aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-10-28 21:15:21 +0000
committerlloyd <[email protected]>2010-10-28 21:15:21 +0000
commit22f02b418f7f53431da168abe9fb74f15bf3cb0e (patch)
treecdc81938c979403d20a438d134bbd6d64479f17d
parenta7a047e6823dcbf23e172dd5c0f9a7b4fd748f10 (diff)
Eliminate the constant size_t values in SymmetricAlgorithm that give
the parameters of the key length. Instead define a new function which returns a simple object which contains this information. This definitely breaks backwards compatability, though only with code that directly manipulates low level objects like BlockCipher*s directly, which is probably relatively rare. Also remove some deprecated accessor functions from lookup.h. It turns out block_size_of and output_size_of are being used in the TLS code; I need to remove them from there before I can delete these entirely. Really that didn't make much sense, because they assumed all implementations of a particular algorithm will have the same specifications, which is definitely not necessarily true, especially WRT key length. It is much safer (and probably simpler) to first retrieve an instance of the actual object you are going to use and then ask it directly.
-rw-r--r--src/benchmark/benchmark.cpp6
-rw-r--r--src/block/block_cipher.h25
-rw-r--r--src/block/cascade/cascade.cpp7
-rw-r--r--src/block/cascade/cascade.h6
-rw-r--r--src/block/lion/lion.cpp1
-rw-r--r--src/block/lion/lion.h5
-rw-r--r--src/block/lubyrack/lubyrack.cpp4
-rw-r--r--src/block/lubyrack/lubyrack.h5
-rw-r--r--src/libstate/lookup.cpp76
-rw-r--r--src/libstate/lookup.h39
-rw-r--r--src/mac/cbc_mac/cbc_mac.cpp5
-rw-r--r--src/mac/cbc_mac/cbc_mac.h5
-rw-r--r--src/mac/cmac/cmac.cpp5
-rw-r--r--src/mac/cmac/cmac.h5
-rw-r--r--src/mac/hmac/hmac.cpp3
-rw-r--r--src/mac/hmac/hmac.h5
-rw-r--r--src/mac/mac.h15
-rw-r--r--src/mac/ssl3mac/ssl3_mac.cpp6
-rw-r--r--src/mac/ssl3mac/ssl3_mac.h5
-rw-r--r--src/mac/x919_mac/x919_mac.cpp5
-rw-r--r--src/mac/x919_mac/x919_mac.h5
-rw-r--r--src/pbe/pbes2/pbes2.cpp4
-rw-r--r--src/rng/x931_rng/x931_rng.cpp2
-rw-r--r--src/stream/arc4/arc4.cpp5
-rw-r--r--src/stream/arc4/arc4.h5
-rw-r--r--src/stream/ctr/ctr.cpp6
-rw-r--r--src/stream/ctr/ctr.h5
-rw-r--r--src/stream/ofb/ofb.cpp6
-rw-r--r--src/stream/ofb/ofb.h5
-rw-r--r--src/stream/salsa20/salsa20.h8
-rw-r--r--src/stream/stream_cipher.h18
-rw-r--r--src/stream/turing/turing.h11
-rw-r--r--src/stream/wid_wake/wid_wake.h10
-rw-r--r--src/sym_algo/key_spec.h62
-rw-r--r--src/sym_algo/sym_algo.h61
35 files changed, 196 insertions, 250 deletions
diff --git a/src/benchmark/benchmark.cpp b/src/benchmark/benchmark.cpp
index 837d66c05..1a27cffac 100644
--- a/src/benchmark/benchmark.cpp
+++ b/src/benchmark/benchmark.cpp
@@ -53,7 +53,7 @@ bench_block_cipher(BlockCipher* block_cipher,
u64bit reps = 0;
u64bit nanoseconds_used = 0;
- block_cipher->set_key(buf, block_cipher->MAXIMUM_KEYLENGTH);
+ block_cipher->set_key(buf, block_cipher->maximum_keylength());
while(nanoseconds_used < nanoseconds_max)
{
@@ -79,7 +79,7 @@ bench_stream_cipher(StreamCipher* stream_cipher,
u64bit reps = 0;
u64bit nanoseconds_used = 0;
- stream_cipher->set_key(buf, stream_cipher->MAXIMUM_KEYLENGTH);
+ stream_cipher->set_key(buf, stream_cipher->maximum_keylength());
while(nanoseconds_used < nanoseconds_max)
{
@@ -112,7 +112,7 @@ bench_mac(MessageAuthenticationCode* mac,
u64bit nanoseconds_max,
const byte buf[], size_t buf_len)
{
- mac->set_key(buf, mac->MAXIMUM_KEYLENGTH);
+ mac->set_key(buf, mac->maximum_keylength());
return bench_buf_comp(mac, nanoseconds_max, buf, buf_len);
}
diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h
index b5a3c8439..8e820fc5a 100644
--- a/src/block/block_cipher.h
+++ b/src/block/block_cipher.h
@@ -18,19 +18,6 @@ namespace Botan {
