aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-04-07 16:52:55 -0400
committerJack Lloyd <[email protected]>2018-04-07 16:52:55 -0400
commit693cac0071c0ad170abcd93aa81a7d2fb328f9db (patch)
treeaf3da7fcd3228a60c3d5807948e8edffa8a52851
parent6b128a8d6b615b2f3749a1d675ab449a9f61b2df (diff)
parent2d5644acddd2093c94fb22279836fe589a60a0f3 (diff)
Merge GH #1527 Add functions getting Cipher_Mode/AEAD_Mode returning unique_ptr
-rw-r--r--doc/manual/cipher_modes.rst2
-rw-r--r--src/cli/encryption.cpp2
-rw-r--r--src/cli/speed.cpp4
-rw-r--r--src/cli/timing_tests.cpp2
-rw-r--r--src/lib/ffi/ffi_cipher.cpp2
-rw-r--r--src/lib/filters/cipher_filter.h3
-rw-r--r--src/lib/filters/key_filt.cpp6
-rw-r--r--src/lib/misc/cryptobox/cryptobox.cpp4
-rw-r--r--src/lib/modes/aead/aead.cpp52
-rw-r--r--src/lib/modes/aead/aead.h27
-rw-r--r--src/lib/modes/cipher_mode.cpp57
-rw-r--r--src/lib/modes/cipher_mode.h44
-rw-r--r--src/lib/pubkey/ecies/ecies.cpp7
-rw-r--r--src/lib/pubkey/mceies/mceies.cpp8
-rw-r--r--src/lib/pubkey/pbes2/pbes2.cpp4
-rw-r--r--src/lib/tls/tls_record.cpp3
-rw-r--r--src/lib/tls/tls_session.cpp4
-rw-r--r--src/tests/test_aead.cpp8
-rw-r--r--src/tests/test_dlies.cpp4
-rw-r--r--src/tests/test_filters.cpp4
-rw-r--r--src/tests/test_modes.cpp16
21 files changed, 165 insertions, 98 deletions
diff --git a/doc/manual/cipher_modes.rst b/doc/manual/cipher_modes.rst
index ffd36a218..ca53a6ab5 100644
--- a/doc/manual/cipher_modes.rst
+++ b/doc/manual/cipher_modes.rst
@@ -95,7 +95,7 @@ with PKCS#7 padding.
const std::string plaintext("Your great-grandfather gave this watch to your granddad for good luck. Unfortunately, Dane's luck wasn't as good as his old man's.");
const std::vector<uint8_t> key = Botan::hex_decode("2B7E151628AED2A6ABF7158809CF4F3C");
- std::unique_ptr<Botan::Cipher_Mode> enc(Botan::get_cipher_mode("AES-128/CBC/PKCS7", Botan::ENCRYPTION));
+ std::unique_ptr<Botan::Cipher_Mode> enc = Botan::Cipher_Mode::create("AES-128/CBC/PKCS7", Botan::ENCRYPTION);
enc->set_key(key);
Botan::secure_vector<uint8_t> pt(plaintext.data(), plaintext.data()+plaintext.length());
diff --git a/src/cli/encryption.cpp b/src/cli/encryption.cpp
index c17b00dbb..444877db5 100644
--- a/src/cli/encryption.cpp
+++ b/src/cli/encryption.cpp
@@ -44,7 +44,7 @@ do_crypt(const std::string &cipher,
// TODO: implement streaming
- std::unique_ptr<Botan::Cipher_Mode> processor(Botan::get_cipher_mode(cipher, direction));
+ std::unique_ptr<Botan::Cipher_Mode> processor(Botan::Cipher_Mode::create(cipher, direction));
if(!processor)
throw CLI_Error("Cipher algorithm not found");
diff --git a/src/cli/speed.cpp b/src/cli/speed.cpp
index 00f8086e3..afe75decc 100644
--- a/src/cli/speed.cpp
+++ b/src/cli/speed.cpp
@@ -783,9 +783,9 @@ class Speed final : public Command
}
#endif
#if defined(BOTAN_HAS_CIPHER_MODES)
- else if(auto enc = Botan::get_cipher_mode(algo, Botan::ENCRYPTION))
+ else if(auto enc = Botan::Cipher_Mode::create(algo, Botan::ENCRYPTION))
{
- auto dec = Botan::get_cipher_mode(algo, Botan::DECRYPTION);
+ auto dec = Botan::Cipher_Mode::create_or_throw(algo, Botan::DECRYPTION);
bench_cipher_mode(*enc, *dec, msec, buf_sizes);
}
#endif
diff --git a/src/cli/timing_tests.cpp b/src/cli/timing_tests.cpp
index 41f622bd5..31d588011 100644
--- a/src/cli/timing_tests.cpp
+++ b/src/cli/timing_tests.cpp
@@ -217,7 +217,7 @@ std::vector<uint8_t> Lucky13_Timing_Test::prepare_input(std::string input)
const std::vector<uint8_t> key(16);
const std::vector<uint8_t> iv(16);
- std::unique_ptr<Botan::Cipher_Mode> enc(Botan::get_cipher_mode("AES-128/CBC/NoPadding", Botan::ENCRYPTION));
+ std::unique_ptr<Botan::Cipher_Mode> enc(Botan::Cipher_Mode::create("AES-128/CBC/NoPadding", Botan::ENCRYPTION));
enc->set_key(key);
