aboutsummaryrefslogtreecommitdiffstats
path: root/src/modes/aead/eax
diff options
context:
space:
mode:
authorlloyd <[email protected]>2014-01-01 21:20:55 +0000
committerlloyd <[email protected]>2014-01-01 21:20:55 +0000
commit197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch)
treecdbd3ddaec051c72f0a757db461973d90c37b97a /src/modes/aead/eax
parent62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff)
Shuffle things around. Add NIST X.509 test to build.
Diffstat (limited to 'src/modes/aead/eax')
-rw-r--r--src/modes/aead/eax/eax.cpp170
-rw-r--r--src/modes/aead/eax/eax.h114
-rw-r--r--src/modes/aead/eax/info.txt7
3 files changed, 0 insertions, 291 deletions
diff --git a/src/modes/aead/eax/eax.cpp b/src/modes/aead/eax/eax.cpp
deleted file mode 100644
index 249bf5f7e..000000000
--- a/src/modes/aead/eax/eax.cpp
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
-* EAX Mode Encryption
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/eax.h>
-#include <botan/cmac.h>
-#include <botan/ctr.h>
-#include <botan/parsing.h>
-#include <botan/internal/xor_buf.h>
-#include <algorithm>
-
-namespace Botan {
-
-namespace {
-
-/*
-* EAX MAC-based PRF
-*/
-secure_vector<byte> eax_prf(byte tag, size_t block_size,
- MessageAuthenticationCode& mac,
- const byte in[], size_t length)
- {
- for(size_t i = 0; i != block_size - 1; ++i)
- mac.update(0);
- mac.update(tag);
- mac.update(in, length);
- return mac.final();
- }
-
-}
-
-/*
-* EAX_Mode Constructor
-*/
-EAX_Mode::EAX_Mode(BlockCipher* cipher, size_t tag_size) :
- m_tag_size(tag_size ? tag_size : cipher->block_size()),
- m_cipher(cipher),
- m_ctr(new CTR_BE(m_cipher->clone())),
- m_cmac(new CMAC(m_cipher->clone()))
- {
- if(m_tag_size < 8 || m_tag_size > m_cmac->output_length())
- throw Invalid_Argument(name() + ": Bad tag size " + std::to_string(tag_size));
- }
-
-void EAX_Mode::clear()
- {
- m_cipher.reset();
- m_ctr.reset();
- m_cmac.reset();
- zeroise(m_ad_mac);
- zeroise(m_nonce_mac);
- }
-
-std::string EAX_Mode::name() const
- {
- return (m_cipher->name() + "/EAX");
- }
-
-size_t EAX_Mode::update_granularity() const
- {
- return 8 * m_cipher->parallel_bytes();
- }
-
-Key_Length_Specification EAX_Mode::key_spec() const
- {
- return m_cipher->key_spec();
- }
-
-/*
-* Set the EAX key
-*/
-void EAX_Mode::key_schedule(const byte key[], size_t length)
- {
- /*
- * These could share the key schedule, which is one nice part of EAX,
- * but it's much easier to ignore that here...
- */
- m_ctr->set_key(key, length);
- m_cmac->set_key(key, length);
-
- m_ad_mac = eax_prf(1, block_size(), *m_cmac, nullptr, 0);
- }
-
-/*
-* Set the EAX associated data
-*/
-void EAX_Mode::set_associated_data(const byte ad[], size_t length)
- {
- m_ad_mac = eax_prf(1, block_size(), *m_cmac, ad, length);
- }
-
-secure_vector<byte> EAX_Mode::start(const byte nonce[], size_t nonce_len)
- {
- if(!valid_nonce_length(nonce_len))
- throw Invalid_IV_Length(name(), nonce_len);
-
- m_nonce_mac = eax_prf(0, block_size(), *m_cmac, nonce, nonce_len);
-
- m_ctr->set_iv(&m_nonce_mac[0], m_nonce_mac.size());
-
- for(size_t i = 0; i != block_size() - 1; ++i)
- m_cmac->update(0);
- m_cmac->update(2);
-
- return secure_vector<byte>();
- }
-
-void EAX_Encryption::update(secure_vector<byte>& buffer, size_t offset)
- {
- BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
- const size_t sz = buffer.size() - offset;
- byte* buf = &buffer[offset];
-
- m_ctr->cipher(buf, buf, sz);
- m_cmac->update(buf, sz);
- }
-
-void EAX_Encryption::finish(secure_vector<byte>& buffer, size_t offset)
- {
- update(buffer, offset);
-
- secure_vector<byte> data_mac = m_cmac->final();
- xor_buf(data_mac, m_nonce_mac, data_mac.size());
- xor_buf(data_mac, m_ad_mac, data_mac.size());
-
- buffer += std::make_pair(&data_mac[0], tag_size());
- }
-
-void EAX_Decryption::update(secure_vector<byte>& buffer, size_t offset)
- {
- BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
- const size_t sz = buffer.size() - offset;