class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
{
public:
- /**
- * BlockCipher constructor
- * @param block_size the size of blocks this cipher processes
- * @param key_min the minimum key size
- * @param key_max the maximum key size
- * @param key_mod the modulo restriction on the key size
- */
- BlockCipher(size_t key_min,
- size_t key_max = 0,
- size_t key_mod = 1) :
- SymmetricAlgorithm(key_min, key_max, key_mod) {}
-
- virtual ~BlockCipher() {}
/**
* @return block size of this algorithm
@@ -108,11 +95,6 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
* Get a new object representing the same algorithm as *this
*/
virtual BlockCipher* clone() const = 0;
-
- /**
- * Zeroize internal state
- */
- virtual void clear() = 0;
};
/**
@@ -122,10 +104,13 @@ template<size_t BS, size_t KMIN, size_t KMAX = 0, size_t KMOD = 1>
class Block_Cipher_Fixed_Params : public BlockCipher
{
public:
- Block_Cipher_Fixed_Params() : BlockCipher(KMIN, KMAX, KMOD) {}
-
enum { BLOCK_SIZE = BS };
size_t block_size() const { return BS; }
+
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(KMIN, KMAX, KMOD);
+ }
};
}
diff --git a/src/block/cascade/cascade.cpp b/src/block/cascade/cascade.cpp
index 2701c20e7..f1b1a8f2c 100644
--- a/src/block/cascade/cascade.cpp
+++ b/src/block/cascade/cascade.cpp
@@ -31,10 +31,10 @@ void Cascade_Cipher::decrypt_n(const byte in[], byte out[],
void Cascade_Cipher::key_schedule(const byte key[], size_t)
{
- const byte* key2 = key + cipher1->MAXIMUM_KEYLENGTH;
+ const byte* key2 = key + cipher1->maximum_keylength();
- cipher1->set_key(key , cipher1->MAXIMUM_KEYLENGTH);
- cipher2->set_key(key2, cipher2->MAXIMUM_KEYLENGTH);
+ cipher1->set_key(key , cipher1->maximum_keylength());
+ cipher2->set_key(key2, cipher2->maximum_keylength());
}
void Cascade_Cipher::clear()
@@ -81,7 +81,6 @@ size_t block_size_for_cascade(size_t bs, size_t bs2)
}
Cascade_Cipher::Cascade_Cipher(BlockCipher* c1, BlockCipher* c2) :
- BlockCipher(c1->MAXIMUM_KEYLENGTH + c2->MAXIMUM_KEYLENGTH),
cipher1(c1), cipher2(c2)
{
block = block_size_for_cascade(c1->block_size(), c2->block_size());
diff --git a/src/block/cascade/cascade.h b/src/block/cascade/cascade.h
index 31ee3b336..b1376e2e0 100644
--- a/src/block/cascade/cascade.h
+++ b/src/block/cascade/cascade.h
@@ -23,6 +23,12 @@ class BOTAN_DLL Cascade_Cipher : public BlockCipher
size_t block_size() const { return block; }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(cipher1->maximum_keylength() +
+ cipher2->maximum_keylength());
+ }
+
void clear();
std::string name() const;
BlockCipher* clone() const;
diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp
index 8cede1c86..46308e428 100644
--- a/src/block/lion/lion.cpp
+++ b/src/block/lion/lion.cpp
@@ -109,7 +109,6 @@ void Lion::clear()
* Lion Constructor
*/
Lion::Lion(HashFunction* hash_in, StreamCipher* sc_in, size_t block_len) :
- BlockCipher(2, 2*hash_in->output_length(), 2),
BLOCK_SIZE(std::max<size_t>(2*hash_in->output_length() + 1, block_len)),
LEFT_SIZE(hash_in->output_length()),
RIGHT_SIZE(BLOCK_SIZE - LEFT_SIZE),
diff --git a/src/block/lion/lion.h b/src/block/lion/lion.h
index d4eb9c327..5076f4461 100644
--- a/src/block/lion/lion.h
+++ b/src/block/lion/lion.h
@@ -30,6 +30,11 @@ class BOTAN_DLL Lion : public BlockCipher
size_t block_size() const { return BLOCK_SIZE; }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(2, 2*hash->output_length(), 2);
+ }
+
void clear();
std::string name() const;
BlockCipher* clone() const;
diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp
index 335570973..731dceb0b 100644
--- a/src/block/lubyrack/lubyrack.cpp
+++ b/src/block/lubyrack/lubyrack.cpp
@@ -122,9 +122,7 @@ std::string LubyRackoff::name() const
/*
* Luby-Rackoff Constructor