enc->start(iv);
Botan::secure_vector<uint8_t> buf(input_vector.begin(), input_vector.end());
diff --git a/src/lib/ffi/ffi_cipher.cpp b/src/lib/ffi/ffi_cipher.cpp
index ff73de6fb..871cbd31f 100644
--- a/src/lib/ffi/ffi_cipher.cpp
+++ b/src/lib/ffi/ffi_cipher.cpp
@@ -23,7 +23,7 @@ int botan_cipher_init(botan_cipher_t* cipher, const char* cipher_name, uint32_t
return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
const bool encrypt_p = ((flags & BOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION) == BOTAN_CIPHER_INIT_FLAG_ENCRYPT);
const Botan::Cipher_Dir dir = encrypt_p ? Botan::ENCRYPTION : Botan::DECRYPTION;
- std::unique_ptr<Botan::Cipher_Mode> mode(Botan::get_cipher_mode(cipher_name, dir));
+ std::unique_ptr<Botan::Cipher_Mode> mode(Botan::Cipher_Mode::create(cipher_name, dir));
if(!mode)
return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
*cipher = new botan_cipher_struct(mode.release());
diff --git a/src/lib/filters/cipher_filter.h b/src/lib/filters/cipher_filter.h
index f0082be5b..750385d15 100644
--- a/src/lib/filters/cipher_filter.h
+++ b/src/lib/filters/cipher_filter.h
@@ -23,6 +23,9 @@ class BOTAN_PUBLIC_API(2,0) Cipher_Mode_Filter final : public Keyed_Filter,
public:
explicit Cipher_Mode_Filter(Cipher_Mode* t);
+ explicit Cipher_Mode_Filter(std::unique_ptr<Cipher_Mode> t) :
+ Cipher_Mode_Filter(t.release()) {}
+
void set_iv(const InitializationVector& iv) override;
void set_key(const SymmetricKey& key) override;
diff --git a/src/lib/filters/key_filt.cpp b/src/lib/filters/key_filt.cpp
index 0f6a67da9..b87a8c87f 100644
--- a/src/lib/filters/key_filt.cpp
+++ b/src/lib/filters/key_filt.cpp
@@ -12,10 +12,8 @@ namespace Botan {
Keyed_Filter* get_cipher(const std::string& algo_spec,
Cipher_Dir direction)
{
- std::unique_ptr<Cipher_Mode> c(get_cipher_mode(algo_spec, direction));
- if(c)
- return new Cipher_Mode_Filter(c.release());
- throw Algorithm_Not_Found(algo_spec);
+ std::unique_ptr<Cipher_Mode> c(Cipher_Mode::create_or_throw(algo_spec, direction));
+ return new Cipher_Mode_Filter(c.release());
}
Keyed_Filter* get_cipher(const std::string& algo_spec,
diff --git a/src/lib/misc/cryptobox/cryptobox.cpp b/src/lib/misc/cryptobox/cryptobox.cpp
index 5d2364871..452d95308 100644
--- a/src/lib/misc/cryptobox/cryptobox.cpp
+++ b/src/lib/misc/cryptobox/cryptobox.cpp
@@ -76,7 +76,7 @@ std::string encrypt(const uint8_t input[], size_t input_len,
const uint8_t* iv = mk + CIPHER_KEY_LEN + MAC_KEY_LEN;
// Now encrypt and authenticate
- std::unique_ptr<Cipher_Mode> ctr(get_cipher_mode("Serpent/CTR-BE", ENCRYPTION));
+ std::unique_ptr<Cipher_Mode> ctr = Cipher_Mode::create_or_throw("Serpent/CTR-BE", ENCRYPTION);
ctr->set_key(cipher_key, CIPHER_KEY_LEN);
ctr->start(iv, CIPHER_IV_LEN);
ctr->finish(out_buf, CRYPTOBOX_HEADER_LEN);
@@ -142,7 +142,7 @@ decrypt_bin(const uint8_t input[], size_t input_len,
if(!constant_time_compare(computed_mac.data(), box_mac, MAC_OUTPUT_LEN))
throw Decoding_Error("CryptoBox integrity failure");
- std::unique_ptr<Cipher_Mode> ctr(get_cipher_mode("Serpent/CTR-BE", DECRYPTION));
+ std::unique_ptr<Cipher_Mode> ctr(Cipher_Mode::create_or_throw("Serpent/CTR-BE", DECRYPTION));
ctr->set_key(cipher_key, CIPHER_KEY_LEN);
ctr->start(iv, CIPHER_IV_LEN);
ctr->finish(ciphertext, CRYPTOBOX_HEADER_LEN);
diff --git a/src/lib/modes/aead/aead.cpp b/src/lib/modes/aead/aead.cpp
index e8885dc0e..cd1db761d 100644
--- a/src/lib/modes/aead/aead.cpp
+++ b/src/lib/modes/aead/aead.cpp
@@ -39,15 +39,27 @@
namespace Botan {
-AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
+std::unique_ptr<AEAD_Mode> AEAD_Mode::create_or_throw(const std::string& algo,
+ Cipher_Dir dir,
+ const std::string& provider)
+ {
+ if(auto aead = AEAD_Mode::create(algo, dir, provider))