- byte* buf = &buffer[offset];
-
- m_cmac->update(buf, sz);
- m_ctr->cipher(buf, buf, sz);
- }
-
-void EAX_Decryption::finish(secure_vector<byte>& buffer, size_t offset)
- {
- BOTAN_ASSERT(buffer.size() >= offset, "Offset is sane");
- const size_t sz = buffer.size() - offset;
- byte* buf = &buffer[offset];
-
- BOTAN_ASSERT(sz >= tag_size(), "Have the tag as part of final input");
-
- const size_t remaining = sz - tag_size();
-
- if(remaining)
- {
- m_cmac->update(buf, remaining);
- m_ctr->cipher(buf, buf, remaining);
- }
-
- const byte* included_tag = &buf[remaining];
-
- secure_vector<byte> mac = m_cmac->final();
- mac ^= m_nonce_mac;
- mac ^= m_ad_mac;
-
- if(!same_mem(&mac[0], included_tag, tag_size()))
- throw Integrity_Failure("EAX tag check failed");
-
- buffer.resize(offset + remaining);
- }
-
-}
diff --git a/src/modes/aead/eax/eax.h b/src/modes/aead/eax/eax.h
deleted file mode 100644
index 224fb5298..000000000
--- a/src/modes/aead/eax/eax.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
-* EAX Mode
-* (C) 1999-2007,2013 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_AEAD_EAX_H__
-#define BOTAN_AEAD_EAX_H__
-
-#include <botan/aead.h>
-#include <botan/block_cipher.h>
-#include <botan/stream_cipher.h>
-#include <botan/mac.h>
-#include <memory>
-
-namespace Botan {
-
-/**
-* EAX base class
-*/
-class BOTAN_DLL EAX_Mode : public AEAD_Mode
- {
- public:
- secure_vector<byte> start(const byte nonce[], size_t nonce_len) override;
-
- void set_associated_data(const byte ad[], size_t ad_len) override;
-
- std::string name() const override;
-
- size_t update_granularity() const;
-
- Key_Length_Specification key_spec() const override;
-
- // EAX supports arbitrary nonce lengths
- bool valid_nonce_length(size_t) const override { return true; }
-
- size_t tag_size() const { return m_tag_size; }
-
- void clear();
- protected:
- void key_schedule(const byte key[], size_t length) override;
-
- /**
- * @param cipher the cipher to use
- * @param tag_size is how big the auth tag will be
- */
- EAX_Mode(BlockCipher* cipher, size_t tag_size);
-
- size_t block_size() const { return m_cipher->block_size(); }
-
- size_t m_tag_size;
-
- std::unique_ptr<BlockCipher> m_cipher;
- std::unique_ptr<StreamCipher> m_ctr;
- std::unique_ptr<MessageAuthenticationCode> m_cmac;
-
- secure_vector<byte> m_ad_mac;
-
- secure_vector<byte> m_nonce_mac;
- };
-
-/**
-* EAX Encryption
-*/
-class BOTAN_DLL EAX_Encryption : public EAX_Mode
- {
- public:
- /**
- * @param cipher a 128-bit block cipher
- * @param tag_size is how big the auth tag will be
- */
- EAX_Encryption(BlockCipher* cipher, size_t tag_size = 0) :
- EAX_Mode(cipher, tag_size) {}
-
- size_t output_length(size_t input_length) const override
- { return input_length + tag_size(); }
-
- size_t minimum_final_size() const override { return 0; }
-
- void update(secure_vector<byte>& blocks, size_t offset = 0) override;
-
- void finish(secure_vector<byte>& final_block, size_t offset = 0) override;
- };
-
-/**
-* EAX Decryption
-*/
-class BOTAN_DLL EAX_Decryption : public EAX_Mode
- {
- public:
- /**
- * @param cipher a 128-bit block cipher
- * @param tag_size is how big the auth tag will be
- */
- EAX_Decryption(BlockCipher* cipher, size_t tag_size = 0) :
- EAX_Mode(cipher, tag_size) {}
-
- size_t output_length(size_t input_length) const override
- {
- BOTAN_ASSERT(input_length > tag_size(), "Sufficient input");
- return input_length - tag_size();
- }
-
- size_t minimum_final_size() const override { return tag_size(); }
-
- void update(secure_vector<byte>& blocks, size_t offset = 0) override;
-
- void finish(secure_vector<byte>& final_block, size_t offset = 0) override;
- };
-
-}
-
-#endif
diff --git a/src/modes/aead/eax/info.txt b/src/modes/aead/eax/info.txt
deleted file mode 100644
index 75775fa16..000000000
--- a/src/modes/aead/eax/info.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-define AEAD_EAX 20131128
-
-<requires>
-block
-cmac
-ctr
-</requires>