1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
/*
* Message Authentication Code base class
* (C) 1999-2008 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/mac.h>
#include <botan/exceptn.h>
#include <botan/scan_name.h>
#include <botan/mem_ops.h>
#if defined(BOTAN_HAS_CMAC)
#include <botan/cmac.h>
#endif
#if defined(BOTAN_HAS_GMAC)
#include <botan/gmac.h>
#include <botan/block_cipher.h>
#endif
#if defined(BOTAN_HAS_HMAC)
#include <botan/hmac.h>
#include <botan/hash.h>
#endif
#if defined(BOTAN_HAS_POLY1305)
#include <botan/poly1305.h>
#endif
#if defined(BOTAN_HAS_SIPHASH)
#include <botan/siphash.h>
#endif
#if defined(BOTAN_HAS_ANSI_X919_MAC)
#include <botan/x919_mac.h>
#endif
namespace Botan {
std::unique_ptr<MessageAuthenticationCode>
MessageAuthenticationCode::create(const std::string& algo_spec,
const std::string& provider)
{
const SCAN_Name req(algo_spec);
#if defined(BOTAN_HAS_GMAC)
if(req.algo_name() == "GMAC" && req.arg_count() == 1)
{
if(provider.empty() || provider == "base")
{
if(auto bc = BlockCipher::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new GMAC(bc.release()));
}
}
#endif
#if defined(BOTAN_HAS_HMAC)
if(req.algo_name() == "HMAC" && req.arg_count() == 1)
{
// TODO OpenSSL
if(provider.empty() || provider == "base")
{
if(auto h = HashFunction::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new HMAC(h.release()));
}
}
#endif
#if defined(BOTAN_HAS_POLY1305)
if(req.algo_name() == "Poly1305" && req.arg_count() == 0)
{
if(provider.empty() || provider == "base")
return std::unique_ptr<MessageAuthenticationCode>(new Poly1305);
}
#endif
#if defined(BOTAN_HAS_SIPHASH)
if(req.algo_name() == "SipHash")
{
if(provider.empty() || provider == "base")
{
return std::unique_ptr<MessageAuthenticationCode>(
new SipHash(req.arg_as_integer(0, 2), req.arg_as_integer(1, 4)));
}
}
#endif
#if defined(BOTAN_HAS_CMAC)
if((req.algo_name() == "CMAC" || req.algo_name() == "OMAC") && req.arg_count() == 1)
{
// TODO: OpenSSL CMAC
if(provider.empty() || provider == "base")
{
if(auto bc = BlockCipher::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new CMAC(bc.release()));
}
}
#endif
#if defined(BOTAN_HAS_ANSI_X919_MAC)
if(req.algo_name() == "X9.19-MAC")
{
if(provider.empty() || provider == "base")
{
return std::unique_ptr<MessageAuthenticationCode>(new ANSI_X919_MAC);
}
}
#endif
BOTAN_UNUSED(req);
BOTAN_UNUSED(provider);
return nullptr;
}
std::vector<std::string>
MessageAuthenticationCode::providers(const std::string& algo_spec)
{
return probe_providers_of<MessageAuthenticationCode>(algo_spec, {"base", "openssl"});
}
//static
std::unique_ptr<MessageAuthenticationCode>
MessageAuthenticationCode::create_or_throw(const std::string& algo,
const std::string& provider)
{
if(auto mac = MessageAuthenticationCode::create(algo, provider))
{
return mac;
}
throw Lookup_Error("MAC", algo, provider);
}
void MessageAuthenticationCode::start_msg(const uint8_t nonce[], size_t nonce_len)
{
BOTAN_UNUSED(nonce);
if(nonce_len > 0)
throw Invalid_IV_Length(name(), nonce_len);
}
/*
* Default (deterministic) MAC verification operation
*/
bool MessageAuthenticationCode::verify_mac(const uint8_t mac[], size_t length)
{
secure_vector<uint8_t> our_mac = final();
if(our_mac.size() != length)
return false;
return constant_time_compare(our_mac.data(), mac, length);
}
}
|