+ return aead;
+
+ throw Lookup_Error("AEAD", algo, provider);
+ }
+
+std::unique_ptr<AEAD_Mode> AEAD_Mode::create(const std::string& algo,
+ Cipher_Dir dir,
+ const std::string& provider)
{
#if defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
if(algo == "ChaCha20Poly1305")
{
if(dir == ENCRYPTION)
- return new ChaCha20Poly1305_Encryption;
+ return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Encryption);
else
- return new ChaCha20Poly1305_Decryption;
+ return std::unique_ptr<AEAD_Mode>(new ChaCha20Poly1305_Decryption);
}
#endif
@@ -59,7 +71,7 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
if(mode_info.empty())
- return nullptr;
+ return std::unique_ptr<AEAD_Mode>();
std::ostringstream alg_args;
@@ -71,7 +83,7 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
alg_args << ')';
const std::string mode_name = mode_info[0] + alg_args.str();
- return get_aead(mode_name, dir);
+ return AEAD_Mode::create(mode_name, dir);
}
#if defined(BOTAN_HAS_BLOCK_CIPHER)
@@ -80,14 +92,14 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
if(req.arg_count() == 0)
{
- return nullptr;
+ return std::unique_ptr<AEAD_Mode>();
}
- std::unique_ptr<BlockCipher> bc(BlockCipher::create(req.arg(0)));
+ std::unique_ptr<BlockCipher> bc(BlockCipher::create(req.arg(0), provider));
if(!bc)
{
- return nullptr;
+ return std::unique_ptr<AEAD_Mode>();
}
#if defined(BOTAN_HAS_AEAD_CCM)
@@ -96,9 +108,9 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
size_t tag_len = req.arg_as_integer(1, 16);
size_t L_len = req.arg_as_integer(2, 3);
if(dir == ENCRYPTION)
- return new CCM_Encryption(bc.release(), tag_len, L_len);
+ return std::unique_ptr<AEAD_Mode>(new CCM_Encryption(bc.release(), tag_len, L_len));
else
- return new CCM_Decryption(bc.release(), tag_len, L_len);
+ return std::unique_ptr<AEAD_Mode>(new CCM_Decryption(bc.release(), tag_len, L_len));
}
#endif
@@ -107,9 +119,9 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
{
size_t tag_len = req.arg_as_integer(1, 16);
if(dir == ENCRYPTION)
- return new GCM_Encryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new GCM_Encryption(bc.release(), tag_len));
else
- return new GCM_Decryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new GCM_Decryption(bc.release(), tag_len));
}
#endif
@@ -118,9 +130,9 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
{
size_t tag_len = req.arg_as_integer(1, 16);
if(dir == ENCRYPTION)
- return new OCB_Encryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new OCB_Encryption(bc.release(), tag_len));
else
- return new OCB_Decryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new OCB_Decryption(bc.release(), tag_len));
}
#endif
@@ -129,9 +141,9 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
{
size_t tag_len = req.arg_as_integer(1, bc->block_size());
if(dir == ENCRYPTION)
- return new EAX_Encryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new EAX_Encryption(bc.release(), tag_len));
else
- return new EAX_Decryption(bc.release(), tag_len);
+ return std::unique_ptr<AEAD_Mode>(new EAX_Decryption(bc.release(), tag_len));
}
#endif
@@ -139,15 +151,17 @@ AEAD_Mode* get_aead(const std::string& algo, Cipher_Dir dir)
if(req.algo_name() == "SIV")
{
if(dir == ENCRYPTION)
- return new SIV_Encryption(bc.release());
+ return std::unique_ptr<AEAD_Mode>(new SIV_Encryption(bc.release()));
else
- return new SIV_Decryption(bc.release());
+ return std::unique_ptr<AEAD_Mode>(new SIV_Decryption(bc.release()));
}
#endif
#endif
- return nullptr;
+ return std::unique_ptr<AEAD_Mode>();
}
+
+
}
diff --git a/src/lib/modes/aead/aead.h b/src/lib/modes/aead/aead.h
index 18bc339f1..4d4b60ce1 100644
--- a/src/lib/modes/aead/aead.h
+++ b/src/lib/modes/aead/aead.h