*/
-LubyRackoff::LubyRackoff(HashFunction* h) :
- BlockCipher(2, 32, 2),
- hash(h)
+LubyRackoff::LubyRackoff(HashFunction* h) : hash(h)
{
}
diff --git a/src/block/lubyrack/lubyrack.h b/src/block/lubyrack/lubyrack.h
index 0c267683a..81dddf579 100644
--- a/src/block/lubyrack/lubyrack.h
+++ b/src/block/lubyrack/lubyrack.h
@@ -24,6 +24,11 @@ class BOTAN_DLL LubyRackoff : public BlockCipher
size_t block_size() const { return 2 * hash->output_length(); }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(2, 32, 2);
+ }
+
void clear();
std::string name() const;
BlockCipher* clone() const;
diff --git a/src/libstate/lookup.cpp b/src/libstate/lookup.cpp
index d971618c2..f5d2c5a0c 100644
--- a/src/libstate/lookup.cpp
+++ b/src/libstate/lookup.cpp
@@ -62,82 +62,6 @@ u32bit output_length_of(const std::string& name)
}
/*
-* Check if a keylength is valid for this algo
-*/
-bool valid_keylength_for(u32bit key_len, const std::string& name)
- {
- Algorithm_Factory& af = global_state().algorithm_factory();
-
- if(const BlockCipher* bc = af.prototype_block_cipher(name))
- return bc->valid_keylength(key_len);
-
- if(const StreamCipher* sc = af.prototype_stream_cipher(name))
- return sc->valid_keylength(key_len);
-
- if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
- return mac->valid_keylength(key_len);
-
- throw Algorithm_Not_Found(name);
- }
-
-/*
-* Query the MINIMUM_KEYLENGTH of an algorithm
-*/
-u32bit min_keylength_of(const std::string& name)
- {
- Algorithm_Factory& af = global_state().algorithm_factory();
-
- if(const BlockCipher* bc = af.prototype_block_cipher(name))
- return bc->MINIMUM_KEYLENGTH;
-
- if(const StreamCipher* sc = af.prototype_stream_cipher(name))
- return sc->MINIMUM_KEYLENGTH;
-
- if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
- return mac->MINIMUM_KEYLENGTH;
-
- throw Algorithm_Not_Found(name);
- }
-
-/*
-* Query the MAXIMUM_KEYLENGTH of an algorithm
-*/
-u32bit max_keylength_of(const std::string& name)
- {
- Algorithm_Factory& af = global_state().algorithm_factory();
-
- if(const BlockCipher* bc = af.prototype_block_cipher(name))
- return bc->MAXIMUM_KEYLENGTH;
-
- if(const StreamCipher* sc = af.prototype_stream_cipher(name))
- return sc->MAXIMUM_KEYLENGTH;
-
- if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
- return mac->MAXIMUM_KEYLENGTH;
-
- throw Algorithm_Not_Found(name);
- }
-
-/*
-* Query the KEYLENGTH_MULTIPLE of an algorithm
-*/
-u32bit keylength_multiple_of(const std::string& name)
- {
- Algorithm_Factory& af = global_state().algorithm_factory();
-
- if(const BlockCipher* bc = af.prototype_block_cipher(name))
- return bc->KEYLENGTH_MULTIPLE;
-
- if(const StreamCipher* sc = af.prototype_stream_cipher(name))
- return sc->KEYLENGTH_MULTIPLE;
-
- if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
- return mac->KEYLENGTH_MULTIPLE;
-
- throw Algorithm_Not_Found(name);
- }
-
-/*
* Get a cipher object
*/
Keyed_Filter* get_cipher(const std::string& algo_spec,
diff --git a/src/libstate/lookup.h b/src/libstate/lookup.h
index 178f80428..f1e1a52ca 100644
--- a/src/libstate/lookup.h
+++ b/src/libstate/lookup.h
@@ -299,45 +299,6 @@ BOTAN_DLL u32bit block_size_of(const std::string& algo_spec);
*/
BOTAN_DLL u32bit output_length_of(const std::string& algo_spec);
-/**
-* Find out the whether a certain key length is allowd for a given
-* symmetric algorithm.
-* @deprecated Call algorithm_factory() directly
-*
-* @param key_len the key length in question
-* @param algo_spec the name of the algorithm
-* @return true if the key length is valid for that algorithm, false otherwise
-*/
-BOTAN_DLL bool valid_keylength_for(u32bit key_len,
- const std::string& algo_spec);
-
-/**
-* Find out the minimum key size of a certain symmetric algorithm.
