/src/botan/build/include/botan/cipher_mode.h

Source (jump to first uncovered line)
/*
* Cipher Modes
* (C) 2013,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_CIPHER_MODE_H_
#define BOTAN_CIPHER_MODE_H_

#include <botan/secmem.h>
#include <botan/sym_algo.h>
#include <botan/exceptn.h>
#include <string>
#include <vector>

namespace Botan {

/**
* The two possible directions for cipher filters, determining whether they
* actually perform encryption or decryption.
*/
enum class Cipher_Dir : int {
   Encryption,
   Decryption,

   ENCRYPTION BOTAN_DEPRECATED("Use Cipher_Dir::Encryption") = Encryption,
   DECRYPTION BOTAN_DEPRECATED("Use Cipher_Dir::Decryption") = Decryption,
};

/**
* Interface for cipher modes
*/
class BOTAN_PUBLIC_API(2,0) Cipher_Mode : public SymmetricAlgorithm
   {
   public:
      /**
      * @return list of available providers for this algorithm, empty if not available
      * @param algo_spec algorithm name
      */
      static std::vector<std::string> providers(const std::string& algo_spec);

      /**
      * Create an AEAD mode
      * @param algo the algorithm to create
      * @param direction specify if this should be an encryption or decryption AEAD
      * @param provider optional specification for provider to use
      * @return an AEAD mode or a null pointer if not available
      */
      static std::unique_ptr<Cipher_Mode> create(const std::string& algo,
                                                 Cipher_Dir direction,
                                                 const std::string& provider = "");

      /**
      * Create an AEAD mode, or throw
      * @param algo the algorithm to create
      * @param direction specify if this should be an encryption or decryption AEAD
      * @param provider optional specification for provider to use
      * @return an AEAD mode, or throw an exception
      */
      static std::unique_ptr<Cipher_Mode> create_or_throw(const std::string& algo,
                                                          Cipher_Dir direction,
                                                          const std::string& provider = "");

      /*
      * Prepare for processing a message under the specified nonce
      */
      virtual void start_msg(const uint8_t nonce[], size_t nonce_len) = 0;

      /**
      * Begin processing a message with a fresh nonce.
      * @param nonce the per message nonce
      */
      template<typename Alloc>
      void start(const std::vector<uint8_t, Alloc>& nonce)
         {
         start_msg(nonce.data(), nonce.size());
         }

      /**
      * Begin processing a message with a fresh nonce.
      * @param nonce the per message nonce
      * @param nonce_len length of nonce
      */
      void start(const uint8_t nonce[], size_t nonce_len)
         {
         start_msg(nonce, nonce_len);
         }

      /**
      * Begin processing a message.
      *
      * The exact semantics of this depend on the mode. For many modes, the call
      * will fail since a nonce must be provided.
      *
      * For certain modes such as CBC this will instead cause the last
      * ciphertext block to be used as the nonce of the new message; doing this
      * isn't a good idea, but some (mostly older) protocols do this.
      */
      void start()
         {
         return start_msg(nullptr, 0);
         }

      /**
      * Process message blocks
      *
      * Input must be a multiple of update_granularity
      *
      * Processes msg in place and returns bytes written. Normally
      * this will be either msg_len (indicating the entire message was
      * processed) or for certain AEAD modes zero (indicating that the
      * mode requires the entire message be processed in one pass).
      *
      * @param msg the message to be processed
      * @param msg_len length of the message in bytes
      */
      virtual size_t process(uint8_t msg[], size_t msg_len) = 0;

      /**
      * Process some data. Input must be in size update_granularity() uint8_t blocks.
      * @param buffer in/out parameter which will possibly be resized
      * @param offset an offset into blocks to begin processing
      */
      void update(secure_vector<uint8_t>& buffer, size_t offset = 0)
         {
         BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
         uint8_t* buf = buffer.data() + offset;
         const size_t buf_size = buffer.size() - offset;

         const size_t written = process(buf, buf_size);
         buffer.resize(offset + written);
         }

      /**
      * Complete processing of a message.
      *
      * @param final_block in/out parameter which must be at least
      *        minimum_final_size() bytes, and will be set to any final output
      * @param offset an offset into final_block to begin processing
      */
      virtual void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) = 0;

      /**
      * Returns the size of the output if this transform is used to process a
      * message with input_length bytes. In most cases the answer is precise.
      * If it is not possible to precise (namely for CBC decryption) instead an
      * upper bound is returned.
      */
      virtual size_t output_length(size_t input_length) const = 0;

      /**
      * @return size of required blocks to update
      */
      virtual size_t update_granularity() const = 0;

      /**
      * Return an ideal granularity. This will be a multiple of the result of
      * update_granularity but may be larger. If so it indicates that better
      * performance may be achieved by providing buffers that are at least that
      * size.
      */
      virtual size_t ideal_granularity() const = 0;

