Coverage Report

Created: 2023-12-08 07:00

/src/botan/build/include/botan/internal/siv.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
* SIV Mode
3
* (C) 2013 Jack Lloyd
4
* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5
*
6
* Botan is released under the Simplified BSD License (see license.txt)
7
*/
8
9
#ifndef BOTAN_AEAD_SIV_H_
10
#define BOTAN_AEAD_SIV_H_
11
12
#include <botan/aead.h>
13
#include <botan/block_cipher.h>
14
#include <botan/stream_cipher.h>
15
16
namespace Botan {
17
18
class MessageAuthenticationCode;
19
20
/**
21
* Base class for SIV encryption and decryption (@see RFC 5297)
22
*/
23
class BOTAN_TEST_API SIV_Mode : public AEAD_Mode {
24
   public:
25
      /**
26
      * Sets the nth element of the vector of associated data
27
      * @param n index into the AD vector
28
      * @param ad associated data
29
      */
30
      void set_associated_data_n(size_t n, std::span<const uint8_t> ad) override final;
31
32
      size_t maximum_associated_data_inputs() const override final;
33
34
      std::string name() const override final;
35
36
      size_t update_granularity() const override final;
37
38
      size_t ideal_granularity() const override final;
39
40
      Key_Length_Specification key_spec() const override final;
41
42
      bool valid_nonce_length(size_t) const override final;
43
44
      bool requires_entire_message() const override final;
45
46
      void clear() override final;
47
48
      void reset() override final;
49
50
0
      size_t tag_size() const override final { return 16; }
51
52
      bool has_keying_material() const override final;
53
54
      ~SIV_Mode();
55
56
   protected:
57
      explicit SIV_Mode(std::unique_ptr<BlockCipher> cipher);
58
59
0
      size_t block_size() const { return m_bs; }
60
61
0
      StreamCipher& ctr() { return *m_ctr; }
62
63
      void set_ctr_iv(secure_vector<uint8_t> V);
64
65
0
      secure_vector<uint8_t>& msg_buf() { return m_msg_buf; }
66
67
      secure_vector<uint8_t> S2V(const uint8_t text[], size_t text_len);
68
69
   private:
70
      void start_msg(const uint8_t nonce[], size_t nonce_len) override final;
71
      size_t process_msg(uint8_t buf[], size_t size) override final;
72
73
      void key_schedule(std::span<const uint8_t> key) override final;
74
75
      const std::string m_name;
76
      const size_t m_bs;
77
78
      std::unique_ptr<StreamCipher> m_ctr;
79
      std::unique_ptr<MessageAuthenticationCode> m_mac;
80
      secure_vector<uint8_t> m_nonce, m_msg_buf;
81
      std::vector<secure_vector<uint8_t>> m_ad_macs;
82
};
83
84
/**
85
* SIV Encryption
86
*/
87
class BOTAN_TEST_API SIV_Encryption final : public SIV_Mode {
88
   public:
89
      /**
90
      * @param cipher a block cipher
91
      */
92
0
      explicit SIV_Encryption(std::unique_ptr<BlockCipher> cipher) : SIV_Mode(std::move(cipher)) {}
93
94
0
      size_t output_length(size_t input_length) const override { return input_length + tag_size(); }
95
96
0
      size_t minimum_final_size() const override { return 0; }
97
98
   private:
99
      void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
100
};
101
102
/**
103
* SIV Decryption
104
*/
105
class BOTAN_TEST_API SIV_Decryption final : public SIV_Mode {
106
   public:
107
      /**
108
      * @param cipher a 128-bit block cipher
109
      */
110
0
      explicit SIV_Decryption(std::unique_ptr<BlockCipher> cipher) : SIV_Mode(std::move(cipher)) {}
111
112
0
      size_t output_length(size_t input_length) const override {
113
0
         BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input");
114
0
         return input_length - tag_size();
115
0
      }
116
117
0
      size_t minimum_final_size() const override { return tag_size(); }
118
119
   private:
120
      void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
121
};
122
123
}  // namespace Botan
124
125
#endif