-* @deprecated Call algorithm_factory() directly
-*
-* @param algo_spec the name of the algorithm
-* @return minimum key length of the specified algorithm
-*/
-BOTAN_DLL u32bit min_keylength_of(const std::string& algo_spec);
-
-/**
-* Find out the maximum key size of a certain symmetric algorithm.
-* @deprecated Call algorithm_factory() directly
-*
-* @param algo_spec the name of the algorithm
-* @return maximum key length of the specified algorithm
-*/
-BOTAN_DLL u32bit max_keylength_of(const std::string& algo_spec);
-
-/**
-* Find out the size any valid key is a multiple of for a certain algorithm.
-* @deprecated Call algorithm_factory() directly
-*
-* @param algo_spec the name of the algorithm
-* @return size any valid key is a multiple of
-*/
-BOTAN_DLL u32bit keylength_multiple_of(const std::string& algo_spec);
-
}
#endif
diff --git a/src/mac/cbc_mac/cbc_mac.cpp b/src/mac/cbc_mac/cbc_mac.cpp
index 48cc8ab3e..a3899c87e 100644
--- a/src/mac/cbc_mac/cbc_mac.cpp
+++ b/src/mac/cbc_mac/cbc_mac.cpp
@@ -89,10 +89,7 @@ MessageAuthenticationCode* CBC_MAC::clone() const
* CBC-MAC Constructor
*/
CBC_MAC::CBC_MAC(BlockCipher* e_in) :
- MessageAuthenticationCode(e_in->block_size(),
- e_in->MINIMUM_KEYLENGTH,
- e_in->MAXIMUM_KEYLENGTH,
- e_in->KEYLENGTH_MULTIPLE),
+ MessageAuthenticationCode(e_in->block_size()),
e(e_in), state(e->block_size())
{
position = 0;
diff --git a/src/mac/cbc_mac/cbc_mac.h b/src/mac/cbc_mac/cbc_mac.h
index 6b30ef764..ff2a8f3fa 100644
--- a/src/mac/cbc_mac/cbc_mac.h
+++ b/src/mac/cbc_mac/cbc_mac.h
@@ -23,6 +23,11 @@ class BOTAN_DLL CBC_MAC : public MessageAuthenticationCode
std::string name() const;
MessageAuthenticationCode* clone() const;
+ Key_Length_Specification key_spec() const
+ {
+ return e->key_spec();
+ }
+
/**
* @param cipher the underlying block cipher to use
*/
diff --git a/src/mac/cmac/cmac.cpp b/src/mac/cmac/cmac.cpp
index 2147f9a45..37f83ffe4 100644
--- a/src/mac/cmac/cmac.cpp
+++ b/src/mac/cmac/cmac.cpp
@@ -131,10 +131,7 @@ MessageAuthenticationCode* CMAC::clone() const
* CMAC Constructor
*/
CMAC::CMAC(BlockCipher* e_in) :
- MessageAuthenticationCode(e_in->block_size(),
- e_in->MINIMUM_KEYLENGTH,
- e_in->MAXIMUM_KEYLENGTH,
- e_in->KEYLENGTH_MULTIPLE),
+ MessageAuthenticationCode(e_in->block_size()),
e(e_in)
{
if(e->block_size() == 16)
diff --git a/src/mac/cmac/cmac.h b/src/mac/cmac/cmac.h
index ac929eaf3..aa9bfb38e 100644
--- a/src/mac/cmac/cmac.h
+++ b/src/mac/cmac/cmac.h
@@ -23,6 +23,11 @@ class BOTAN_DLL CMAC : public MessageAuthenticationCode
std::string name() const;
MessageAuthenticationCode* clone() const;
+ Key_Length_Specification key_spec() const
+ {
+ return e->key_spec();
+ }
+
/**
* CMAC's polynomial doubling operation
* @param in the input
diff --git a/src/mac/hmac/hmac.cpp b/src/mac/hmac/hmac.cpp
index 06923138a..284bc87ec 100644
--- a/src/mac/hmac/hmac.cpp
+++ b/src/mac/hmac/hmac.cpp
@@ -85,8 +85,7 @@ MessageAuthenticationCode* HMAC::clone() const
* HMAC Constructor
*/
HMAC::HMAC(HashFunction* hash_in) :
- MessageAuthenticationCode(hash_in->output_length(),
- 0, 2*hash_in->hash_block_size()),
+ MessageAuthenticationCode(hash_in->output_length()),
hash(hash_in)
{
if(hash->hash_block_size() == 0)
diff --git a/src/mac/hmac/hmac.h b/src/mac/hmac/hmac.h
index 33af62f6a..505d0dd6b 100644
--- a/src/mac/hmac/hmac.h
+++ b/src/mac/hmac/hmac.h
@@ -23,6 +23,11 @@ class BOTAN_DLL HMAC : public MessageAuthenticationCode
std::string name() const;
MessageAuthenticationCode* clone() const;
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(0, 2*hash->hash_block_size());
+ }
+
/**
* @param hash the hash to use for HMACing
*/
diff --git a/src/mac/mac.h b/src/mac/mac.h
index b788e06c8..1cb87d21e 100644
--- a/src/mac/mac.h
+++ b/src/mac/mac.h
@@ -41,24 +41,13 @@ class BOTAN_DLL MessageAuthenticationCode : public BufferedComputation,
virtual std::string name() const = 0;
/**
- * Reset the internal state of this object.
