2 files changed, 91 insertions, 57 deletions

diff --git a/src/aead/aead.h b/src/aead/aead.h
index 0aa50f348..97f156d60 100644
--- a/src/aead/aead.h
+++ b/src/aead/aead.h
@@ -8,7 +8,7 @@
 #ifndef BOTAN_AEAD_MODE_H__
 #define BOTAN_AEAD_MODE_H__
 
-#include <botan/sym_algo.h>
+#include <botan/transform.h>
 
 namespace Botan {
 
@@ -19,33 +19,10 @@ namespace Botan {
 * which is not included in the ciphertext (for instance a sequence
 * number).
 */
-class AEAD_Mode : public SymmetricAlgorithm
+class AEAD_Mode : public Transformation
    {
    public:
       /**
-      * Returns the size of the output if this mode is used to process
-      * a message with input_length bytes. Typically this will be
-      * input_length plus or minus the length of the tag.
-      */
-      virtual size_t output_length(size_t input_length) const = 0;
-
-      /**
-      * @return size of required blocks to update
-      */
-      virtual size_t update_granularity() const = 0;
-
-      /**
-      * @return required minimium size to finalize() - may be any
-      *         length larger than this.
-      */
-      virtual size_t minimum_final_size() const = 0;
-
-      /**
-      * @return Random nonce appropriate for passing to start
-      */
-      //virtual secure_vector<byte> nonce(RandomNumberGenerator& rng) const = 0;
-
-      /**
       * Set associated data that is not included in the ciphertext but
       * that should be authenticated. Must be called after set_key
       * and before finish.
@@ -65,40 +42,11 @@ class AEAD_Mode : public SymmetricAlgorithm
          set_associated_data(&ad[0], ad.size());
          }
 
-      virtual bool valid_nonce_length(size_t) const = 0;
-
-      /**
-      * Begin processing a message.
-      *
-      * @param nonce the per message nonce
-      * @param nonce_len length of nonce
-      */
-      virtual secure_vector<byte> start(const byte nonce[], size_t nonce_len) = 0;
-
-      template<typename Alloc>
-      secure_vector<byte> start_vec(const std::vector<byte, Alloc>& nonce)
-         {
-         return start(&nonce[0], nonce.size());
-         }
-
-      /**
-      * Update (encrypt or decrypt) some data. Input must be in size
-      * update_granularity() byte blocks.
-      * @param blocks in/out paramter which will possibly be resized
-      */
-      virtual void update(secure_vector<byte>& blocks, size_t offset = 0) = 0;
-
       /**
-      * Complete processing of a message. For decryption, may throw an exception
-      * due to authentication failure.
-      *
-      * @param final_block in/out parameter which must be at least
-      *        minimum_final_size() bytes, and will be set to any final output
-      * @param offset an offset into final_block to begin processing
+      * Default AEAD nonce size (a commonly supported value among AEAD
+      * modes, and, large enough that random collisions are unlikely).
       */
-      virtual void finish(secure_vector<byte>& final_block, size_t offset = 0) = 0;
-
-      virtual ~AEAD_Mode() {}
+      size_t default_nonce_size() const override { return 12; }
    };
 
 /**
diff --git a/src/algo_base/transform.h b/src/algo_base/transform.h
new file mode 100644
index 000000000..672b39ed0
--- /dev/null
+++ b/src/algo_base/transform.h
@@ -0,0 +1,86 @@
+/*
+* Transformations of data
+* (C) 2013 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TRANSFORM_H__
+#define BOTAN_TRANSFORM_H__
+
+#include <botan/sym_algo.h>
+
+namespace Botan {
+
+/**
+* Interface for general transformations on data
+*/
+class Transformation : public SymmetricAlgorithm
+   {
+   public:
+      /**
+      * Begin processing a message.
+      * @param nonce the per message nonce
+      */
+      template<typename Alloc>
+      secure_vector<byte> start_vec(const std::vector<byte, Alloc>& nonce)
+         {
+         return start(&nonce[0], nonce.size());
+         }
+
+      /**
+      * Begin processing a message.
+      * @param nonce the per message nonce
+      * @param nonce_len length of nonce
+      */
+      virtual secure_vector<byte> start(const byte nonce[], size_t nonce_len) = 0;
+
+      /**
+      * Process some data. Input must be in size update_granularity() byte blocks.
+      * @param blocks in/out paramter which will possibly be resized
+      */
+      virtual void update(secure_vector<byte>& blocks, size_t offset = 0) = 0;
+
+      /**
+      * Complete processing of a message.
+      *
+      * @param final_block in/out parameter which must be at least
+      *        minimum_final_size() bytes, and will be set to any final output
+      * @param offset an offset into final_block to begin processing
+      */
+      virtual void finish(secure_vector<byte>& final_block, size_t offset = 0) = 0;
+
+      /**
+      * Returns the size of the output if this transform is used to process a
+      * message with input_length bytes. Will throw if unable to give a precise
+      * answer.
+      */
+      virtual size_t output_length(size_t input_length) const = 0;
+
+      /**
+      * @return size of required blocks to update
+      */
+      virtual size_t update_granularity() const = 0;
+
+      /**
+      * @return required minimium size to finalize() - may be any
+      *         length larger than this.
+      */
+      virtual size_t minimum_final_size() const = 0;
+
+      /**
+      * Return the default size for a nonce
+      */
+      virtual size_t default_nonce_size() const = 0;
+
+      /**
+      * Return true iff nonce_len is a valid length for the nonce
+      */
+      virtual bool valid_nonce_length(size_t nonce_len) const = 0;
+
+      virtual ~Transformation() {}
+   };
+
+}
+
+#endif