1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
/*
* Message Authentication Code base class
* (C) 1999-2008 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/mac.h>
#include <botan/scan_name.h>
#include <botan/mem_ops.h>
#if defined(BOTAN_HAS_CBC_MAC)
#include <botan/cbc_mac.h>
#endif
#if defined(BOTAN_HAS_CMAC)
#include <botan/cmac.h>
#endif
#if defined(BOTAN_HAS_GMAC)
#include <botan/gmac.h>
#endif
#if defined(BOTAN_HAS_HMAC)
#include <botan/hmac.h>
#endif
#if defined(BOTAN_HAS_POLY1305)
#include <botan/poly1305.h>
#endif
#if defined(BOTAN_HAS_SIPHASH)
#include <botan/siphash.h>
#endif
#if defined(BOTAN_HAS_ANSI_X919_MAC)
#include <botan/x919_mac.h>
#endif
namespace Botan {
std::unique_ptr<MessageAuthenticationCode>
MessageAuthenticationCode::create(const std::string& algo_spec,
const std::string& provider)
{
const SCAN_Name req(algo_spec);
#if defined(BOTAN_HAS_HMAC)
if(req.algo_name() == "HMAC" && req.arg_count() == 1)
{
// TODO OpenSSL
if(provider.empty() || provider == "base")
{
if(auto h = HashFunction::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new HMAC(h.release()));
}
}
#endif
#if defined(BOTAN_HAS_POLY1305)
if(req.algo_name() == "Poly1305" && req.arg_count() == 0)
{
if(provider.empty() || provider == "base")
return std::unique_ptr<MessageAuthenticationCode>(new Poly1305);
}
#endif
#if defined(BOTAN_HAS_SIPHASH)
if(req.algo_name() == "SipHash")
{
if(provider.empty() || provider == "base")
{
return std::unique_ptr<MessageAuthenticationCode>(
new SipHash(req.arg_as_integer(0, 2), req.arg_as_integer(1, 4)));
}
}
#endif
#if defined(BOTAN_HAS_CMAC)
if((req.algo_name() == "CMAC" || req.algo_name() == "OMAC") && req.arg_count() == 1)
{
// TODO: OpenSSL CMAC
if(provider.empty() || provider == "base")
{
if(auto bc = BlockCipher::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new CMAC(bc.release()));
}
}
#endif
#if defined(BOTAN_HAS_CBC_MAC)
if(req.algo_name() == "CBC-MAC" && req.arg_count() == 1)
{
if(provider.empty() || provider == "base")
{
if(auto bc = BlockCipher::create(req.arg(0)))
return std::unique_ptr<MessageAuthenticationCode>(new CBC_MAC(bc.release()));
}
}
#endif
#if defined(BOTAN_HAS_ANSI_X919_MAC)
if(req.algo_name() == "X9.19-MAC")
{
if(provider.empty() || provider == "base")
{
return std::unique_ptr<MessageAuthenticationCode>(new ANSI_X919_MAC);
}
}
#endif
return nullptr;
}
std::vector<std::string>
MessageAuthenticationCode::providers(const std::string& algo_spec)
{
return probe_providers_of<MessageAuthenticationCode>(algo_spec, {"base", "openssl"});
}
//static
std::unique_ptr<MessageAuthenticationCode>
MessageAuthenticationCode::create_or_throw(const std::string& algo,
const std::string& provider)
{
if(auto mac = MessageAuthenticationCode::create(algo, provider))
{
return mac;
}
throw Lookup_Error("MAC", algo, provider);
}
/*
* Default (deterministic) MAC verification operation
*/
bool MessageAuthenticationCode::verify_mac(const byte mac[], size_t length)
{
secure_vector<byte> our_mac = final();
if(our_mac.size() != length)
return false;
return same_mem(our_mac.data(), mac, length);
}
}
|