- */
- virtual void clear() = 0;
-
- /**
* @param mac_len the output length of this MAC
* @param key_min the minimum key size
* @param key_max the maximum key size
* @param key_mod the modulo restriction on the key size
*/
- MessageAuthenticationCode(size_t mac_len,
- size_t key_min,
- size_t key_max = 0,
- size_t key_mod = 1) :
- BufferedComputation(mac_len),
- SymmetricAlgorithm(key_min, key_max, key_mod) {}
-
- virtual ~MessageAuthenticationCode() {}
+ MessageAuthenticationCode(size_t mac_len) :
+ BufferedComputation(mac_len) {}
};
}
diff --git a/src/mac/ssl3mac/ssl3_mac.cpp b/src/mac/ssl3mac/ssl3_mac.cpp
index fcbccc06e..daaca1b57 100644
--- a/src/mac/ssl3mac/ssl3_mac.cpp
+++ b/src/mac/ssl3mac/ssl3_mac.cpp
@@ -73,14 +73,14 @@ MessageAuthenticationCode* SSL3_MAC::clone() const
* SSL3-MAC Constructor
*/
SSL3_MAC::SSL3_MAC(HashFunction* hash_in) :
- MessageAuthenticationCode(hash_in->output_length(),
- hash_in->output_length()),
+ MessageAuthenticationCode(hash_in->output_length()),
hash(hash_in)
{
if(hash->hash_block_size() == 0)
throw Invalid_Argument("SSL3-MAC cannot be used with " + hash->name());
- size_t INNER_HASH_LENGTH =
+ // Quirk to deal with specification bug
+ const size_t INNER_HASH_LENGTH =
(hash->name() == "SHA-160") ? 60 : hash->hash_block_size();
i_key.resize(INNER_HASH_LENGTH);
diff --git a/src/mac/ssl3mac/ssl3_mac.h b/src/mac/ssl3mac/ssl3_mac.h
index 50042f3d0..455cfa266 100644
--- a/src/mac/ssl3mac/ssl3_mac.h
+++ b/src/mac/ssl3mac/ssl3_mac.h
@@ -23,6 +23,11 @@ class BOTAN_DLL SSL3_MAC : public MessageAuthenticationCode
std::string name() const;
MessageAuthenticationCode* clone() const;
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(hash->output_length());
+ }
+
/**
* @param hash the underlying hash to use
*/
diff --git a/src/mac/x919_mac/x919_mac.cpp b/src/mac/x919_mac/x919_mac.cpp
index c46ab82cb..bd53a6c7d 100644
--- a/src/mac/x919_mac/x919_mac.cpp
+++ b/src/mac/x919_mac/x919_mac.cpp
@@ -85,10 +85,7 @@ MessageAuthenticationCode* ANSI_X919_MAC::clone() const
* ANSI X9.19 MAC Constructor
*/
ANSI_X919_MAC::ANSI_X919_MAC(BlockCipher* e_in) :
- MessageAuthenticationCode(e_in->block_size(),
- e_in->MINIMUM_KEYLENGTH,
- 2*e_in->MAXIMUM_KEYLENGTH,
- 2*e_in->KEYLENGTH_MULTIPLE),
+ MessageAuthenticationCode(e_in->block_size()),
e(e_in), d(e->clone()), state(e->block_size()), position(0)
{
if(e->name() != "DES")
diff --git a/src/mac/x919_mac/x919_mac.h b/src/mac/x919_mac/x919_mac.h
index e9fe56c8d..600955919 100644
--- a/src/mac/x919_mac/x919_mac.h
+++ b/src/mac/x919_mac/x919_mac.h
@@ -23,6 +23,11 @@ class BOTAN_DLL ANSI_X919_MAC : public MessageAuthenticationCode
std::string name() const;
MessageAuthenticationCode* clone() const;
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(8, 16, 8);
+ }
+
/**
* @param cipher the underlying block cipher to use
*/
diff --git a/src/pbe/pbes2/pbes2.cpp b/src/pbe/pbes2/pbes2.cpp
index e74609467..85afe6ffe 100644
--- a/src/pbe/pbes2/pbes2.cpp
+++ b/src/pbe/pbes2/pbes2.cpp
@@ -98,7 +98,7 @@ void PBE_PKCS5v20::set_key(const std::string& passphrase)
void PBE_PKCS5v20::new_params(RandomNumberGenerator& rng)
{
iterations = 10000;
- key_length = block_cipher->MAXIMUM_KEYLENGTH;
+ key_length = block_cipher->maximum_keylength();
salt = rng.random_vec(12);
