/* * EAX Mode * (C) 1999-2007,2013 Jack Lloyd * * Distributed under the terms of the Botan license */ #ifndef BOTAN_AEAD_EAX_H__ #define BOTAN_AEAD_EAX_H__ #include #include #include #include namespace Botan { /** * EAX base class */ class BOTAN_DLL EAX_Mode : public AEAD_Mode { public: secure_vector start(const byte nonce[], size_t nonce_len) override; void set_associated_data(const byte ad[], size_t ad_len) override; std::string name() const override; size_t update_granularity() const override; Key_Length_Specification key_spec() const override; // EAX supports arbitrary nonce lengths bool valid_nonce_length(size_t) const override { return true; } size_t tag_size() const override { return m_tag_size; } void clear() override; protected: void key_schedule(const byte key[], size_t length) override; /** * @param cipher the cipher to use * @param tag_size is how big the auth tag will be */ EAX_Mode(BlockCipher* cipher, size_t tag_size); size_t block_size() const { return m_cipher->block_size(); } size_t m_tag_size; std::unique_ptr m_cipher; std::unique_ptr m_ctr; std::unique_ptr m_cmac; secure_vector m_ad_mac; secure_vector m_nonce_mac; }; /** * EAX Encryption */ class BOTAN_DLL EAX_Encryption : public EAX_Mode { public: /** * @param cipher a 128-bit block cipher * @param tag_size is how big the auth tag will be */ EAX_Encryption(BlockCipher* cipher, size_t tag_size = 0) : EAX_Mode(cipher, tag_size) {} size_t output_length(size_t input_length) const override { return input_length + tag_size(); } size_t minimum_final_size() const override { return 0; } void update(secure_vector& blocks, size_t offset = 0) override; void finish(secure_vector& final_block, size_t offset = 0) override; }; /** * EAX Decryption */ class BOTAN_DLL EAX_Decryption : public EAX_Mode { public: /** * @param cipher a 128-bit block cipher * @param tag_size is how big the auth tag will be */ EAX_Decryption(BlockCipher* cipher, size_t tag_size = 0) : EAX_Mode(cipher, tag_size) {} size_t output_length(size_t input_length) const override { BOTAN_ASSERT(input_length > tag_size(), "Sufficient input"); return input_length - tag_size(); } size_t minimum_final_size() const override { return tag_size(); } void update(secure_vector& blocks, size_t offset = 0) override; void finish(secure_vector& final_block, size_t offset = 0) override; }; } #endif