@@ -22,6 +22,28 @@ namespace Botan {
class BOTAN_PUBLIC_API(2,0) AEAD_Mode : public Cipher_Mode
{
public:
+ /**
+ * Create an AEAD mode
+ * @param algo the algorithm to create
+ * @param direction specify if this should be an encryption or decryption AEAD
+ * @param provider optional specification for provider to use
+ * @return an AEAD mode or a null pointer if not available
+ */
+ static std::unique_ptr<AEAD_Mode> create(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider = "");
+
+ /**
+ * Create an AEAD mode, or throw
+ * @param algo the algorithm to create
+ * @param direction specify if this should be an encryption or decryption AEAD
+ * @param provider optional specification for provider to use
+ * @return an AEAD mode, or throw an exception
+ */
+ static std::unique_ptr<AEAD_Mode> create_or_throw(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider = "");
+
bool authenticated() const override { return true; }
/**
@@ -82,7 +104,10 @@ class BOTAN_PUBLIC_API(2,0) AEAD_Mode : public Cipher_Mode
* @param name AEAD name
* @param direction ENCRYPTION or DECRYPTION
*/
-BOTAN_PUBLIC_API(2,0) AEAD_Mode* get_aead(const std::string& name, Cipher_Dir direction);
+inline AEAD_Mode* get_aead(const std::string& name, Cipher_Dir direction)
+ {
+ return AEAD_Mode::create(name, direction, "").release();
+ }
}
diff --git a/src/lib/modes/cipher_mode.cpp b/src/lib/modes/cipher_mode.cpp
index 804713be7..00d7a4db0 100644
--- a/src/lib/modes/cipher_mode.cpp
+++ b/src/lib/modes/cipher_mode.cpp
@@ -37,31 +37,44 @@
namespace Botan {
-Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
- const std::string& provider)
+std::unique_ptr<Cipher_Mode> Cipher_Mode::create_or_throw(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider)
+ {
+ if(auto mode = Cipher_Mode::create(algo, direction, provider))
+ return mode;
+
+ throw Lookup_Error("Cipher mode", algo, provider);
+ }
+
+std::unique_ptr<Cipher_Mode> Cipher_Mode::create(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider)
{
#if defined(BOTAN_HAS_OPENSSL)
if(provider.empty() || provider == "openssl")
{
- if(Cipher_Mode* bc = make_openssl_cipher_mode(algo, direction))
- return bc;
+ std::unique_ptr<Cipher_Mode> openssl_cipher(make_openssl_cipher_mode(algo, direction));
+
+ if(openssl_cipher)
+ return openssl_cipher;
if(!provider.empty())
- return nullptr;
+ return std::unique_ptr<Cipher_Mode>();
}
#endif
#if defined(BOTAN_HAS_STREAM_CIPHER)
if(auto sc = StreamCipher::create(algo))
{
- return new Stream_Cipher_Mode(sc.release());
+ return std::unique_ptr<Cipher_Mode>(new Stream_Cipher_Mode(sc.release()));
}
#endif
#if defined(BOTAN_HAS_AEAD_MODES)
- if(auto aead = get_aead(algo, direction))
+ if(auto aead = AEAD_Mode::create(algo, direction))
{
- return aead;
+ return std::unique_ptr<Cipher_Mode>(aead.release());
}
#endif
@@ -72,7 +85,7 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
if(mode_info.empty())
- return nullptr;
+ return std::unique_ptr<Cipher_Mode>();
std::ostringstream alg_args;
@@ -84,7 +97,7 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
alg_args << ')';
const std::string mode_name = mode_info[0] + alg_args.str();
- return get_cipher_mode(mode_name, direction, provider);
+ return Cipher_Mode::create(mode_name, direction, provider);
}
#if defined(BOTAN_HAS_BLOCK_CIPHER)
@@ -93,14 +106,14 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
if(spec.arg_count() == 0)
{
- return nullptr;
+ return std::unique_ptr<Cipher_Mode>();
}
std::unique_ptr<BlockCipher> bc(BlockCipher::create(spec.arg(0), provider));
if(!bc)
{
- return nullptr;
+ return std::unique_ptr<Cipher_Mode>();
}
#if defined(BOTAN_HAS_MODE_CBC)
@@ -111,9 +124,9 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