iv = rng.random_vec(block_cipher->block_size());
@@ -178,7 +178,7 @@ void PBE_PKCS5v20::decode_params(DataSource& source)
hash_function = af.make_hash_function("SHA-160");
if(key_length == 0)
- key_length = block_cipher->MAXIMUM_KEYLENGTH;
+ key_length = block_cipher->maximum_keylength();
if(salt.size() < 8)
throw Decoding_Error("PBE-PKCS5 v2.0: Encoded salt is too small");
diff --git a/src/rng/x931_rng/x931_rng.cpp b/src/rng/x931_rng/x931_rng.cpp
index 0911ce526..ac77b4344 100644
--- a/src/rng/x931_rng/x931_rng.cpp
+++ b/src/rng/x931_rng/x931_rng.cpp
@@ -61,7 +61,7 @@ void ANSI_X931_RNG::rekey()
if(prng->is_seeded())
{
- cipher->set_key(prng->random_vec(cipher->MAXIMUM_KEYLENGTH));
+ cipher->set_key(prng->random_vec(cipher->maximum_keylength()));
if(V.size() != BLOCK_SIZE)
V.resize(BLOCK_SIZE);
diff --git a/src/stream/arc4/arc4.cpp b/src/stream/arc4/arc4.cpp
index 9b8404e4e..cd6230022 100644
--- a/src/stream/arc4/arc4.cpp
+++ b/src/stream/arc4/arc4.cpp
@@ -101,8 +101,9 @@ void ARC4::clear()
/*
* ARC4 Constructor
*/
-ARC4::ARC4(size_t s) : StreamCipher(1, 256), SKIP(s),
- state(256), buffer(DEFAULT_BUFFERSIZE)
+ARC4::ARC4(size_t s) : SKIP(s),
+ state(256),
+ buffer(DEFAULT_BUFFERSIZE)
{
clear();
}
diff --git a/src/stream/arc4/arc4.h b/src/stream/arc4/arc4.h
index 85ddb69b7..e3df97f83 100644
--- a/src/stream/arc4/arc4.h
+++ b/src/stream/arc4/arc4.h
@@ -26,6 +26,11 @@ class BOTAN_DLL ARC4 : public StreamCipher
StreamCipher* clone() const { return new ARC4(SKIP); }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(1, 256);
+ }
+
/**
* @param skip skip this many initial bytes in the keystream
*/
diff --git a/src/stream/ctr/ctr.cpp b/src/stream/ctr/ctr.cpp
index dc2f334a8..e01f2432c 100644
--- a/src/stream/ctr/ctr.cpp
+++ b/src/stream/ctr/ctr.cpp
@@ -14,11 +14,7 @@ namespace Botan {
* CTR-BE Constructor
*/
-CTR_BE::CTR_BE(BlockCipher* ciph) :
- StreamCipher(ciph->MINIMUM_KEYLENGTH,
- ciph->MAXIMUM_KEYLENGTH,
- ciph->KEYLENGTH_MULTIPLE),
- permutation(ciph)
+CTR_BE::CTR_BE(BlockCipher* ciph) : permutation(ciph)
{
position = 0;
diff --git a/src/stream/ctr/ctr.h b/src/stream/ctr/ctr.h
index e62ab2860..64b43b0f5 100644
--- a/src/stream/ctr/ctr.h
+++ b/src/stream/ctr/ctr.h
@@ -26,6 +26,11 @@ class BOTAN_DLL CTR_BE : public StreamCipher
bool valid_iv_length(size_t iv_len) const
{ return (iv_len <= permutation->block_size()); }
+ Key_Length_Specification key_spec() const
+ {
+ return permutation->key_spec();
+ }
+
std::string name() const;
CTR_BE* clone() const
diff --git a/src/stream/ofb/ofb.cpp b/src/stream/ofb/ofb.cpp
index 1f25c5c14..382a2b4dd 100644
--- a/src/stream/ofb/ofb.cpp
+++ b/src/stream/ofb/ofb.cpp
@@ -14,11 +14,7 @@ namespace Botan {
/*
* OFB Constructor
*/
-OFB::OFB(BlockCipher* ciph) :
- StreamCipher(ciph->MINIMUM_KEYLENGTH,
- ciph->MAXIMUM_KEYLENGTH,
- ciph->KEYLENGTH_MULTIPLE),
- permutation(ciph)
+OFB::OFB(BlockCipher* ciph) : permutation(ciph)
{
position = 0;
buffer.resize(permutation->block_size());
diff --git a/src/stream/ofb/ofb.h b/src/stream/ofb/ofb.h
index 587a30bab..c4d8b2601 100644
--- a/src/stream/ofb/ofb.h
+++ b/src/stream/ofb/ofb.h
@@ -26,6 +26,11 @@ class BOTAN_DLL OFB : public StreamCipher
bool valid_iv_length(size_t iv_len) const
{ return (iv_len <= permutation->block_size()); }
