/src/botan/build/include/botan/internal/tls_cbc.h

Source (jump to first uncovered line)
/*
* TLS CBC+HMAC AEAD
* (C) 2016 Jack Lloyd
* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_TLS_CBC_HMAC_AEAD_H_
#define BOTAN_TLS_CBC_HMAC_AEAD_H_

#include <botan/aead.h>
#include <botan/block_cipher.h>
#include <botan/mac.h>
#include <botan/tls_version.h>

namespace Botan {

namespace TLS {

/**
* TLS CBC+HMAC AEAD base class (GenericBlockCipher in TLS spec)
* This is the weird TLS-specific mode, not for general consumption.
*/
class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Mode : public AEAD_Mode
   {
   public:
      size_t process(uint8_t buf[], size_t sz) override final;

      std::string name() const override final;

      void set_associated_data(const uint8_t ad[], size_t ad_len) override;

      size_t update_granularity() const override final;

      Key_Length_Specification key_spec() const override final;

      bool valid_nonce_length(size_t nl) const override final;

      size_t tag_size() const override final { return m_tag_size; }

      size_t default_nonce_length() const override final { return m_iv_size; }

      void clear() override final;

      void reset() override final;

 protected:
      TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir direction,
                             std::unique_ptr<BlockCipher> cipher,
                             std::unique_ptr<MessageAuthenticationCode> mac,
                             size_t cipher_keylen,
                             size_t mac_keylen,
                             Protocol_Version version,
                             bool use_encrypt_then_mac);

      size_t cipher_keylen() const { return m_cipher_keylen; }
      size_t mac_keylen() const { return m_mac_keylen; }
      size_t iv_size() const { return m_iv_size; }
      size_t block_size() const { return m_block_size; }

      bool use_encrypt_then_mac() const { return m_use_encrypt_then_mac; }

      bool is_datagram_protocol() const { return m_is_datagram; }

      Cipher_Mode& cbc() const { return *m_cbc; }

      MessageAuthenticationCode& mac() const
         {
         BOTAN_ASSERT_NONNULL(m_mac);
         return *m_mac;
         }

      secure_vector<uint8_t>& cbc_state() { return m_cbc_state; }
      std::vector<uint8_t>& assoc_data() { return m_ad; }
      secure_vector<uint8_t>& msg() { return m_msg; }

      std::vector<uint8_t> assoc_data_with_len(uint16_t len);

   private:
      void start_msg(const uint8_t nonce[], size_t nonce_len) override final;

      void key_schedule(const uint8_t key[], size_t length) override final;

      const std::string m_cipher_name;
      const std::string m_mac_name;
      size_t m_cipher_keylen;
      size_t m_mac_keylen;
      size_t m_iv_size;
      size_t m_tag_size;
      size_t m_block_size;
      bool m_use_encrypt_then_mac;
      bool m_is_datagram;

      std::unique_ptr<Cipher_Mode> m_cbc;
      std::unique_ptr<MessageAuthenticationCode> m_mac;

      secure_vector<uint8_t> m_cbc_state;
      std::vector<uint8_t> m_ad;
      secure_vector<uint8_t> m_msg;
   };

/**
* TLS_CBC_HMAC_AEAD Encryption
*/
class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Encryption final : public TLS_CBC_HMAC_AEAD_Mode
   {
   public:
      /**
      */
      TLS_CBC_HMAC_AEAD_Encryption(
                             std::unique_ptr<BlockCipher> cipher,
                             std::unique_ptr<MessageAuthenticationCode> mac,
                             const size_t cipher_keylen,
                             const size_t mac_keylen,
                             const Protocol_Version version,
                             bool use_encrypt_then_mac) :
         TLS_CBC_HMAC_AEAD_Mode(ENCRYPTION,
                                std::move(cipher),
                                std::move(mac),
                                cipher_keylen,
                                mac_keylen,
                                version,
                                use_encrypt_then_mac)
         {}

      void set_associated_data(const uint8_t ad[], size_t ad_len) override;

      size_t output_length(size_t input_length) const override;

      size_t minimum_final_size() const override { return 0; }

      void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
   private:
      void cbc_encrypt_record(secure_vector<uint8_t>& buffer, size_t offset,
                              size_t padding_length);
   };