if(padding == "CTS")
{
if(direction == ENCRYPTION)
- return new CTS_Encryption(bc.release());
+ return std::unique_ptr<Cipher_Mode>(new CTS_Encryption(bc.release()));
else
- return new CTS_Decryption(bc.release());
+ return std::unique_ptr<Cipher_Mode>(new CTS_Decryption(bc.release()));
}
else
{
@@ -122,9 +135,9 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
if(pad)
{
if(direction == ENCRYPTION)
- return new CBC_Encryption(bc.release(), pad.release());
+ return std::unique_ptr<Cipher_Mode>(new CBC_Encryption(bc.release(), pad.release()));
else
- return new CBC_Decryption(bc.release(), pad.release());
+ return std::unique_ptr<Cipher_Mode>(new CBC_Decryption(bc.release(), pad.release()));
}
}
}
@@ -134,9 +147,9 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
if(spec.algo_name() == "XTS")
{
if(direction == ENCRYPTION)
- return new XTS_Encryption(bc.release());
+ return std::unique_ptr<Cipher_Mode>(new XTS_Encryption(bc.release()));
else
- return new XTS_Decryption(bc.release());
+ return std::unique_ptr<Cipher_Mode>(new XTS_Decryption(bc.release()));
}
#endif
@@ -145,15 +158,15 @@ Cipher_Mode* get_cipher_mode(const std::string& algo, Cipher_Dir direction,
{
const size_t feedback_bits = spec.arg_as_integer(1, 8*bc->block_size());
if(direction == ENCRYPTION)
- return new CFB_Encryption(bc.release(), feedback_bits);
+ return std::unique_ptr<Cipher_Mode>(new CFB_Encryption(bc.release(), feedback_bits));
else
- return new CFB_Decryption(bc.release(), feedback_bits);
+ return std::unique_ptr<Cipher_Mode>(new CFB_Decryption(bc.release(), feedback_bits));
}
#endif
#endif
- return nullptr;
+ return std::unique_ptr<Cipher_Mode>();
}
//static
@@ -163,7 +176,7 @@ std::vector<std::string> Cipher_Mode::providers(const std::string& algo_spec)
std::vector<std::string> providers;
for(auto&& prov : possible)
{
- std::unique_ptr<Cipher_Mode> mode(get_cipher_mode(algo_spec, ENCRYPTION, prov));
+ std::unique_ptr<Cipher_Mode> mode = Cipher_Mode::create(algo_spec, ENCRYPTION, prov);
if(mode)
{
providers.push_back(prov); // available
diff --git a/src/lib/modes/cipher_mode.h b/src/lib/modes/cipher_mode.h
index 7abfdac97..f67e737a4 100644
--- a/src/lib/modes/cipher_mode.h
+++ b/src/lib/modes/cipher_mode.h
@@ -18,6 +18,12 @@
namespace Botan {
/**
+* The two possible directions for cipher filters, determining whether they
+* actually perform encryption or decryption.
+*/
+enum Cipher_Dir : int { ENCRYPTION, DECRYPTION };
+
+/**
* Interface for cipher modes
*/
class BOTAN_PUBLIC_API(2,0) Cipher_Mode
@@ -31,6 +37,28 @@ class BOTAN_PUBLIC_API(2,0) Cipher_Mode
*/
static std::vector<std::string> providers(const std::string& algo_spec);
+ /**
+ * Create an AEAD mode
+ * @param algo the algorithm to create
+ * @param direction specify if this should be an encryption or decryption AEAD
+ * @param provider optional specification for provider to use
+ * @return an AEAD mode or a null pointer if not available
+ */
+ static std::unique_ptr<Cipher_Mode> create(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider = "");
+
+ /**
+ * Create an AEAD mode, or throw
+ * @param algo the algorithm to create
+ * @param direction specify if this should be an encryption or decryption AEAD
+ * @param provider optional specification for provider to use
+ * @return an AEAD mode, or throw an exception
+ */
+ static std::unique_ptr<Cipher_Mode> create_or_throw(const std::string& algo,
+ Cipher_Dir direction,
+ const std::string& provider = "");
+
/*
* Prepare for processing a message under the specified nonce
*/
@@ -212,21 +240,17 @@ class BOTAN_PUBLIC_API(2,0) Cipher_Mode
};
/**
-* The two possible directions for cipher filters, determining whether they
-* actually perform encryption or decryption.
