called before attempting to input data

This is the case for some schemes, such as CCM.

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 45 of file ccm.h.

void AuthenticatedSymmetricCipherBase::SetKey ( const byte *  key,
size_t  length,
const NameValuePairs params 
)
virtualinherited

set or reset the key of this object

Parameters
paramsis used to specify Rounds, BlockSize, etc.

Reimplemented from SimpleKeyingInterface.

void AuthenticatedSymmetricCipherBase::ProcessData ( byte *  outString,
const byte *  inString,
size_t  length 
)
virtualinherited

encrypt or decrypt an array of bytes of specified length

Note
either inString == outString, or they don't overlap

Implements StreamTransformation.

bool SimpleKeyingInterface::IsResynchronizable ( ) const
inlineinherited

returns whether this object can be resynchronized (i.e. supports initialization vectors)

If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.

Definition at line 385 of file cryptlib.h.

virtual void SimpleKeyingInterface::GetNextIV ( RandomNumberGenerator rng,
byte *  IV 
)
virtualinherited

get a secure IV for the next message

This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again. This method is not implemented on decryption objects.

Reimplemented in VMAC_Base.

virtual void HashTransformation::Final ( byte *  digest)
inlinevirtualinherited

compute hash for current message, then restart for a new message

Precondition
size of digest == DigestSize().

Definition at line 544 of file cryptlib.h.

Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey().

virtual unsigned int StreamTransformation::OptimalBlockSize ( ) const
inlinevirtualinherited

returns the input block size that is most efficient for this cipher

Note
optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0

Reimplemented in ECB_OneWay.

Definition at line 480 of file cryptlib.h.

virtual bool HashTransformation::Verify ( const byte *  digest)
inlinevirtualinherited

verify that digest is a valid digest for the current message, then reinitialize the object

Default implementation is to call Final() and do a bitwise comparison between its output and digest.

Definition at line 574 of file cryptlib.h.

virtual void StreamTransformation::ProcessLastBlock ( byte *  outString,
const byte *  inString,
size_t  length 
)
virtualinherited

for ciphers where the last block of data is special, encrypt or decrypt the last block of data

For now the only use of this function is for CBC-CTS mode.

Reimplemented in CBC_CTS_Decryption, and CBC_CTS_Encryption.


The documentation for this class was generated from the following file: