Crypto++
Classes | Public Types | Public Member Functions | Protected Member Functions | List of all members
AuthenticatedSymmetricCipher Class Referenceabstract

interface for for one direction (encryption or decryption) of a stream cipher or block cipher mode with authentication More...

#include <cryptlib.h>

Inheritance diagram for AuthenticatedSymmetricCipher:
MessageAuthenticationCode StreamTransformation SimpleKeyingInterface HashTransformation Algorithm Algorithm Clonable Clonable AuthenticatedSymmetricCipherBase CCM_Base EAX_Base GCM_Base CCM_Final< T_BlockCipher, T_DefaultDigestSize, T_IsEncryption > EAX_Final< T_BlockCipher, T_IsEncryption > GCM_Final< T_BlockCipher, T_TablesOption, T_IsEncryption >

Classes

class  BadState
 this indicates that a member function was called in the wrong state, for example trying to encrypt a message before having set the key or IV More...
 

Public Types

enum  IV_Requirement {
  UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV,
  NOT_RESYNCHRONIZABLE
}
 

Public Member Functions

virtual lword MaxHeaderLength () const =0
 the maximum length of AAD that can be input before the encrypted data
 
virtual lword MaxMessageLength () const =0
 the maximum length of encrypted data
 
virtual lword MaxFooterLength () const
 the maximum length of AAD that can be input after the encrypted data
 
virtual bool NeedsPrespecifiedDataLengths () const
 if this function returns true, SpecifyDataLengths() must be called before attempting to input data More...
 
void SpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength=0)
 this function only needs to be called if NeedsPrespecifiedDataLengths() returns true
 
virtual void EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength)
 encrypt and generate MAC in one call. will truncate MAC if macSize < TagSize()
 
virtual bool DecryptAndVerify (byte *message, const byte *mac, size_t macLength, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength)
 decrypt and verify MAC in one call, returning true iff MAC is valid. will assume MAC is truncated if macLength < TagSize()
 
virtual std::string AlgorithmName () const =0
 returns name of this algorithm, not universally implemented yet
 
virtual size_t MinKeyLength () const =0
 returns smallest valid key length in bytes */
 
virtual size_t MaxKeyLength () const =0
 returns largest valid key length in bytes */
 
virtual size_t DefaultKeyLength () const =0
 returns default (recommended) key length in bytes */
 
virtual size_t GetValidKeyLength (size_t n) const =0
 returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength())
 
virtual bool IsValidKeyLength (size_t n) const
 returns whether n is a valid key length
 
virtual void SetKey (const byte *key, size_t length, const NameValuePairs &params=g_nullNameValuePairs)
 set or reset the key of this object More...
 
void SetKeyWithRounds (const byte *key, size_t length, int rounds)
 calls SetKey() with an NameValuePairs object that just specifies "Rounds"
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength)
 calls SetKey() with an NameValuePairs object that just specifies "IV"
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv)
 calls SetKey() with an NameValuePairs object that just specifies "IV"
 
virtual IV_Requirement IVRequirement () const =0
 returns the minimal requirement for secure IVs
 
bool IsResynchronizable () const
 returns whether this object can be resynchronized (i.e. supports initialization vectors) More...
 
bool CanUseRandomIVs () const
 returns whether this object can use random IVs (in addition to ones returned by GetNextIV)
 
bool CanUsePredictableIVs () const
 returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
 
bool CanUseStructuredIVs () const
 returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
 
virtual unsigned int IVSize () const
 
unsigned int DefaultIVLength () const
 returns default length of IVs accepted by this object
 
virtual unsigned int MinIVLength () const
 returns minimal length of IVs accepted by this object
 
virtual unsigned int MaxIVLength () const
 returns maximal length of IVs accepted by this object
 
virtual void Resynchronize (const byte *iv, int ivLength=-1)
 resynchronize with an IV. ivLength=-1 means use IVSize()
 
virtual void GetNextIV (RandomNumberGenerator &rng, byte *IV)
 get a secure IV for the next message More...
 
HashTransformationRef ()
 return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference
 
virtual void Update (const byte *input, size_t length)=0
 process more input
 
virtual byte * CreateUpdateSpace (size_t &size)
 request space to write input into
 
virtual void Final (byte *digest)
 compute hash for current message, then restart for a new message More...
 
virtual void Restart ()
 discard the current state, and restart with a new message
 
virtual unsigned int DigestSize () const =0
 size of the hash/digest/MAC returned by Final()
 
unsigned int TagSize () const
 same as DigestSize()
 
virtual unsigned int BlockSize () const
 block size of underlying compression function, or 0 if not block based
 
virtual unsigned int OptimalBlockSize () const
 input to Update() should have length a multiple of this for optimal speed
 
virtual unsigned int OptimalDataAlignment () const
 returns how input should be aligned for optimal performance
 
virtual void CalculateDigest (byte *digest, const byte *input, size_t length)
 use this if your input is in one piece and you don't want to call Update() and Final() separately
 
virtual bool Verify (const byte *digest)
 verify that digest is a valid digest for the current message, then reinitialize the object More...
 
virtual bool VerifyDigest (const byte *digest, const byte *input, size_t length)
 use this if your input is in one piece and you don't want to call Update() and Verify() separately
 
virtual void TruncatedFinal (byte *digest, size_t digestSize)=0
 truncated version of Final()
 
virtual void CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length)
 truncated version of CalculateDigest()
 
virtual bool TruncatedVerify (const byte *digest, size_t digestLength)
 truncated version of Verify()
 
virtual bool VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length)
 truncated version of VerifyDigest()
 
virtual ClonableClone () const
 this is not implemented by most classes yet
 
StreamTransformationRef ()
 return a reference to this object, useful for passing a temporary object to a function that takes a non-const reference
 
virtual unsigned int MandatoryBlockSize () const
 returns block size, if input must be processed in blocks, otherwise 1
 
virtual unsigned int OptimalBlockSize () const
 returns the input block size that is most efficient for this cipher More...
 
