MessageAuthenticationCode Class Reference

Interface for message authentication codes. More...

Inheritance diagram for MessageAuthenticationCode:
SimpleKeyingInterface HashTransformation Algorithm Clonable AuthenticatedSymmetricCipher CBC_MAC_Base CMAC_Base DMAC_Base< T > HMAC_Base IteratedHashBase< word32, MessageAuthenticationCode > IteratedHashBase< word64, MessageAuthenticationCode > AuthenticatedSymmetricCipherBase SimpleKeyingInterfaceImpl< CBC_MAC_Base, CBC_MAC< T > > SimpleKeyingInterfaceImpl< CMAC_Base, CMAC< T > > SimpleKeyingInterfaceImpl< DMAC_Base< T >, DMAC_Base< T > > SimpleKeyingInterfaceImpl< HMAC_Base, HMAC< T > > IteratedHash< word32, LittleEndian, 64, MessageAuthenticationCode > VMAC_Base CCM_Base EAX_Base GCM_Base AlgorithmImpl< SimpleKeyingInterfaceImpl< CBC_MAC_Base, CBC_MAC< T > >, CBC_MAC< T > > AlgorithmImpl< SimpleKeyingInterfaceImpl< CMAC_Base, CMAC< T > >, CMAC< T > > AlgorithmImpl< SimpleKeyingInterfaceImpl< DMAC_Base< T >, DMAC_Base< T > >, DMAC_Base< T > > AlgorithmImpl< SimpleKeyingInterfaceImpl< HMAC_Base, HMAC< T > >, HMAC< T > > TTMAC_Base SimpleKeyingInterfaceImpl< VMAC_Base, SameKeyLengthAs< T_BlockCipher, SimpleKeyingInterface::UNIQUE_IV, T_BlockCipher::BLOCKSIZE > >

List of all members.

Public Types

enum  IV_Requirement {
  UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV,
  NOT_RESYNCHRONIZABLE
}
 

Provides IV requirements as an enumerated value.

More...

Public Member Functions

virtual size_t MinKeyLength () const =0
 Returns smallest valid key length in bytes.
virtual size_t MaxKeyLength () const =0
 Returns largest valid key length in bytes.
virtual size_t DefaultKeyLength () const =0
 Returns default (recommended) key length in bytes.
virtual size_t GetValidKeyLength (size_t n) const =0
virtual bool IsValidKeyLength (size_t keylength) const
 Returns whether keylength is a valid key length.
virtual void SetKey (const byte *key, size_t length, const NameValuePairs &params=g_nullNameValuePairs)
 Sets or reset the key of this object.
void SetKeyWithRounds (const byte *key, size_t length, int rounds)
 Sets or reset the key of this object.
void SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength)
 Sets or reset the key of this object.
void SetKeyWithIV (const byte *key, size_t length, const byte *iv)
 Sets or reset the key of this object.
virtual IV_Requirement IVRequirement () const =0
 returns the minimal requirement for secure IVs
bool IsResynchronizable () const
 returns whether the object can be resynchronized (i.e. supports initialization vectors)
bool CanUseRandomIVs () const
 returns whether the object can use random IVs (in addition to ones returned by GetNextIV)
bool CanUsePredictableIVs () const
 returns whether the object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
bool CanUseStructuredIVs () const
 returns whether the object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
virtual unsigned int IVSize () const
 Returns length of the IV accepted by this object.
unsigned int DefaultIVLength () const
 returns default length of IVs accepted by this object
virtual unsigned int MinIVLength () const
 returns minimal length of IVs accepted by this object
virtual unsigned int MaxIVLength () const
 returns maximal length of IVs accepted by this object
virtual void Resynchronize (const byte *iv, int ivLength=-1)
 resynchronize with an IV. ivLength=-1 means use IVSize()
virtual void GetNextIV (RandomNumberGenerator &rng, byte *iv)
 Gets a secure IV for the next message.
HashTransformationRef ()
 Provides a reference to this object.
virtual void Update (const byte *input, size_t length)=0
 Updates a hash with additional input.
virtual byte * CreateUpdateSpace (size_t &size)
 Request space which can be written into by the caller.
virtual void Final (byte *digest)
 Computes the hash of the current message.
virtual void Restart ()
 Restart the hash.
virtual unsigned int DigestSize () const =0
 Provides the digest size of the hash.
unsigned int TagSize () const
 Provides the tag size of the hash.
virtual unsigned int BlockSize () const
 Provides the block size of the compression function.
virtual unsigned int OptimalBlockSize () const
 Provides the input block size most efficient for this hash.
virtual unsigned int OptimalDataAlignment () const
 Provides input and output data alignment for optimal performance.
virtual void CalculateDigest (byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message.
virtual bool Verify (const byte *digest)
 Verifies the hash of the current message.
virtual bool VerifyDigest (const byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message.
virtual void TruncatedFinal (byte *digest, size_t digestSize)=0
 Computes the hash of the current message.
virtual void CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message.
virtual bool TruncatedVerify (const byte *digest, size_t digestLength)
 Verifies the hash of the current message.
virtual bool VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message.
virtual std::string AlgorithmName () const
 Provides the name of this algorithm.
virtual ClonableClone () const
 Copies this object.

Detailed Description

Interface for message authentication codes.

Definition at line 1027 of file cryptlib.h.


Member Enumeration Documentation

Provides IV requirements as an enumerated value.

Enumerator:
UNIQUE_IV 

The IV must be unique.

RANDOM_IV 

The IV must be random.

UNPREDICTABLE_RANDOM_IV 

The IV must be unpredictable.

INTERNALLY_GENERATED_IV 

The IV is set by the object.

NOT_RESYNCHRONIZABLE 

The object does not use an IV.

Definition at line 555 of file cryptlib.h.


Member Function Documentation

virtual size_t SimpleKeyingInterface::GetValidKeyLength ( size_t  n  )  const [pure virtual, inherited]
virtual bool SimpleKeyingInterface::IsValidKeyLength ( size_t  keylength  )  const [inline, virtual, inherited]

Returns whether keylength is a valid key length.

Internally the function calls GetValidKeyLength()

Reimplemented in CCM_Base, EAX_Base, GCM_Base, and CipherModeBase.

Definition at line 515 of file cryptlib.h.

void SimpleKeyingInterface::SetKey ( const byte *  key,
size_t  length,
const NameValuePairs params = g_nullNameValuePairs 
) [virtual, inherited]

Sets or reset the key of this object.

Parameters:
key the key to use when keying the object
length the size of the key, in bytes
params additional initialization parameters that cannot be passed directly through the constructor

Reimplemented in AuthenticatedSymmetricCipherBase, and ECB_OneWay.

Definition at line 100 of file cryptlib.cpp.

Referenced by HKDF< T >::DeriveKey(), SimpleKeyingInterface::SetKeyWithIV(), SimpleKeyingInterface::SetKeyWithRounds(), VMAC_Base::UncheckedSetKey(), and CMAC_Base::UncheckedSetKey().

void SimpleKeyingInterface::SetKeyWithRounds ( const byte *  key,
size_t  length,
int  rounds 
) [inherited]

Sets or reset the key of this object.

Parameters:
key the key to use when keying the object
length the size of the key, in bytes
rounds the number of rounds to apply the transformation function, if applicable

SetKeyWithRounds calls SetKey with an NameValuePairs object that just specifies rounds. rounds is an integer parameter, and -1 means use the default number of rounds.

Definition at line 106 of file cryptlib.cpp.

References MakeParameters(), Rounds(), and SimpleKeyingInterface::SetKey().

void SimpleKeyingInterface::SetKeyWithIV ( const byte *  key,
size_t  length,
const byte *  iv,
size_t  ivLength 
) [inherited]

Sets or reset the key of this object.

Parameters:
key the key to use when keying the object
length the size of the key, in bytes
iv the intiialization vector to use when keying the object
ivLength the size of the iv, in bytes

SetKeyWithIV calls SetKey with an NameValuePairs object that just specifies iv. iv is a byte buffer with size ivLength.

Definition at line 111 of file cryptlib.cpp.

References IV(), MakeParameters(), and SimpleKeyingInterface::SetKey().

void SimpleKeyingInterface::SetKeyWithIV ( const byte *  key,
size_t  length,
const byte *  iv 
) [inline, inherited]

Sets or reset the key of this object.

Parameters:
key the key to use when keying the object
length the size of the key, in bytes
iv the intiialization vector to use when keying the object

SetKeyWithIV calls SetKey with an NameValuePairs object that just specifies iv. iv is a byte buffer, and it must have a size IVSize.

Definition at line 551 of file cryptlib.h.

References SimpleKeyingInterface::SetKeyWithIV().

Referenced by SimpleKeyingInterface::SetKeyWithIV().

bool SimpleKeyingInterface::IsResynchronizable (  )  const [inline, inherited]

returns whether the object can be resynchronized (i.e. supports initialization vectors)

If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.

Definition at line 573 of file cryptlib.h.

Referenced by BlockOrientedCipherModeBase::UncheckedSetKey().

virtual unsigned int SimpleKeyingInterface::IVSize (  )  const [inline, virtual, inherited]
void SimpleKeyingInterface::GetNextIV ( RandomNumberGenerator rng,
byte *  iv 
) [virtual, inherited]

Gets a secure IV for the next message.

Parameters:
rng a RandomNumberGenerator to produce keying material
iv a block of bytes to receive the IV

This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again.

key must be at least IVSize() in length.

Note:
This method is not implemented on decryption objects.

Reimplemented in VMAC_Base.

Definition at line 176 of file cryptlib.cpp.

References RandomNumberGenerator::GenerateBlock(), and SimpleKeyingInterface::IVSize().

HashTransformation& HashTransformation::Ref (  )  [inline, inherited]

Provides a reference to this object.

Returns:
A reference to this object

Useful for passing a temporary object to a function that takes a non-const reference

Definition at line 864 of file cryptlib.h.

virtual void HashTransformation::Update ( const byte *  input,
size_t  length 
) [pure virtual, inherited]
virtual byte* HashTransformation::CreateUpdateSpace ( size_t &  size  )  [inline, virtual, inherited]

Request space which can be written into by the caller.

Parameters:
size the requested size of the buffer

The purpose of this method is to help avoid extra memory allocations.

size is an IN and OUT parameter and used as a hint. When the call is made, size is the requested size of the buffer. When the call returns, size is the size of the array returned to the caller.

The base class implementation sets size to 0 and returns NULL.

Note:
Some objects, like ArraySink, cannot create a space because its fixed. In the case of

Definition at line 879 of file cryptlib.h.

virtual void HashTransformation::Final ( byte *  digest  )  [inline, virtual, inherited]

Computes the hash of the current message.

Parameters:
digest a pointer to the buffer to receive the hash

digest must be equal to (or greater than) DigestSize(). Final() restarts the hash for a new message.

Definition at line 885 of file cryptlib.h.

References DigestSize().

Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey(), RandomPool::IncorporateEntropy(), and HMAC_Base::TruncatedFinal().

virtual void HashTransformation::Restart (  )  [inline, virtual, inherited]

Restart the hash.

Discards the current state, and restart for a new message

Reimplemented in AuthenticatedSymmetricCipherBase, HMAC_Base, SHA3, and TruncatedHashTemplate< T >.

Definition at line 890 of file cryptlib.h.

Referenced by HMAC_Base::Restart().

virtual unsigned int HashTransformation::DigestSize (  )  const [pure virtual, inherited]

Provides the digest size of the hash.

Returns:
the digest size of the hash.

Calls to Final() require a buffer that is equal to (or greater than) DigestSize().

Implemented in Adler32, CBC_MAC_Base, CCM_Base, CMAC_Base, CRC32, PK_MessageAccumulator, DMAC_Base< T >, EAX_Base, GCM_Base, HMAC_Base, IteratedHashWithStaticTransform< T_HashWordType, T_Endianness, T_BlockSize, T_StateSize, T_Transform, T_DigestSize, T_StateAligned >, Weak::MD2, Weak::PanamaHash< B >, SHA3, NullHash, TruncatedHashTemplate< T >, TTMAC_Base, VMAC_Base, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 32, RIPEMD256 >, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 16, MD5 >, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 16, MD4 >, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 40, RIPEMD320 >, IteratedHashWithStaticTransform< word32, BigEndian, 64, 20, SHA1 >, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 16, RIPEMD128 >, IteratedHashWithStaticTransform< word32, BigEndian, 64, 32, SHA224, 28, true >, IteratedHashWithStaticTransform< word32, BigEndian, 64, 32, SHA256, 32, true >, IteratedHashWithStaticTransform< word32, LittleEndian, 64, 20, RIPEMD160 >, IteratedHashWithStaticTransform< word64, LittleEndian, 64, 24, Tiger >, IteratedHashWithStaticTransform< word64, BigEndian, 128, 64, SHA384, 48,(0|0)>, IteratedHashWithStaticTransform< word64, BigEndian, 64, 64, Whirlpool >, and IteratedHashWithStaticTransform< word64, BigEndian, 128, 64, SHA512, 64,(0|0)>.