      /**
      * Certain modes require the entire message be available before
      * any processing can occur. For such modes, input will be consumed
      * but not returned, until `finish` is called, which returns the
      * entire message.
      *
      * This function returns true if this mode has this style of
      * operation.
      */
      virtual bool requires_entire_message() const { return false; }

      /**
      * @return required minimium size to finalize() - may be any
      *         length larger than this.
      */
      virtual size_t minimum_final_size() const = 0;

      /**
      * @return the default size for a nonce
      */
      virtual size_t default_nonce_length() const = 0;

      /**
      * @return true iff nonce_len is a valid length for the nonce
      */
      virtual bool valid_nonce_length(size_t nonce_len) const = 0;

      /**
      * Resets just the message specific state and allows encrypting again under the existing key
      */
      virtual void reset() = 0;

      /**
      * @return true iff this mode provides authentication as well as
      * confidentiality.
      */
      bool authenticated() const { return this->tag_size() > 0; }

      /**
      * @return the size of the authentication tag used (in bytes)
      */
      virtual size_t tag_size() const { return 0; }

      /**
      * @return provider information about this implementation. Default is "base",
      * might also return "sse2", "avx2", "openssl", or some other arbitrary string.
      */
      virtual std::string provider() const { return "base"; }
   };

/**
* Get a cipher mode by name (eg "AES-128/CBC" or "Serpent/XTS")
* @param algo_spec cipher name
* @param direction Cipher_Dir::Encryption or Cipher_Dir::Decryption
* @param provider provider implementation to choose
*/
BOTAN_DEPRECATED("Use Cipher_Mode::create")
inline Cipher_Mode* get_cipher_mode(const std::string& algo_spec,
                                    Cipher_Dir direction,
                                    const std::string& provider = "")
   {
   return Cipher_Mode::create(algo_spec, direction, provider).release();
   }