virtual unsigned int GetOptimalBlockSizeUsed () const
 returns how much of the current block is used up
 
virtual unsigned int OptimalDataAlignment () const
 returns how input should be aligned for optimal performance
 
virtual void ProcessData (byte *outString, const byte *inString, size_t length)=0
 encrypt or decrypt an array of bytes of specified length More...
 
virtual void ProcessLastBlock (byte *outString, const byte *inString, size_t length)
 for ciphers where the last block of data is special, encrypt or decrypt the last block of data More...
 
virtual unsigned int MinLastBlockSize () const
 returns the minimum size of the last block, 0 indicating the last block is not special
 
void ProcessString (byte *inoutString, size_t length)
 same as ProcessData(inoutString, inoutString, length)
 
void ProcessString (byte *outString, const byte *inString, size_t length)
 same as ProcessData(outString, inString, length)
 
byte ProcessByte (byte input)
 implemented as {ProcessData(&input, &input, 1); return input;}
 
virtual bool IsRandomAccess () const =0
 returns whether this cipher supports random access
 
virtual void Seek (lword n)
 for random access ciphers, seek to an absolute position
 
virtual bool IsSelfInverting () const =0
 returns whether this transformation is self-inverting (e.g. xor with a keystream)
 
virtual bool IsForwardTransformation () const =0
 returns whether this is an encryption object
 

Protected Member Functions

const AlgorithmGetAlgorithm () const
 
virtual void UncheckedSpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength)
 
virtual void UncheckedSetKey (const byte *key, unsigned int length, const NameValuePairs &params)=0
 
void ThrowIfInvalidKeyLength (size_t length)
 
void ThrowIfResynchronizable ()
 
void ThrowIfInvalidIV (const byte *iv)
 
size_t ThrowIfInvalidIVLength (int size)
 
const byte * GetIVAndThrowIfInvalid (const NameValuePairs &params, size_t &size)
 
void AssertValidKeyLength (size_t length) const
 
void ThrowIfInvalidTruncatedSize (size_t size) const
 

Detailed Description

interface for for one direction (encryption or decryption) of a stream cipher or block cipher mode with authentication

The StreamTransformation part of this interface is used to encrypt/decrypt the data, and the MessageAuthenticationCode part of this interface is used to input additional authenticated data (AAD, which is MAC'ed but not encrypted), and to generate/verify the MAC.

Definition at line 626 of file cryptlib.h.

Member Function Documentation

virtual bool AuthenticatedSymmetricCipher::NeedsPrespecifiedDataLengths ( ) const
inlinevirtual

if this function returns true, SpecifyDataLengths() must be called before attempting to input data

This is the case for some schemes, such as CCM.

Reimplemented in CCM_Base.

Definition at line 645 of file cryptlib.h.

virtual void SimpleKeyingInterface::SetKey ( const byte *  key,
size_t  length,
const NameValuePairs params = g_nullNameValuePairs 
)
virtualinherited

set or reset the key of this object

Parameters
paramsis used to specify Rounds, BlockSize, etc.

Reimplemented in ECB_OneWay, and AuthenticatedSymmetricCipherBase.

bool SimpleKeyingInterface::IsResynchronizable ( ) const
inlineinherited

returns whether this object can be resynchronized (i.e. supports initialization vectors)

If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.

Definition at line 385 of file cryptlib.h.

virtual void SimpleKeyingInterface::GetNextIV ( RandomNumberGenerator rng,
byte *  IV 
)
virtualinherited

get a secure IV for the next message

This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again. This method is not implemented on decryption objects.

Reimplemented in VMAC_Base.

virtual void HashTransformation::Final ( byte *  digest)
inlinevirtualinherited

compute hash for current message, then restart for a new message

Precondition
size of digest == DigestSize().

Definition at line 544 of file cryptlib.h.

Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey().

virtual bool HashTransformation::Verify ( const byte *  digest)
inlinevirtualinherited

verify that digest is a valid digest for the current message, then reinitialize the object

Default implementation is to call Final() and do a bitwise comparison between its output and digest.

Definition at line 574 of file cryptlib.h.

virtual unsigned int StreamTransformation::OptimalBlockSize ( ) const
inlinevirtualinherited

returns the input block size that is most efficient for this cipher

Note
optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0

Reimplemented in ECB_OneWay.

Definition at line 480 of file cryptlib.h.

virtual void StreamTransformation::ProcessData ( byte *  outString,
const byte *  inString,
size_t  length 
)
pure virtualinherited

encrypt or decrypt an array of bytes of specified length

Note
either inString == outString, or they don't overlap

Implemented in CBC_Decryption, CBC_Encryption, ECB_OneWay, AuthenticatedSymmetricCipherBase, Weak1::ARC4_Base, and PublicBlumBlumShub.

virtual void StreamTransformation::ProcessLastBlock ( byte *  outString,
const byte *  inString,
size_t  length 
)
virtualinherited

for ciphers where the last block of data is special, encrypt or decrypt the last block of data

For now the only use of this function is for CBC-CTS mode.

Reimplemented in CBC_CTS_Decryption, and CBC_CTS_Encryption.


The documentation for this class was generated from the following file: