diff options
author | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
commit | 197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch) | |
tree | cdbd3ddaec051c72f0a757db461973d90c37b97a /src/modes/aead/eax | |
parent | 62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff) |
Shuffle things around. Add NIST X.509 test to build.
Diffstat (limited to 'src/modes/aead/eax')
-rw-r--r-- | src/modes/aead/eax/eax.cpp | 170 | ||||
-rw-r--r-- | src/modes/aead/eax/eax.h | 114 | ||||
-rw-r--r-- | src/modes/aead/eax/info.txt | 7 |
3 files changed, 0 insertions, 291 deletions
diff --git a/src/modes/aead/eax/eax.cpp b/src/modes/aead/eax/eax.cpp deleted file mode 100644 index 249bf5f7e..000000000 --- a/src/modes/aead/eax/eax.cpp +++ /dev/null @@ -1,170 +0,0 @@ -/* -* EAX Mode Encryption -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/eax.h> -#include <botan/cmac.h> -#include <botan/ctr.h> -#include <botan/parsing.h> -#include <botan/internal/xor_buf.h> -#include <algorithm> - -namespace Botan { - -namespace { - -/* -* EAX MAC-based PRF -*/ -secure_vector<byte> eax_prf(byte tag, size_t block_size, - MessageAuthenticationCode& mac, - const byte in[], size_t length) - { - for(size_t i = 0; i != block_size - 1; ++i) - mac.update(0); - mac.update(tag); - mac.update(in, length); - return mac.final(); - } - -} - -/* -* EAX_Mode Constructor -*/ -EAX_Mode::EAX_Mode(BlockCipher* cipher, size_t tag_size) : - m_tag_size(tag_size ? tag_size : cipher->block_size()), - m_cipher(cipher), - m_ctr(new CTR_BE(m_cipher->clone())), - m_cmac(new CMAC(m_cipher->clone())) - { - if(m_tag_size < 8 || m_tag_size > m_cmac->output_length()) - throw Invalid_Argument(name() + ": Bad tag size " + std::to_string(tag_size)); - } - -void EAX_Mode::clear() - { - m_cipher.reset(); - m_ctr.reset(); - m_cmac.reset(); - zeroise(m_ad_mac); - zeroise(m_nonce_mac); - } - -std::string EAX_Mode::name() const - { - return (m_cipher->name() + "/EAX"); - } - -size_t EAX_Mode::update_granularity() const - { - return 8 * m_cipher->parallel_bytes(); - } - -Key_Length_Specification EAX_Mode::key_spec() const - { - return m_cipher->key_spec(); - } - -/* -* Set the EAX key -*/ -void EAX_Mode::key_schedule(const byte key[], size_t length) - { - /* - * These could share the key schedule, which is one nice part of EAX, - * but it's much easier to ignore that here... - */ - m_ctr->set_key(key, length); - m_cmac->set_key(key, length); - - m_ad_mac = eax_prf(1, block_size(), *m_cmac, nullptr, 0); - } - -/* -* Set the EAX associated data -*/ -void EAX_Mode::set_associated_data(const byte ad[], size_t length) - { - m_ad_mac = eax_prf(1, block_size(), *m_cmac, ad, length); - } - -secure_vector<byte> EAX_Mode::start(const byte nonce[], size_t nonce_len) - { - if(!valid_nonce_length(nonce_len)) - throw Invalid_IV_Length(name(), nonce_len); - - m_nonce_mac = eax_prf(0, block_size(), *m_cmac, nonce, nonce_len); - - m_ctr->set_iv(&m_nonce_mac[0], m_nonce_mac.size()); - - for(size_t i = 0; i != block_size() - 1; ++i) - m_cmac->update(0); - m_cmac->update(2); - - return secure_vector<byte>(); - } - -void EAX_Encryption::update(secure_vector<byte>& buffer, size_t offset) - { - BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane"); - const size_t sz = buffer.size() - offset; - byte* buf = &buffer[offset]; - - m_ctr->cipher(buf, buf, sz); - m_cmac->update(buf, sz); - } - -void EAX_Encryption::finish(secure_vector<byte>& buffer, size_t offset) - { - update(buffer, offset); - - secure_vector<byte> data_mac = m_cmac->final(); - xor_buf(data_mac, m_nonce_mac, data_mac.size()); - xor_buf(data_mac, m_ad_mac, data_mac.size()); - - buffer += std::make_pair(&data_mac[0], tag_size()); - } - -void EAX_Decryption::update(secure_vector<byte>& buffer, size_t offset) - { - BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane"); - const size_t sz = buffer.size() - offset; - byte* buf = &buffer[offset]; - - m_cmac->update(buf, sz); - m_ctr->cipher(buf, buf, sz); - } - -void EAX_Decryption::finish(secure_vector<byte>& buffer, size_t offset) - { - BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane"); - const size_t sz = buffer.size() - offset; - byte* buf = &buffer[offset]; - - BOTAN_ASSERT(sz >= tag_size(), "Have the tag as part of final input"); - - const size_t remaining = sz - tag_size(); - - if(remaining) - { - m_cmac->update(buf, remaining); - m_ctr->cipher(buf, buf, remaining); - } - - const byte* included_tag = &buf[remaining]; - - secure_vector<byte> mac = m_cmac->final(); - mac ^= m_nonce_mac; - mac ^= m_ad_mac; - - if(!same_mem(&mac[0], included_tag, tag_size())) - throw Integrity_Failure("EAX tag check failed"); - - buffer.resize(offset + remaining); - } - -} diff --git a/src/modes/aead/eax/eax.h b/src/modes/aead/eax/eax.h deleted file mode 100644 index 224fb5298..000000000 --- a/src/modes/aead/eax/eax.h +++ /dev/null @@ -1,114 +0,0 @@ -/* -* EAX Mode -* (C) 1999-2007,2013 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_AEAD_EAX_H__ -#define BOTAN_AEAD_EAX_H__ - -#include <botan/aead.h> -#include <botan/block_cipher.h> -#include <botan/stream_cipher.h> -#include <botan/mac.h> -#include <memory> - -namespace Botan { - -/** -* EAX base class -*/ -class BOTAN_DLL EAX_Mode : public AEAD_Mode - { - public: - secure_vector<byte> start(const byte nonce[], size_t nonce_len) override; - - void set_associated_data(const byte ad[], size_t ad_len) override; - - std::string name() const override; - - size_t update_granularity() const; - - Key_Length_Specification key_spec() const override; - - // EAX supports arbitrary nonce lengths - bool valid_nonce_length(size_t) const override { return true; } - - size_t tag_size() const { return m_tag_size; } - - void clear(); - protected: - void key_schedule(const byte key[], size_t length) override; - - /** - * @param cipher the cipher to use - * @param tag_size is how big the auth tag will be - */ - EAX_Mode(BlockCipher* cipher, size_t tag_size); - - size_t block_size() const { return m_cipher->block_size(); } - - size_t m_tag_size; - - std::unique_ptr<BlockCipher> m_cipher; - std::unique_ptr<StreamCipher> m_ctr; - std::unique_ptr<MessageAuthenticationCode> m_cmac; - - secure_vector<byte> m_ad_mac; - - secure_vector<byte> m_nonce_mac; - }; - -/** -* EAX Encryption -*/ -class BOTAN_DLL EAX_Encryption : public EAX_Mode - { - public: - /** - * @param cipher a 128-bit block cipher - * @param tag_size is how big the auth tag will be - */ - EAX_Encryption(BlockCipher* cipher, size_t tag_size = 0) : - EAX_Mode(cipher, tag_size) {} - - size_t output_length(size_t input_length) const override - { return input_length + tag_size(); } - - size_t minimum_final_size() const override { return 0; } - - void update(secure_vector<byte>& blocks, size_t offset = 0) override; - - void finish(secure_vector<byte>& final_block, size_t offset = 0) override; - }; - -/** -* EAX Decryption -*/ -class BOTAN_DLL EAX_Decryption : public EAX_Mode - { - public: - /** - * @param cipher a 128-bit block cipher - * @param tag_size is how big the auth tag will be - */ - EAX_Decryption(BlockCipher* cipher, size_t tag_size = 0) : - EAX_Mode(cipher, tag_size) {} - - size_t output_length(size_t input_length) const override - { - BOTAN_ASSERT(input_length > tag_size(), "Sufficient input"); - return input_length - tag_size(); - } - - size_t minimum_final_size() const override { return tag_size(); } - - void update(secure_vector<byte>& blocks, size_t offset = 0) override; - - void finish(secure_vector<byte>& final_block, size_t offset = 0) override; - }; - -} - -#endif diff --git a/src/modes/aead/eax/info.txt b/src/modes/aead/eax/info.txt deleted file mode 100644 index 75775fa16..000000000 --- a/src/modes/aead/eax/info.txt +++ /dev/null @@ -1,7 +0,0 @@ -define AEAD_EAX 20131128 - -<requires> -block -cmac -ctr -</requires> |