/* * GCM Mode * (C) 2013 Jack Lloyd * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_AEAD_GCM_H_ #define BOTAN_AEAD_GCM_H_ #include #include namespace Botan { class BlockCipher; class StreamCipher; class GHASH; /** * GCM Mode */ class BOTAN_PUBLIC_API(2,0) GCM_Mode : public AEAD_Mode { public: void set_associated_data(const uint8_t ad[], size_t ad_len) override; std::string name() const override; size_t update_granularity() const override; Key_Length_Specification key_spec() const override; bool valid_nonce_length(size_t len) const override; size_t tag_size() const override { return m_tag_size; } void clear() override; void reset() override; std::string provider() const override; protected: GCM_Mode(BlockCipher* cipher, size_t tag_size); ~GCM_Mode(); static const size_t GCM_BS = 16; const size_t m_tag_size; const std::string m_cipher_name; std::unique_ptr m_ctr; std::unique_ptr m_ghash; private: void start_msg(const uint8_t nonce[], size_t nonce_len) override; void key_schedule(const uint8_t key[], size_t length) override; secure_vector m_y0; }; /** * GCM Encryption */ class BOTAN_PUBLIC_API(2,0) GCM_Encryption final : public GCM_Mode { public: /** * @param cipher the 128 bit block cipher to use * @param tag_size is how big the auth tag will be */ GCM_Encryption(BlockCipher* cipher, size_t tag_size = 16) : GCM_Mode(cipher, tag_size) {} size_t output_length(size_t input_length) const override { return input_length + tag_size(); } size_t minimum_final_size() const override { return 0; } size_t process(uint8_t buf[], size_t size) override; void finish(secure_vector& final_block, size_t offset = 0) override; }; /** * GCM Decryption */ class BOTAN_PUBLIC_API(2,0) GCM_Decryption final : public GCM_Mode { public: /** * @param cipher the 128 bit block cipher to use * @param tag_size is how big the auth tag will be */ GCM_Decryption(BlockCipher* cipher, size_t tag_size = 16) : GCM_Mode(cipher, tag_size) {} size_t output_length(size_t input_length) const override { BOTAN_ASSERT(input_length >= tag_size(), "Sufficient input"); return input_length - tag_size(); } size_t minimum_final_size() const override { return tag_size(); } size_t process(uint8_t buf[], size_t size) override; void finish(secure_vector& final_block, size_t offset = 0) override; }; } #endif