diff options
author | Never <[email protected]> | 2016-11-10 16:45:26 +0100 |
---|---|---|
committer | Never <[email protected]> | 2016-11-11 17:06:58 +0100 |
commit | b26dd8c5547d665cde4766cb3b397435a51be80c (patch) | |
tree | 13cc7f4074d878f52a311f0bda0c0c60f0c45165 /doc/manual/lowlevel.rst | |
parent | 523b2a4ca48fa5cf04ea371aabe7167ce2e5cd13 (diff) |
Doc changes/additions: hash,symmetric crypto and pubkey
Diffstat (limited to 'doc/manual/lowlevel.rst')
-rw-r--r-- | doc/manual/lowlevel.rst | 169 |
1 files changed, 0 insertions, 169 deletions
diff --git a/doc/manual/lowlevel.rst b/doc/manual/lowlevel.rst index ae7337c4e..5d5fbea7b 100644 --- a/doc/manual/lowlevel.rst +++ b/doc/manual/lowlevel.rst @@ -70,172 +70,3 @@ Both symmetric keys and initialization values can be considered byte .. cpp:function:: as_string() const Returns the hex representation of the key or IV - -Symmetrically Keyed Algorithms ---------------------------------- - -Block ciphers, stream ciphers, and MACs are all keyed operations; to -be useful, they have to be set to use a particular key, which is a -randomly chosen string of bits of a specified length. The length -required by any particular algorithm may vary, depending on both the -algorithm specification and the implementation. You can query any -botan object to find out what key length(s) it supports. - -To make this similarity in terms of keying explicit, all algorithms of -those types are derived from the :cpp:class`SymmetricAlgorithm` base. -This type provides functions for setting the key, and querying -restrictions on the size of the key. - -.. cpp:class:: SymmetricAlgorithm - - .. cpp:function:: void set_key(const byte* key, size_t length) - - .. cpp:function:: void set_key(const SymmetricKey& key) - - This sets the key to the value specified. Most algorithms only - accept keys of certain lengths. If you attempt to call - ``set_key`` with a key length that is not supported, the - exception ``Invalid_Key_Length`` will be thrown. - - In all cases, ``set_key`` must be called on an object before any - data processing (encryption, decryption, etc) is done by that - object. If this is not done, the results are undefined. - - .. cpp:function:: bool valid_keylength(size_t length) const - - This function returns true if and only if *length* is a valid - keylength for the algorithm. - - .. cpp:function:: size_t minimum_keylength() const - - Return the smallest key length (in bytes) that is acceptible for the - algorithm. - - .. cpp:function:: size_t maximum_keylength() const - - Return the largest key length (in bytes) that is acceptible for the - algorithm - -Block Ciphers ---------------------------------- - -All block ciphers classes in botan are subclasses of - -.. cpp:class:: BlockCipher - - Which subclasses the :cpp:class:`SymmetricAlgorithm` interface. - - .. cpp:function:: size_t block_size() const - - Returns the block size of the cipher in bytes - - .. cpp:function:: void encrypt_n(const byte* in, \ - byte* out, size_t n) const - - Encrypt *n* blocks of data, taking the input from the array *in* - and placing the ciphertext into *out*. The two pointers may be - identical, but should not overlap ranges. - - .. cpp:function:: void encrypt(const byte* in, byte* out) const - - Encrypt a single block, taking the input from *in* and placing - it in *out*. Acts like :cpp:func:`encrypt_n`\ (in, out, 1). - - .. cpp:function:: void encrypt(byte* block) const - - Identical to :cpp:func:`encrypt`\ (block, block) - - .. cpp:function:: void decrypt_n(const byte* in, byte out, size_t n) const - - Decrypt *n* blocks of data, taking the input from *in* and - placing the plaintext in *out*. The two pointers may be - identical, but should not overlap ranges. - - .. cpp:function:: void decrypt(const byte* in, byte* out) const - - Decrypt a single block, taking the input from *in* and placing it - in *out*. Acts like :cpp:func:`decrypt_n`\ (in, out, 1). - - .. cpp:function:: void decrypt(byte* block) const - - Identical to :cpp:func:`decrypt`\ (block, block) - - .. cpp:function:: size_t parallelism() const - - Returns the native parallelism of this implementation, ie how - many blocks can be processed in parallel if sufficient data is - passed to :cpp:func:`encrypt_n` or :cpp:func:`decrypt_n`. - -Stream Ciphers ---------------------------------- - -Stream ciphers are somewhat different from block ciphers, in that -encrypting data results in changing the internal state of the -cipher. Also, you may encrypt any length of data in one go (in byte -amounts). - -.. cpp:function:: void StreamCipher::encrypt(const byte* in, byte* out, size_t length) - -.. cpp:function:: void StreamCipher::encrypt(byte* data, size_t length) - -Stream ciphers implement the ``SymmetricAlgorithm`` interface. - -Hash Functions / Message Authentication Codes ----------------------------------------------- - -Hash functions take their input without producing any output, only -producing anything when all input has already taken place. MACs are -very similar, but are additionally keyed. Both of these are derived -from the base class ``BufferedComputation``, which has the following -functions. - -.. cpp:function:: size_t BufferedComputation::output_length() - -Return the size of the output of this function. - -.. cpp:function:: void BufferedComputation::update(const byte* input, size_t length) - -.. cpp:function:: void BufferedComputation::update(byte input) - -.. cpp:function:: void BufferedComputation::update(const std::string& input) - -Updates the hash/mac calculation with *input*. - -.. cpp:function:: void BufferedComputation::final(byte* out) - -.. cpp:function:: secure_vector<byte> BufferedComputation::final() - -Complete the hash/MAC calculation and place the result into ``out``. -For the argument taking an array, exactly ``output_length`` bytes will -be written. After you call ``final``, the hash function is reset to -its initial state, so it may be reused immediately. - -The second method of using final is to call it with no arguments at -all, as shown in the second prototype. It will return the hash/mac -value in a memory buffer. - -There is also a pair of functions called ``process``. They are a -combination of a single ``update``, and ``final``. Both versions -return the final value, rather than placing it an array. Calling -``process`` with a single byte value isn't available, mostly because -it would rarely be useful. - -A MAC can be viewed (in most cases) as a keyed hash function, so -classes that are derived from ``MessageAuthenticationCode`` have -``update`` and ``final`` classes just like a ``HashFunction`` (and -like a ``HashFunction``, after ``final`` is called, it can be used to -make a new MAC right away; the key is kept around). - -A MAC has the ``SymmetricAlgorithm`` interface in addition to the -``BufferedComputation`` interface. - -Checksums -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Checksums are very similar to hash functions, and in fact share the -same interface. But there are some significant differences, the major -ones being that the output size is very small (usually in the range of -2 to 4 bytes), and is not cryptographically secure. But for their -intended purpose (error checking), they perform very well. Some -examples of checksums included in Botan are the Adler32 and CRC32 -checksums. |