Security Scol plugin
|
Interface for the data processing portion of stream ciphers. More...
#include <cryptlib.h>
Public Member Functions | |
StreamTransformation & | Ref () |
Provides a reference to this object. | |
virtual unsigned int | MandatoryBlockSize () const |
Provides the mandatory block size of the cipher. | |
virtual unsigned int | OptimalBlockSize () const |
Provides the input block size most efficient for this cipher. | |
virtual unsigned int | GetOptimalBlockSizeUsed () const |
Provides the number of bytes used in the current block when processing at optimal block size. | |
virtual unsigned int | OptimalDataAlignment () const |
Provides input and output data alignment for optimal performance. | |
virtual void | ProcessData (byte *outString, const byte *inString, size_t length)=0 |
Encrypt or decrypt an array of bytes. | |
virtual size_t | ProcessLastBlock (byte *outString, size_t outLength, const byte *inString, size_t inLength) |
Encrypt or decrypt the last block of data. | |
virtual unsigned int | MinLastBlockSize () const |
Provides the size of the last block. | |
virtual bool | IsLastBlockSpecial () const |
Determines if the last block receives special processing. | |
void | ProcessString (byte *inoutString, size_t length) |
Encrypt or decrypt a string of bytes. | |
void | ProcessString (byte *outString, const byte *inString, size_t length) |
Encrypt or decrypt a string of bytes. | |
byte | ProcessByte (byte input) |
Encrypt or decrypt a byte. | |
virtual bool | IsRandomAccess () const =0 |
Determines whether the cipher supports random access. | |
virtual void | Seek (lword pos) |
Seek to an absolute position. | |
virtual bool | IsSelfInverting () const =0 |
Determines whether the cipher is self-inverting. | |
virtual bool | IsForwardTransformation () const =0 |
Determines if the cipher is being operated in its forward direction. | |
Public Member Functions inherited from Algorithm | |
Algorithm (bool checkSelfTestStatus=true) | |
Interface for all crypto algorithms. | |
virtual std::string | AlgorithmName () const |
Provides the name of this algorithm. | |
virtual std::string | AlgorithmProvider () const |
Retrieve the provider of this algorithm. | |
Public Member Functions inherited from Clonable | |
virtual Clonable * | Clone () const |
Copies this object. | |
Interface for the data processing portion of stream ciphers.
Definition at line 945 of file cryptlib.h.
|
inlinevirtual |
Definition at line 948 of file cryptlib.h.
|
inlinevirtual |
Provides the number of bytes used in the current block when processing at optimal block size.
Definition at line 976 of file cryptlib.h.
|
pure virtual |
Determines if the cipher is being operated in its forward direction.
Implemented in Weak1::ARC4_Base, PublicBlumBlumShub, CCM_Final< T_BlockCipher, T_DefaultDigestSize, T_IsEncryption >, ChaCha20Poly1305_Final< T_IsEncryption >, XChaCha20Poly1305_Final< T_IsEncryption >, EAX_Final< T_BlockCipher, T_IsEncryption >, GCM_Final< T_BlockCipher, T_TablesOption, T_IsEncryption >, BlockOrientedCipherModeBase, and AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >.
|
inlinevirtual |
Determines if the last block receives special processing.
Some authenticated encryption modes are not expressed well with MandatoryBlockSize() and MinLastBlockSize(). For example, AES/OCB uses 16-byte blocks (MandatoryBlockSize = 16) and the last block requires special processing (MinLastBlockSize = 0). However, 0 is a valid last block size for OCB and the special processing is custom padding, and not standard PKCS padding. In response an unambiguous IsLastBlockSpecial() was added.
When IsLastBlockSpecial() returns false nothing special happens. All the former rules and behaviors apply. This is the default behavior of IsLastBlockSpecial().
When IsLastBlockSpecial() returns true four things happen. First, MinLastBlockSize = 0 means 0 is a valid block size that should be processed. Second, standard block cipher padding is not applied. Third, the caller supplies an outString is larger than inString by 2*MandatoryBlockSize()
. That is, there's a reserve available when processing the last block. Fourth, the cipher is responsible for finalization like custom padding. The cipher will tell the library how many bytes were processed or used by returning the appropriate value from ProcessLastBlock().
The return value of ProcessLastBlock() indicates how many bytes were written to outString
. A filter pipelining data will send outString
and up to outLength
to an AttachedTransformation()
for additional processing. Below is an example of the code used in StreamTransformationFilter::LastPut
.
if (m_cipher.IsLastBlockSpecial()) { size_t reserve = 2*m_cipher.MandatoryBlockSize(); space = HelpCreatePutSpace(*AttachedTransformation(), DEFAULT_CHANNEL, length+reserve); length = m_cipher.ProcessLastBlock(space, length+reserve, inString, length); AttachedTransformation()->Put(space, length); return; }
Definition at line 1054 of file cryptlib.h.
|
pure virtual |
Determines whether the cipher supports random access.
Implemented in Weak1::ARC4_Base, AuthenticatedSymmetricCipherBase, BlumBlumShub, BlockOrientedCipherModeBase, AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >, and CFB_CipherTemplate< AbstractPolicyHolder< CFB_CipherAbstractPolicy, SymmetricCipher > >.
|
pure virtual |
Determines whether the cipher is self-inverting.
IsSelfInverting determines whether this transformation is self-inverting (e.g. xor with a keystream).