Referenced by TF_VerifierBase::InputSignature(), HashFilter::IsolatedInitialize(), TF_VerifierBase::RecoverAndRestart(), TF_SignerBase::SignAndRestart(), HMAC_Base::TruncatedFinal(), HMAC_Base::UncheckedSetKey(), and TF_VerifierBase::VerifyAndRestart().

unsigned int HashTransformation::TagSize (  )  const [inline, inherited]

Provides the tag size of the hash.

Returns:
the tag size of the hash.

Same as DigestSize().

Definition at line 901 of file cryptlib.h.

References DigestSize().

virtual unsigned int HashTransformation::BlockSize (  )  const [inline, virtual, inherited]

Provides the block size of the compression function.

Returns:
the block size of the compression function, in bytes

BlockSize() will return 0 if the hash is not block based. For example, SHA3 is a recursive hash (not an iterative hash), and it does not have a block size.

Reimplemented in Weak::MD2, and VMAC_Base.

Definition at line 907 of file cryptlib.h.

Referenced by HMAC_Base::TruncatedFinal(), CBC_MAC_Base::TruncatedFinal(), and HMAC_Base::UncheckedSetKey().

virtual unsigned int HashTransformation::OptimalBlockSize (  )  const [inline, virtual, inherited]

Provides the input block size most efficient for this hash.

Returns:
The input block size that is most efficient for the cipher

The base class implemnetation returns MandatoryBlockSize().

Note:
Optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0.

Reimplemented in CMAC_Base, and HMAC_Base.

Definition at line 914 of file cryptlib.h.

unsigned int HashTransformation::OptimalDataAlignment (  )  const [virtual, inherited]

Provides input and output data alignment for optimal performance.

Returns:
the input data alignment that provides optimal performance

Reimplemented in CCM_Base, CMAC_Base, EAX_Base, GCM_Base, SHA3, and VMAC_Base.

Definition at line 242 of file cryptlib.cpp.

virtual void HashTransformation::CalculateDigest ( byte *  digest,
const byte *  input,
size_t  length 
) [inline, virtual, inherited]

Updates the hash with additional input and computes the hash of the current message.

Parameters:
digest a pointer to the buffer to receive the hash
input the additional input as a buffer
length the size of the buffer, in bytes

Use this if your input is in one piece and you don't want to call Update() and Final() separately

CalculateDigest() restarts the hash for the next nmessage.

Definition at line 927 of file cryptlib.h.

Referenced by PKCS5_PBKDF2_HMAC< T >::DeriveKey(), and HKDF< T >::DeriveKey().

virtual bool HashTransformation::Verify ( const byte *  digest  )  [inline, virtual, inherited]

Verifies the hash of the current message.

Parameters:
digest a pointer to the buffer of an existing hash
Returns:
true if the existing hash matches the computed hash, false otherwise
Exceptions:
ThrowIfInvalidTruncatedSize() if the existing hash's size exceeds DigestSize()

Calls to Verify() require a buffer that is equal to (or greater than) DigestSize().

Verify() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

Verify() restarts the hash for the next nmessage.

Definition at line 938 of file cryptlib.h.

References DigestSize().

virtual bool HashTransformation::VerifyDigest ( const byte *  digest,
const byte *  input,
size_t  length 
) [inline, virtual, inherited]

Updates the hash with additional input and verifies the hash of the current message.

Parameters:
digest a pointer to the buffer of an existing hash
input the additional input as a buffer
length the size of the buffer, in bytes
Returns:
true if the existing hash matches the computed hash, false otherwise
Exceptions:
ThrowIfInvalidTruncatedSize() if the existing hash's size exceeds DigestSize()

Use this if your input is in one piece and you don't want to call Update() and Verify() separately

VerifyDigest() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

VerifyDigest() restarts the hash for the next nmessage.

Definition at line 952 of file cryptlib.h.

virtual void HashTransformation::TruncatedFinal ( byte *  digest,
size_t  digestSize 
) [pure virtual, inherited]

Computes the hash of the current message.

Parameters:
digest a pointer to the buffer to receive the hash
digestSize the size of the truncated digest, in bytes

TruncatedFinal() call Final() and then copies digestSize bytes to digest

TruncatedFinal() restarts the hash for the next nmessage.

Implemented in Adler32, AuthenticatedSymmetricCipherBase, CBC_MAC_Base, CMAC_Base, CRC32, PK_MessageAccumulator, DMAC_Base< T >, HMAC_Base, Weak::MD2, Weak::PanamaHash< B >, SHA3, Tiger, NullHash, TruncatedHashTemplate< T >, TTMAC_Base, VMAC_Base, and Whirlpool.