}

#endif

Coverage Report

Created: 2023-02-22 06:39

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Cipher Modes
3		* (C) 2013,2016 Jack Lloyd
4		*
5		* Botan is released under the Simplified BSD License (see license.txt)
6		*/
7
8		#ifndef BOTAN_CIPHER_MODE_H_
9		#define BOTAN_CIPHER_MODE_H_
10
11		#include <botan/secmem.h>
12		#include <botan/sym_algo.h>
13		#include <botan/exceptn.h>
14		#include <string>
15		#include <vector>
16
17		namespace Botan {
18
19		/**
20		* The two possible directions for cipher filters, determining whether they
21		* actually perform encryption or decryption.
22		*/
23		enum class Cipher_Dir : int {
24		Encryption,
25		Decryption,
26
27		ENCRYPTION BOTAN_DEPRECATED("Use Cipher_Dir::Encryption") = Encryption,
28		DECRYPTION BOTAN_DEPRECATED("Use Cipher_Dir::Decryption") = Decryption,
29		};
30
31		/**
32		* Interface for cipher modes
33		*/
34		class BOTAN_PUBLIC_API(2,0) Cipher_Mode : public SymmetricAlgorithm
35		{
36		public:
37		/**
38		* @return list of available providers for this algorithm, empty if not available
39		* @param algo_spec algorithm name
40		*/
41		static std::vector<std::string> providers(const std::string& algo_spec);
42
43		/**
44		* Create an AEAD mode
45		* @param algo the algorithm to create
46		* @param direction specify if this should be an encryption or decryption AEAD
47		* @param provider optional specification for provider to use
48		* @return an AEAD mode or a null pointer if not available
49		*/
50		static std::unique_ptr<Cipher_Mode> create(const std::string& algo,
51		Cipher_Dir direction,
52		const std::string& provider = "");
53
54		/**
55		* Create an AEAD mode, or throw
56		* @param algo the algorithm to create
57		* @param direction specify if this should be an encryption or decryption AEAD
58		* @param provider optional specification for provider to use
59		* @return an AEAD mode, or throw an exception
60		*/
61		static std::unique_ptr<Cipher_Mode> create_or_throw(const std::string& algo,
62		Cipher_Dir direction,
63		const std::string& provider = "");
64
65		/*
66		* Prepare for processing a message under the specified nonce
67		*/
68		virtual void start_msg(const uint8_t nonce[], size_t nonce_len) = 0;
69
70		/**
71		* Begin processing a message with a fresh nonce.
72		* @param nonce the per message nonce
73		*/
74		template<typename Alloc>
75		void start(const std::vector<uint8_t, Alloc>& nonce)
76	0	{
77	0	start_msg(nonce.data(), nonce.size());
78	0	}
79
80		/**
81		* Begin processing a message with a fresh nonce.
82		* @param nonce the per message nonce
83		* @param nonce_len length of nonce
84		*/
85		void start(const uint8_t nonce[], size_t nonce_len)
86	0	{
87	0	start_msg(nonce, nonce_len);
88	0	}
89
90		/**
91		* Begin processing a message.
92		*
93		* The exact semantics of this depend on the mode. For many modes, the call
94		* will fail since a nonce must be provided.
95		*
96		* For certain modes such as CBC this will instead cause the last
97		* ciphertext block to be used as the nonce of the new message; doing this
98		* isn't a good idea, but some (mostly older) protocols do this.
99		*/
100		void start()
101	0	{
102	0	return start_msg(nullptr, 0);
103	0	}
104
105		/**
106		* Process message blocks
107		*
108		* Input must be a multiple of update_granularity
109		*
110		* Processes msg in place and returns bytes written. Normally
111		* this will be either msg_len (indicating the entire message was
112		* processed) or for certain AEAD modes zero (indicating that the
113		* mode requires the entire message be processed in one pass).
114		*
115		* @param msg the message to be processed
116		* @param msg_len length of the message in bytes
117		*/
118		virtual size_t process(uint8_t msg[], size_t msg_len) = 0;
119
120		/**
121		* Process some data. Input must be in size update_granularity() uint8_t blocks.
122		* @param buffer in/out parameter which will possibly be resized
123		* @param offset an offset into blocks to begin processing
124		*/
125		void update(secure_vector<uint8_t>& buffer, size_t offset = 0)
126	0	{
127	0	BOTAN_ASSERT(buffer.size() >= offset, "Offset ok");
128	0	uint8_t* buf = buffer.data() + offset;
129	0	const size_t buf_size = buffer.size() - offset;
130
131	0	const size_t written = process(buf, buf_size);
132	0	buffer.resize(offset + written);
133	0	}
134
135		/**
136		* Complete processing of a message.
137		*
138		* @param final_block in/out parameter which must be at least
139		* minimum_final_size() bytes, and will be set to any final output
140		* @param offset an offset into final_block to begin processing
141		*/
142		virtual void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) = 0;
143
144		/**
145		* Returns the size of the output if this transform is used to process a
146		* message with input_length bytes. In most cases the answer is precise.
147		* If it is not possible to precise (namely for CBC decryption) instead an
148		* upper bound is returned.
149		*/
150		virtual size_t output_length(size_t input_length) const = 0;
151
152		/**
153		* @return size of required blocks to update
154		*/
155		virtual size_t update_granularity() const = 0;
156
157		/**
158		* Return an ideal granularity. This will be a multiple of the result of
159		* update_granularity but may be larger. If so it indicates that better
160		* performance may be achieved by providing buffers that are at least that
161		* size.
162		*/
163		virtual size_t ideal_granularity() const = 0;
164
165		/**
166		* Certain modes require the entire message be available before
167		* any processing can occur. For such modes, input will be consumed
168		* but not returned, until `finish` is called, which returns the
169		* entire message.
170		*
171		* This function returns true if this mode has this style of
172		* operation.
173		*/
174	0	virtual bool requires_entire_message() const { return false; }
175
176		/**
177		* @return required minimium size to finalize() - may be any
178		* length larger than this.
179		*/
180		virtual size_t minimum_final_size() const = 0;
181
182		/**
183		* @return the default size for a nonce
184		*/
185		virtual size_t default_nonce_length() const = 0;
186
187		/**
188		* @return true iff nonce_len is a valid length for the nonce
189		*/
190		virtual bool valid_nonce_length(size_t nonce_len) const = 0;
191
192		/**
193		* Resets just the message specific state and allows encrypting again under the existing key
194		*/
195		virtual void reset() = 0;
196
197		/**
198		* @return true iff this mode provides authentication as well as
199		* confidentiality.
200		*/
201	0	bool authenticated() const { return this->tag_size() > 0; }
202
203		/**
204		* @return the size of the authentication tag used (in bytes)
205		*/
206	0	virtual size_t tag_size() const { return 0; }
207
208		/**
209		* @return provider information about this implementation. Default is "base",
210		* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
211		*/
212	0	virtual std::string provider() const { return "base"; }
213		};
214
215		/**
216		* Get a cipher mode by name (eg "AES-128/CBC" or "Serpent/XTS")
217		* @param algo_spec cipher name
218		* @param direction Cipher_Dir::Encryption or Cipher_Dir::Decryption
219		* @param provider provider implementation to choose
220		*/
221		BOTAN_DEPRECATED("Use Cipher_Mode::create")
222		inline Cipher_Mode* get_cipher_mode(const std::string& algo_spec,
223		Cipher_Dir direction,
224		const std::string& provider = "")
225	0	{
226	0	return Cipher_Mode::create(algo_spec, direction, provider).release();
227	0	}
228
229		}
230
231		#endif