+ Key_Length_Specification key_spec() const
+ {
+ return permutation->key_spec();
+ }
+
std::string name() const;
OFB* clone() const
diff --git a/src/stream/salsa20/salsa20.h b/src/stream/salsa20/salsa20.h
index 213cb1117..d84aa9cdc 100644
--- a/src/stream/salsa20/salsa20.h
+++ b/src/stream/salsa20/salsa20.h
@@ -25,12 +25,16 @@ class BOTAN_DLL Salsa20 : public StreamCipher
bool valid_iv_length(size_t iv_len) const
{ return (iv_len == 8 || iv_len == 24); }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(16, 32, 16);
+ }
+
void clear();
std::string name() const;
StreamCipher* clone() const { return new Salsa20; }
- Salsa20() : StreamCipher(16, 32, 16), state(16), buffer(64)
- { position = 0; }
+ Salsa20() : state(16), buffer(64), position(0) {}
~Salsa20() { clear(); }
private:
diff --git a/src/stream/stream_cipher.h b/src/stream/stream_cipher.h
index 680d57f70..301e71f07 100644
--- a/src/stream/stream_cipher.h
+++ b/src/stream/stream_cipher.h
@@ -51,24 +51,6 @@ class BOTAN_DLL StreamCipher : public SymmetricAlgorithm
* Get a new object representing the same algorithm as *this
*/
virtual StreamCipher* clone() const = 0;
-
- /**
- * Zeroize internal state
- */
- virtual void clear() = 0;
-
- /**
- * StreamCipher constructor
- * @param key_min the minimum key size
- * @param key_max the maximum key size
- * @param key_mod the modulo restriction on the key size
- */
- StreamCipher(size_t key_min,
- size_t key_max = 0,
- size_t key_mod = 1) :
- SymmetricAlgorithm(key_min, key_max, key_mod) {}
-
- virtual ~StreamCipher() {}
};
}
diff --git a/src/stream/turing/turing.h b/src/stream/turing/turing.h
index adfabc0f1..aff314080 100644
--- a/src/stream/turing/turing.h
+++ b/src/stream/turing/turing.h
@@ -24,14 +24,17 @@ class BOTAN_DLL Turing : public StreamCipher
bool valid_iv_length(size_t iv_len) const
{ return (iv_len % 4 == 0 && iv_len <= 16); }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(4, 32, 4);
+ }
+
void clear();
std::string name() const { return "Turing"; }
StreamCipher* clone() const { return new Turing; }
- Turing() : StreamCipher(4, 32, 4),
- S0(256), S1(256), S2(256), S3(256),
- R(17), buffer(340)
- { position = 0; }
+ Turing() : S0(256), S1(256), S2(256), S3(256),
+ R(17), buffer(340), position(0) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/stream/wid_wake/wid_wake.h b/src/stream/wid_wake/wid_wake.h
index 17e77d5b5..05842a574 100644
--- a/src/stream/wid_wake/wid_wake.h
+++ b/src/stream/wid_wake/wid_wake.h
@@ -27,14 +27,18 @@ class BOTAN_DLL WiderWake_41_BE : public StreamCipher
bool valid_iv_length(size_t iv_len) const
{ return (iv_len == 8); }
+ Key_Length_Specification key_spec() const
+ {
+ return Key_Length_Specification(16);
+ }
+
void clear();
std::string name() const { return "WiderWake4+1-BE"; }
StreamCipher* clone() const { return new WiderWake_41_BE; }
- WiderWake_41_BE() : StreamCipher(16, 16, 1),
- T(256), state(5), t_key(4),
+ WiderWake_41_BE() : T(256), state(5), t_key(4),
buffer(DEFAULT_BUFFERSIZE), position(0)
- { }
+ {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/sym_algo/key_spec.h b/src/sym_algo/key_spec.h
new file mode 100644
index 000000000..7788bb988
--- /dev/null
+++ b/src/sym_algo/key_spec.h
@@ -0,0 +1,62 @@
+/*
+* Symmetric Key Length Specification