/**
* TLS_CBC_HMAC_AEAD Decryption
*/
class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Decryption final : public TLS_CBC_HMAC_AEAD_Mode
   {
   public:
      /**
      */
      TLS_CBC_HMAC_AEAD_Decryption(std::unique_ptr<BlockCipher> cipher,
                                   std::unique_ptr<MessageAuthenticationCode> mac,
                                   const size_t cipher_keylen,
                                   const size_t mac_keylen,
                                   const Protocol_Version version,
                                   bool use_encrypt_then_mac) :
         TLS_CBC_HMAC_AEAD_Mode(DECRYPTION,
                                std::move(cipher),
                                std::move(mac),
                                cipher_keylen,
                                mac_keylen,
                                version,
                                use_encrypt_then_mac)
         {}

      size_t output_length(size_t input_length) const override;

      size_t minimum_final_size() const override { return tag_size(); }

      void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;

   private:
      void cbc_decrypt_record(uint8_t record_contents[], size_t record_len);

      void perform_additional_compressions(size_t plen, size_t padlen);
   };

/**
* Check the TLS padding of a record
* @param record the record bits
* @param record_len length of record
* @return 0 if padding is invalid, otherwise padding_bytes + 1
*/
BOTAN_TEST_API uint16_t check_tls_cbc_padding(const uint8_t record[], size_t record_len);