-*/
-enum Cipher_Dir : int { ENCRYPTION, DECRYPTION };
-
-/**
* Get a cipher mode by name (eg "AES-128/CBC" or "Serpent/XTS")
* @param algo_spec cipher name
* @param direction ENCRYPTION or DECRYPTION
* @param provider provider implementation to choose
*/
-BOTAN_PUBLIC_API(2,2)
-Cipher_Mode* get_cipher_mode(const std::string& algo_spec,
- Cipher_Dir direction,
- const std::string& provider = "");
+inline Cipher_Mode* get_cipher_mode(const std::string& algo_spec,
+ Cipher_Dir direction,
+ const std::string& provider = "")
+ {
+ return Cipher_Mode::create(algo_spec, direction, provider).release();
+ }
}
diff --git a/src/lib/pubkey/ecies/ecies.cpp b/src/lib/pubkey/ecies/ecies.cpp
index 8bc4e2600..793cca225 100644
--- a/src/lib/pubkey/ecies/ecies.cpp
+++ b/src/lib/pubkey/ecies/ecies.cpp
@@ -221,12 +221,7 @@ std::unique_ptr<MessageAuthenticationCode> ECIES_System_Params::create_mac() con
std::unique_ptr<Cipher_Mode> ECIES_System_Params::create_cipher(Botan::Cipher_Dir direction) const
{
- Cipher_Mode* cipher = get_cipher_mode(m_dem_spec, direction);
- if(cipher == nullptr)
- {
- throw Algorithm_Not_Found(m_dem_spec);
- }
- return std::unique_ptr<Cipher_Mode>(cipher);
+ return Cipher_Mode::create_or_throw(m_dem_spec, direction);
}
diff --git a/src/lib/pubkey/mceies/mceies.cpp b/src/lib/pubkey/mceies/mceies.cpp
index 3cdb9a6f8..15706d430 100644
--- a/src/lib/pubkey/mceies/mceies.cpp
+++ b/src/lib/pubkey/mceies/mceies.cpp
@@ -46,9 +46,7 @@ mceies_encrypt(const McEliece_PublicKey& pubkey,
BOTAN_ASSERT(mce_ciphertext.size() == mce_code_bytes, "Unexpected size");
- std::unique_ptr<AEAD_Mode> aead(get_aead(algo, ENCRYPTION));
- if(!aead)
- throw Exception("mce_encrypt unable to create AEAD instance '" + algo + "'");
+ std::unique_ptr<AEAD_Mode> aead = AEAD_Mode::create_or_throw(algo, ENCRYPTION);
const size_t nonce_len = aead->default_nonce_length();
@@ -80,9 +78,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey,
const size_t mce_code_bytes = (privkey.get_code_length() + 7) / 8;
- std::unique_ptr<AEAD_Mode> aead(get_aead(algo, DECRYPTION));
- if(!aead)
- throw Exception("Unable to create AEAD instance '" + algo + "'");
+ std::unique_ptr<AEAD_Mode> aead = AEAD_Mode::create_or_throw(algo, DECRYPTION);
const size_t nonce_len = aead->default_nonce_length();
diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp
index 65e2cb429..e7bdf96ec 100644
--- a/src/lib/pubkey/pbes2/pbes2.cpp
+++ b/src/lib/pubkey/pbes2/pbes2.cpp
@@ -77,7 +77,7 @@ pbes2_encrypt_shared(const secure_vector<uint8_t>& key_bits,
if(cipher_spec[1] != "CBC" && cipher_spec[1] != "GCM")
throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher);
- std::unique_ptr<Cipher_Mode> enc(get_cipher_mode(cipher, ENCRYPTION));
+ std::unique_ptr<Cipher_Mode> enc = Cipher_Mode::create(cipher, ENCRYPTION);
if(!enc)
throw Decoding_Error("PBE-PKCS5 cannot encrypt no cipher " + cipher);
@@ -208,7 +208,7 @@ pbes2_decrypt(const secure_vector<uint8_t>& key_bits,
std::unique_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(" + prf + ")"));
- std::unique_ptr<Cipher_Mode> dec(get_cipher_mode(cipher, DECRYPTION));
+ std::unique_ptr<Cipher_Mode> dec = Cipher_Mode::create(cipher, DECRYPTION);
if(!dec)
throw Decoding_Error("PBE-PKCS5 cannot decrypt no cipher " + cipher);
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index 8997c319a..ded3831d0 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -92,8 +92,7 @@ Connection_Cipher_State::Connection_Cipher_State(Protocol_Version version,