Implemented in Weak1::ARC4_Base, AuthenticatedSymmetricCipherBase, PublicBlumBlumShub, BlockOrientedCipherModeBase, AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >, and CFB_CipherTemplate< AbstractPolicyHolder< CFB_CipherAbstractPolicy, SymmetricCipher > >.
|
inlinevirtual |
Provides the mandatory block size of the cipher.
Stream ciphers and some block ciphers modes of operation return 1. Modes that return 1 must be able to process a single byte at a time, like counter mode. If a mode of operation or block cipher cannot stream then it must not return 1.
When filters operate the mode or cipher, ProcessData will be called with a string of bytes that is determined by MandatoryBlockSize and OptimalBlockSize. When a policy is set, like 16-byte strings for a 16-byte block cipher, the filter will buffer bytes until the specified number of bytes is available to the object.
Reimplemented in BlockOrientedCipherModeBase.
Definition at line 965 of file cryptlib.h.
|
inlinevirtual |
Provides the size of the last block.
MinLastBlockSize() returns the minimum size of the last block. 0 indicates the last block is not special.
MandatoryBlockSize() enlists one of two behaviors. First, if MandatoryBlockSize() returns 1, then the cipher can be streamed and ProcessData() is called with the tail bytes. Second, if MandatoryBlockSize() returns non-0, then the string of bytes is padded to MandatoryBlockSize() according to the padding mode. Then, ProcessData() is called with the padded string of bytes.
Some authenticated encryption modes are not expressed well with MandatoryBlockSize() and MinLastBlockSize(). For example, AES/OCB uses 16-byte blocks (MandatoryBlockSize = 16) and the last block requires special processing (MinLastBlockSize = 0). However, 0 is a valid last block size for OCB and the special processing is custom padding, and not standard PKCS padding. In response an unambiguous IsLastBlockSpecial() was added.
Reimplemented in CBC_ModeBase, CBC_CTS_Encryption, CBC_CTS_Decryption, and XTS_ModeBase.
Definition at line 1021 of file cryptlib.h.
|
inlinevirtual |
Provides the input block size most efficient for this cipher.
The base class implementation returns MandatoryBlockSize().
n * OptimalBlockSize() - GetOptimalBlockSizeUsed()
for any n > 0
. Reimplemented in ECB_OneWay, AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >, and CFB_CipherTemplate< AbstractPolicyHolder< CFB_CipherAbstractPolicy, SymmetricCipher > >.
Definition at line 972 of file cryptlib.h.
|
virtual |
Provides input and output data alignment for optimal performance.
Reimplemented in CCM_Base, ChaCha20Poly1305_Base, XChaCha20Poly1305_Base, EAX_Base, GCM_Base, CipherModeBase, AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >, CFB_CipherTemplate< AbstractPolicyHolder< CFB_CipherAbstractPolicy, SymmetricCipher > >, and XTS_ModeBase.
Definition at line 195 of file cryptlib.cpp.
Encrypt or decrypt a byte.
input | the input byte to process |
Internally, the base class implementation calls ProcessData() with a size of 1.
Definition at line 1074 of file cryptlib.h.
|
pure virtual |
Encrypt or decrypt an array of bytes.
outString | the output byte buffer |
inString | the input byte buffer |
length | the size of the input and output byte buffers, in bytes |
ProcessData is called with a string of bytes whose size depends on MandatoryBlockSize. Either inString == outString
, or they must not overlap.
Implemented in Weak1::ARC4_Base, AuthenticatedSymmetricCipherBase, PublicBlumBlumShub, ECB_OneWay, CBC_Encryption, CBC_Decryption, AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >, CFB_CipherTemplate< AbstractPolicyHolder< CFB_CipherAbstractPolicy, SymmetricCipher > >, and XTS_ModeBase.
|
virtual |
Encrypt or decrypt the last block of data.
outString | the output byte buffer |
outLength | the size of the output byte buffer, in bytes |
inString | the input byte buffer |
inLength | the size of the input byte buffer, in bytes |
ProcessLastBlock is used when the last block of data is special and requires handling by the cipher. The current implementation provides an output buffer with a size inLength+2*MandatoryBlockSize()
. The return value allows the cipher to expand cipher text during encryption or shrink plain text during decryption.
This member function is used by CBC-CTS and OCB modes.
Reimplemented in CBC_CTS_Encryption, CBC_CTS_Decryption, and XTS_ModeBase.
Definition at line 217 of file cryptlib.cpp.
|
inline |
Encrypt or decrypt a string of bytes.
inoutString | the string to process |
length | the size of the inoutString, in bytes |
Internally, the base class implementation calls ProcessData().
Definition at line 1060 of file cryptlib.h.
|
inline |
Encrypt or decrypt a string of bytes.
outString | the output string to process |
inString | the input string to process |
length | the size of the input and output strings, in bytes |
Internally, the base class implementation calls ProcessData().
Definition at line 1068 of file cryptlib.h.
|
inline |
Provides a reference to this object.
Useful for passing a temporary object to a function that takes a non-const reference
Definition at line 953 of file cryptlib.h.
|
inlinevirtual |
Seek to an absolute position.
pos | position to seek |
NotImplemented |
The base class implementation throws NotImplemented. The function asserts IsRandomAccess() in debug builds.
Reimplemented in BlumBlumShub, and AdditiveCipherTemplate< AbstractPolicyHolder< AdditiveCipherAbstractPolicy, CTR_ModePolicy > >.
Definition at line 1086 of file cryptlib.h.