}

}

#endif

Line	Count	Source (jump to first uncovered line)
1		/*
2		* TLS CBC+HMAC AEAD
3		* (C) 2016 Jack Lloyd
4		* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#ifndef BOTAN_TLS_CBC_HMAC_AEAD_H_
10		#define BOTAN_TLS_CBC_HMAC_AEAD_H_
11
12		#include <botan/aead.h>
13		#include <botan/block_cipher.h>
14		#include <botan/mac.h>
15		#include <botan/tls_version.h>
16
17		namespace Botan {
18
19		namespace TLS {
20
21		/**
22		* TLS CBC+HMAC AEAD base class (GenericBlockCipher in TLS spec)
23		* This is the weird TLS-specific mode, not for general consumption.
24		*/
25		class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Mode : public AEAD_Mode
26		{
27		public:
28		size_t process(uint8_t buf[], size_t sz) override final;
29
30		std::string name() const override final;
31
32		void set_associated_data(const uint8_t ad[], size_t ad_len) override;
33
34		size_t update_granularity() const override final;
35
36		Key_Length_Specification key_spec() const override final;
37
38		bool valid_nonce_length(size_t nl) const override final;
39
40	8.10k	size_t tag_size() const override final { return m_tag_size; }
41
42	0	size_t default_nonce_length() const override final { return m_iv_size; }
43
44		void clear() override final;
45
46		void reset() override final;
47
48		protected:
49		TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir direction,
50		std::unique_ptr<BlockCipher> cipher,
51		std::unique_ptr<MessageAuthenticationCode> mac,
52		size_t cipher_keylen,
53		size_t mac_keylen,
54		Protocol_Version version,
55		bool use_encrypt_then_mac);
56
57	0	size_t cipher_keylen() const { return m_cipher_keylen; }
58	0	size_t mac_keylen() const { return m_mac_keylen; }
59	423	size_t iv_size() const { return m_iv_size; }
60	6.48k	size_t block_size() const { return m_block_size; }
61
62	6.12k	bool use_encrypt_then_mac() const { return m_use_encrypt_then_mac; }
63
64	277	bool is_datagram_protocol() const { return m_is_datagram; }
65
66	4.12k	Cipher_Mode& cbc() const { return *m_cbc; }
67
68		MessageAuthenticationCode& mac() const
69	6.11k	{
70	6.11k	BOTAN_ASSERT_NONNULL(m_mac);
71	6.11k	return *m_mac;
72	6.11k	}
73
74	2.81k	secure_vector<uint8_t>& cbc_state() { return m_cbc_state; }
75	1.30k	std::vector<uint8_t>& assoc_data() { return m_ad; }
76	2.89k	secure_vector<uint8_t>& msg() { return m_msg; }
77
78		std::vector<uint8_t> assoc_data_with_len(uint16_t len);
79
80		private:
81		void start_msg(const uint8_t nonce[], size_t nonce_len) override final;
82
83		void key_schedule(const uint8_t key[], size_t length) override final;
84
85		const std::string m_cipher_name;
86		const std::string m_mac_name;
87		size_t m_cipher_keylen;
88		size_t m_mac_keylen;
89		size_t m_iv_size;
90		size_t m_tag_size;
91		size_t m_block_size;
92		bool m_use_encrypt_then_mac;
93		bool m_is_datagram;
94
95		std::unique_ptr<Cipher_Mode> m_cbc;
96		std::unique_ptr<MessageAuthenticationCode> m_mac;
97
98		secure_vector<uint8_t> m_cbc_state;
99		std::vector<uint8_t> m_ad;
100		secure_vector<uint8_t> m_msg;
101		};
102
103		/**
104		* TLS_CBC_HMAC_AEAD Encryption
105		*/
106		class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Encryption final : public TLS_CBC_HMAC_AEAD_Mode
107		{
108		public:
109		/**
110		*/
111		TLS_CBC_HMAC_AEAD_Encryption(
112		std::unique_ptr<BlockCipher> cipher,
113		std::unique_ptr<MessageAuthenticationCode> mac,
114		const size_t cipher_keylen,
115		const size_t mac_keylen,
116		const Protocol_Version version,
117		bool use_encrypt_then_mac) :
118		TLS_CBC_HMAC_AEAD_Mode(ENCRYPTION,
119		std::move(cipher),
120		std::move(mac),
121		cipher_keylen,
122		mac_keylen,
123		version,
124		use_encrypt_then_mac)
125	786	{}
126
127		void set_associated_data(const uint8_t ad[], size_t ad_len) override;
128
129		size_t output_length(size_t input_length) const override;
130
131	0	size_t minimum_final_size() const override { return 0; }
132
133		void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
134		private:
135		void cbc_encrypt_record(secure_vector<uint8_t>& buffer, size_t offset,
136		size_t padding_length);
137		};
138
139		/**
140		* TLS_CBC_HMAC_AEAD Decryption
141		*/
142		class BOTAN_TEST_API TLS_CBC_HMAC_AEAD_Decryption final : public TLS_CBC_HMAC_AEAD_Mode
143		{
144		public:
145		/**
146		*/
147		TLS_CBC_HMAC_AEAD_Decryption(std::unique_ptr<BlockCipher> cipher,
148		std::unique_ptr<MessageAuthenticationCode> mac,
149		const size_t cipher_keylen,
150		const size_t mac_keylen,
151		const Protocol_Version version,
152		bool use_encrypt_then_mac) :
153		TLS_CBC_HMAC_AEAD_Mode(DECRYPTION,
154		std::move(cipher),
155		std::move(mac),
156		cipher_keylen,
157		mac_keylen,
158		version,
159		use_encrypt_then_mac)
160	581	{}
161
162		size_t output_length(size_t input_length) const override;
163
164	351	size_t minimum_final_size() const override { return tag_size(); }
165
166		void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
167
168		private:
169		void cbc_decrypt_record(uint8_t record_contents[], size_t record_len);
170
171		void perform_additional_compressions(size_t plen, size_t padlen);
172		};
173
174		/**
175		* Check the TLS padding of a record
176		* @param record the record bits
177		* @param record_len length of record
178		* @return 0 if padding is invalid, otherwise padding_bytes + 1
179		*/
180		BOTAN_TEST_API uint16_t check_tls_cbc_padding(const uint8_t record[], size_t record_len);
181
182		}
183
184		}
185
186		#endif

Coverage Report

Created: 2020-10-17 06:46