}
else
{
- m_aead.reset(get_aead(suite.cipher_algo(), our_side ? ENCRYPTION : DECRYPTION));
- BOTAN_ASSERT(m_aead, "Have AEAD");
+ m_aead = AEAD_Mode::create_or_throw(suite.cipher_algo(), our_side ? ENCRYPTION : DECRYPTION);
m_aead->set_key(cipher_key + mac_key);
diff --git a/src/lib/tls/tls_session.cpp b/src/lib/tls/tls_session.cpp
index f595101f2..85443949d 100644
--- a/src/lib/tls/tls_session.cpp
+++ b/src/lib/tls/tls_session.cpp
@@ -179,7 +179,7 @@ std::chrono::seconds Session::session_age() const
std::vector<uint8_t>
Session::encrypt(const SymmetricKey& key, RandomNumberGenerator& rng) const
{
- std::unique_ptr<AEAD_Mode> aead(get_aead("AES-256/GCM", ENCRYPTION));
+ std::unique_ptr<AEAD_Mode> aead = AEAD_Mode::create_or_throw("AES-256/GCM", ENCRYPTION);
const size_t nonce_len = aead->default_nonce_length();
const secure_vector<uint8_t> nonce = rng.random_vec(nonce_len);
@@ -202,7 +202,7 @@ Session Session::decrypt(const uint8_t in[], size_t in_len, const SymmetricKey&
{
try
{
- std::unique_ptr<AEAD_Mode> aead(get_aead("AES-256/GCM", DECRYPTION));
+ std::unique_ptr<AEAD_Mode> aead = AEAD_Mode::create_or_throw("AES-256/GCM", ENCRYPTION);
const size_t nonce_len = aead->default_nonce_length();
if(in_len < nonce_len + aead->tag_size())
diff --git a/src/tests/test_aead.cpp b/src/tests/test_aead.cpp
index 13d6ee320..afd169396 100644
--- a/src/tests/test_aead.cpp
+++ b/src/tests/test_aead.cpp
@@ -28,7 +28,7 @@ class AEAD_Tests final : public Text_Based_Test
{
Test::Result result(algo);
- std::unique_ptr<Botan::AEAD_Mode> enc(Botan::get_aead(algo, Botan::ENCRYPTION));
+ std::unique_ptr<Botan::AEAD_Mode> enc(Botan::AEAD_Mode::create(algo, Botan::ENCRYPTION));
result.test_eq("AEAD encrypt output_length is correct", enc->output_length(input.size()), expected.size());
@@ -142,7 +142,7 @@ class AEAD_Tests final : public Text_Based_Test
{
Test::Result result(algo);
- std::unique_ptr<Botan::AEAD_Mode> dec(Botan::get_aead(algo, Botan::DECRYPTION));
+ std::unique_ptr<Botan::AEAD_Mode> dec(Botan::AEAD_Mode::create(algo, Botan::DECRYPTION));
result.test_eq("AEAD decrypt output_length is correct", dec->output_length(input.size()), expected.size());
@@ -327,8 +327,8 @@ class AEAD_Tests final : public Text_Based_Test
Test::Result result(algo);
- std::unique_ptr<Botan::AEAD_Mode> enc(Botan::get_aead(algo, Botan::ENCRYPTION));
- std::unique_ptr<Botan::AEAD_Mode> dec(Botan::get_aead(algo, Botan::DECRYPTION));
+ std::unique_ptr<Botan::AEAD_Mode> enc(Botan::AEAD_Mode::create(algo, Botan::ENCRYPTION));
+ std::unique_ptr<Botan::AEAD_Mode> dec(Botan::AEAD_Mode::create(algo, Botan::DECRYPTION));
if(!enc || !dec)
{
diff --git a/src/tests/test_dlies.cpp b/src/tests/test_dlies.cpp
index 4c9708052..d3fb76498 100644
--- a/src/tests/test_dlies.cpp
+++ b/src/tests/test_dlies.cpp
@@ -64,8 +64,8 @@ class DLIES_KAT_Tests final : public Text_Based_Test
if(cipher_algo != "XOR")
{
- enc.reset(Botan::get_cipher_mode(cipher_algo, Botan::ENCRYPTION));
- dec.reset(Botan::get_cipher_mode(cipher_algo, Botan::DECRYPTION));
+ enc = Botan::Cipher_Mode::create(cipher_algo, Botan::ENCRYPTION);
+ dec = Botan::Cipher_Mode::create(cipher_algo, Botan::DECRYPTION);
if(!enc || !dec)
{
diff --git a/src/tests/test_filters.cpp b/src/tests/test_filters.cpp
index c1bcf3603..71bcae14a 100644
--- a/src/tests/test_filters.cpp
+++ b/src/tests/test_filters.cpp
@@ -423,7 +423,7 @@ class Filter_Tests final : public Test