Referenced by AuthenticatedSymmetricCipher::EncryptAndAuthenticate(), HashFilter::Put2(), HMAC_Base::TruncatedFinal(), and HashTransformation::TruncatedVerify().

virtual void HashTransformation::CalculateTruncatedDigest ( byte *  digest,
size_t  digestSize,
const byte *  input,
size_t  length 
) [inline, virtual, inherited]

Updates the hash with additional input and computes the hash of the current message.

Parameters:
digest a pointer to the buffer to receive the hash
digestSize the length of the truncated hash, in bytes
input the additional input as a buffer
length the size of the buffer, in bytes

Use this if your input is in one piece and you don't want to call Update() and CalculateDigest() separately.

CalculateTruncatedDigest() restarts the hash for the next nmessage.

Definition at line 970 of file cryptlib.h.

bool HashTransformation::TruncatedVerify ( const byte *  digest,
size_t  digestLength 
) [virtual, inherited]

Verifies the hash of the current message.

Parameters:
digest a pointer to the buffer of an existing hash
digestLength the size of the truncated hash, in bytes
Returns:
true if the existing hash matches the computed hash, false otherwise
Exceptions:
ThrowIfInvalidTruncatedSize() if digestLength exceeds DigestSize()

TruncatedVerify() is a truncated version of Verify(). It can operate on a buffer smaller than DigestSize(). However, digestLength cannot exceed DigestSize().

Verify() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

TruncatedVerify() restarts the hash for the next nmessage.

Reimplemented in NullHash, and TruncatedHashTemplate< T >.

Definition at line 411 of file cryptlib.cpp.

References HashTransformation::TruncatedFinal().

Referenced by AuthenticatedSymmetricCipher::DecryptAndVerify().

virtual bool HashTransformation::VerifyTruncatedDigest ( const byte *  digest,
size_t  digestLength,
const byte *  input,
size_t  length 
) [inline, virtual, inherited]

Updates the hash with additional input and verifies the hash of the current message.

Parameters:
digest a pointer to the buffer of an existing hash
digestLength the size of the truncated hash, in bytes
input the additional input as a buffer
length the size of the buffer, in bytes
Returns:
true if the existing hash matches the computed hash, false otherwise
Exceptions:
ThrowIfInvalidTruncatedSize() if digestLength exceeds DigestSize()

Use this if your input is in one piece and you don't want to call Update() and TruncatedVerify() separately.

VerifyTruncatedDigest() is a truncated version of VerifyDigest(). It can operate on a buffer smaller than DigestSize(). However, digestLength cannot exceed DigestSize().

VerifyTruncatedDigest() restarts the hash for the next nmessage.

Definition at line 997 of file cryptlib.h.

virtual std::string Algorithm::AlgorithmName (  )  const [inline, virtual, inherited]

Provides the name of this algorithm.

Returns:
the standard algorithm name

The standard algorithm name can be a name like AES or AES/GCM. Some algorithms do not have standard names yet. For example, there is no standard algorithm name for Shoup's ECIES.

Note:
AlgorithmName is not universally implemented yet

Reimplemented in Adler32, CCM_Base, CRC32, ClassNullRNG, AuthenticatedSymmetricCipher, DH_Domain< GROUP_PARAMETERS, COFACTOR_OPTION >, EAX_Base, StreamTransformationFilter, HashFilter, HashVerificationFilter, AuthenticatedDecryptionFilter, SignerFilter, SignatureVerificationFilter, GCM_Base, HMAC< T >, RDRAND, RDSEED, SHA3, BitBucket, and VMAC_Base.

Definition at line 488 of file cryptlib.h.

Referenced by BufferedTransformation::ChannelCreatePutSpace(), BufferedTransformation::ChannelFlush(), BufferedTransformation::ChannelMessageSeriesEnd(), BufferedTransformation::ChannelPut2(), TF_DecryptorBase::Decrypt(), TF_EncryptorBase::Encrypt(), StreamTransformation::ProcessLastBlock(), and PK_DefaultDecryptionFilter::Put2().

virtual Clonable* Clonable::Clone (  )  const [inline, virtual, inherited]

Copies this object.

Returns:
a copy of this object
Exceptions:
NotImplemented 
Note:
this is not implemented by most classes
See also:
NotCopyable

Definition at line 464 of file cryptlib.h.


The documentation for this class was generated from the following file:

Generated on 24 Mar 2016 for Crypto++ by  doxygen 1.6.1