+* (C) 2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_KEY_LEN_SPECIFICATION_H__
+#define BOTAN_KEY_LEN_SPECIFICATION_H__
+
+#include <botan/types.h>
+
+namespace Botan {
+
+class BOTAN_DLL Key_Length_Specification
+ {
+ public:
+ Key_Length_Specification(size_t keylen) :
+ min_keylen(keylen),
+ max_keylen(keylen),
+ keylen_mod(1)
+ {
+ }
+
+ Key_Length_Specification(size_t min_k,
+ size_t max_k,
+ size_t k_mod = 1) :
+ min_keylen(min_k),
+ max_keylen(max_k ? max_k : min_k),
+ keylen_mod(k_mod)
+ {
+ }
+
+ bool valid_keylength(size_t length) const
+ {
+ return ((length >= min_keylen) &&
+ (length <= max_keylen) &&
+ (length % keylen_mod == 0));
+ }
+
+ size_t minimum_keylength() const
+ {
+ return min_keylen;
+ }
+
+ size_t maximum_keylength() const
+ {
+ return max_keylen;
+ }
+
+ size_t keylength_multiple() const
+ {
+ return keylen_mod;
+ }
+
+ private:
+ size_t min_keylen, max_keylen, keylen_mod;
+ };
+
+}
+
+#endif
diff --git a/src/sym_algo/sym_algo.h b/src/sym_algo/sym_algo.h
index 0a1423f13..aea0d06ba 100644
--- a/src/sym_algo/sym_algo.h
+++ b/src/sym_algo/sym_algo.h
@@ -9,6 +9,7 @@
#define BOTAN_SYMMETRIC_ALGORITHM_H__
#include <botan/types.h>
+#include <botan/key_spec.h>
#include <botan/exceptn.h>
#include <botan/symkey.h>
@@ -20,21 +21,43 @@ namespace Botan {
class BOTAN_DLL SymmetricAlgorithm
{
public:
+ virtual ~SymmetricAlgorithm() {}
+
+ /**
+ * Zeroize internal state
+ */
+ virtual void clear() = 0;
/**
- * The maximum allowed key length.
+ * @return object describing limits on key size
*/
- const size_t MAXIMUM_KEYLENGTH;
+ virtual Key_Length_Specification key_spec() const = 0;
/**
- * The minimal allowed key length.
+ * @return minimum allowed key length
*/
- const size_t MINIMUM_KEYLENGTH;
+ size_t maximum_keylength() const
+ {
+ return key_spec().maximum_keylength();
+ }
/**
- * A valid keylength is a multiple of this value.
+ * @return maxmium allowed key length
*/
- const size_t KEYLENGTH_MULTIPLE;
+ size_t minimum_keylength() const
+ {
+ return key_spec().minimum_keylength();
+ }
+
+ /**
+ * Check whether a given key length is valid for this algorithm.
+ * @param length the key length to be checked.
+ * @return true if the key length is valid.
+ */
+ bool valid_keylength(size_t length) const
+ {
+ return key_spec().valid_keylength(length);
+ }
/**
* The name of the algorithm.
@@ -60,32 +83,6 @@ class BOTAN_DLL SymmetricAlgorithm
throw Invalid_Key_Length(name(), length);
key_schedule(key, length);
}
-
- /**
- * Check whether a given key length is valid for this algorithm.
- * @param length the key length to be checked.
- * @return true if the key length is valid.
- */
- bool valid_keylength(size_t length) const
- {
- return ((length >= MINIMUM_KEYLENGTH) &&
- (length <= MAXIMUM_KEYLENGTH) &&
- (length % KEYLENGTH_MULTIPLE == 0));
- }
-
- /**
- * Construct a SymmetricAlgorithm.
- * @param key_min the minimum allowed key length
- * @param key_max the maximum allowed key length
- * @param key_mod any valid key length must be a multiple of this value
- */
- SymmetricAlgorithm(size_t key_min, size_t key_max, size_t key_mod) :
- MAXIMUM_KEYLENGTH(key_max ? key_max : key_min),
- MINIMUM_KEYLENGTH(key_min),
- KEYLENGTH_MULTIPLE(key_mod)
- {}
-
- virtual ~SymmetricAlgorithm() {}
private:
/**
* Run the key schedule