#if defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_MODE_CBC) && defined(BOTAN_HAS_CIPHER_MODE_PADDING)
Botan::Cipher_Mode_Filter* cipher =
- new Botan::Cipher_Mode_Filter(Botan::get_cipher_mode("AES-128/CBC/PKCS7", Botan::ENCRYPTION));
+ new Botan::Cipher_Mode_Filter(Botan::Cipher_Mode::create("AES-128/CBC/PKCS7", Botan::ENCRYPTION));
result.test_eq("Cipher filter name", cipher->name(), "AES-128/CBC/PKCS7");
@@ -458,7 +458,7 @@ class Filter_Tests final : public Test
result.test_eq("Ciphertext3", ciphertext3, "1241B9976F73051BCF809525D6E86C25");
Botan::Cipher_Mode_Filter* dec_cipher =
- new Botan::Cipher_Mode_Filter(Botan::get_cipher_mode("AES-128/CBC/PKCS7", Botan::DECRYPTION));
+ new Botan::Cipher_Mode_Filter(Botan::Cipher_Mode::create("AES-128/CBC/PKCS7", Botan::DECRYPTION));
pipe.append(dec_cipher);
dec_cipher->set_key(Botan::SymmetricKey("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"));
dec_cipher->set_iv(Botan::InitializationVector("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB"));
diff --git a/src/tests/test_modes.cpp b/src/tests/test_modes.cpp
index 89b201873..6cdcd73b0 100644
--- a/src/tests/test_modes.cpp
+++ b/src/tests/test_modes.cpp
@@ -45,9 +45,9 @@ class Cipher_Mode_Tests final : public Text_Based_Test
for(auto&& provider_ask : providers)
{
- std::unique_ptr<Botan::Cipher_Mode> enc(Botan::get_cipher_mode(
+ std::unique_ptr<Botan::Cipher_Mode> enc(Botan::Cipher_Mode::create(
algo, Botan::ENCRYPTION, provider_ask));
- std::unique_ptr<Botan::Cipher_Mode> dec(Botan::get_cipher_mode(
+ std::unique_ptr<Botan::Cipher_Mode> dec(Botan::Cipher_Mode::create(
algo, Botan::DECRYPTION, provider_ask));
if(!enc || !dec)
@@ -198,9 +198,9 @@ class Cipher_Mode_IV_Carry_Tests final : public Test
#if defined(BOTAN_HAS_MODE_CBC) && defined(BOTAN_HAS_AES)
std::unique_ptr<Botan::Cipher_Mode> enc(
- Botan::get_cipher_mode("AES-128/CBC/PKCS7", Botan::ENCRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CBC/PKCS7", Botan::ENCRYPTION));
std::unique_ptr<Botan::Cipher_Mode> dec(
- Botan::get_cipher_mode("AES-128/CBC/PKCS7", Botan::DECRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CBC/PKCS7", Botan::DECRYPTION));
const std::vector<uint8_t> key(16, 0xAA);
const std::vector<uint8_t> iv(16, 0xAA);
@@ -251,9 +251,9 @@ class Cipher_Mode_IV_Carry_Tests final : public Test
Test::Result result("CFB IV carry");
#if defined(BOTAN_HAS_MODE_CFB) && defined(BOTAN_HAS_AES)
std::unique_ptr<Botan::Cipher_Mode> enc(
- Botan::get_cipher_mode("AES-128/CFB(8)", Botan::ENCRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CFB(8)", Botan::ENCRYPTION));
std::unique_ptr<Botan::Cipher_Mode> dec(
- Botan::get_cipher_mode("AES-128/CFB(8)", Botan::DECRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CFB(8)", Botan::DECRYPTION));
const std::vector<uint8_t> key(16, 0xAA);
const std::vector<uint8_t> iv(16, 0xAB);
@@ -300,9 +300,9 @@ class Cipher_Mode_IV_Carry_Tests final : public Test
#if defined(BOTAN_HAS_CTR_BE) && defined(BOTAN_HAS_AES)
std::unique_ptr<Botan::Cipher_Mode> enc(
- Botan::get_cipher_mode("AES-128/CTR-BE", Botan::ENCRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CTR-BE", Botan::ENCRYPTION));
std::unique_ptr<Botan::Cipher_Mode> dec(
- Botan::get_cipher_mode("AES-128/CTR-BE", Botan::DECRYPTION));
+ Botan::Cipher_Mode::create("AES-128/CTR-BE", Botan::DECRYPTION));
const std::vector<uint8_t> key =
Botan::hex_decode("2B7E151628AED2A6ABF7158809CF4F3C");