Crypto++  5.6.3
Free C++ class library of cryptographic schemes
Public Types | Public Member Functions | Static Public Member Functions | List of all members
VMAC< T_BlockCipher, T_DigestBitSize > Class Template Reference

The VMAC message authentication code. More...

+ Inheritance diagram for VMAC< T_BlockCipher, T_DigestBitSize >:

Public Types

typedef word64 HashWordType
 
enum  IV_Requirement {
  UNIQUE_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV,
  NOT_RESYNCHRONIZABLE
}
 Provides IV requirements as an enumerated value. More...
 

Public Member Functions

size_t MinKeyLength () const
 The minimum key length used by the cipher.
 
size_t MaxKeyLength () const
 The maximum key length used by the cipher.
 
size_t DefaultKeyLength () const
 The default key length used by the cipher.
 
size_t GetValidKeyLength (size_t keylength) const
 Provides a valid key length for the cipher. More...
 
SimpleKeyingInterface::IV_Requirement IVRequirement () const
 The default IV requirements for the cipher. More...
 
unsigned int IVSize () const
 The default initialization vector length for the cipher. More...
 
std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
unsigned int MinIVLength () const
 returns minimal length of IVs accepted by this object
 
void Resynchronize (const byte *nonce, int length=-1)
 resynchronize with an IV. ivLength=-1 means use IVSize()
 
void GetNextIV (RandomNumberGenerator &rng, byte *IV)
 Gets a secure IV for the next message. More...
 
unsigned int DigestSize () const
 Provides the digest size of the hash. More...
 
void UncheckedSetKey (const byte *userKey, unsigned int keylength, const NameValuePairs &params)
 Sets the key for this object without performing parameter validation. More...
 
void TruncatedFinal (byte *mac, size_t size)
 Computes the hash of the current message. More...
 
unsigned int BlockSize () const
 Provides the block size of the compression function. More...
 
ByteOrder GetByteOrder () const
 
unsigned int OptimalDataAlignment () const
 Provides input and output data alignment for optimal performance. More...
 
unsigned int OptimalBlockSize () const
 
void Update (const byte *input, size_t length)
 
byte * CreateUpdateSpace (size_t &size)
 
void Restart ()
 
virtual bool IsValidKeyLength (size_t keylength) const
 Returns whether keylength is a valid key length. More...
 
virtual void SetKey (const byte *key, size_t length, const NameValuePairs &params=g_nullNameValuePairs)
 Sets or reset the key of this object. More...
 
void SetKeyWithRounds (const byte *key, size_t length, int rounds)
 Sets or reset the key of this object. More...
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength)
 Sets or reset the key of this object. More...
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv)
 Sets or reset the key of this object. More...
 
bool IsResynchronizable () const
 returns whether the object can be resynchronized (i.e. supports initialization vectors) More...
 
bool CanUseRandomIVs () const
 returns whether the object can use random IVs (in addition to ones returned by GetNextIV)
 
bool CanUsePredictableIVs () const
 returns whether the object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
 
bool CanUseStructuredIVs () const
 returns whether the object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
 
unsigned int DefaultIVLength () const
 returns default length of IVs accepted by this object
 
virtual unsigned int MaxIVLength () const
 returns maximal length of IVs accepted by this object
 
HashTransformationRef ()
 Provides a reference to this object. More...
 
virtual void Final (byte *digest)
 Computes the hash of the current message. More...
 
unsigned int TagSize () const
 Provides the tag size of the hash. More...
 
virtual void CalculateDigest (byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message. More...
 
virtual bool Verify (const byte *digest)
 Verifies the hash of the current message. More...
 
virtual bool VerifyDigest (const byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message. More...
 
virtual void CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message. More...
 
virtual bool TruncatedVerify (const byte *digest, size_t digestLength)
 Verifies the hash of the current message. More...
 
virtual bool VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message. More...
 
virtual ClonableClone () const
 Copies this object. More...
 

Static Public Member Functions

static std::string StaticAlgorithmName ()
 

Detailed Description

template<class T_BlockCipher, int T_DigestBitSize = 128>
class VMAC< T_BlockCipher, T_DigestBitSize >

The VMAC message authentication code.

VMAC is a block cipher-based message authentication code algorithm using a universal hash proposed by Ted Krovetz and Wei Dai in April 2007. The algorithm was designed for high performance backed by a formal analysis.

Template Parameters
T_BlockCipherblock cipher
T_DigestBitSizedigest size, in bits
See also
VMAC at the Crypto Lounge.

Definition at line 73 of file vmac.h.

Member Enumeration Documentation

Provides IV requirements as an enumerated value.

Enumerator
UNIQUE_IV 

The IV must be unique.

RANDOM_IV 

The IV must be random.

UNPREDICTABLE_RANDOM_IV 

The IV must be unpredictable.

INTERNALLY_GENERATED_IV 

The IV is set by the object.

NOT_RESYNCHRONIZABLE 

The object does not use an IV.

Definition at line 555 of file cryptlib.h.

Member Function Documentation

size_t SimpleKeyingInterfaceImpl< VMAC_Base , SameKeyLengthAs< T_BlockCipher, SimpleKeyingInterface::UNIQUE_IV, T_BlockCipher::BLOCKSIZE > >::GetValidKeyLength ( size_t  keylength) const
inlinevirtualinherited

Provides a valid key length for the cipher.

Parameters
keylengththe size of the key, in bytes

keylength is provided in bytes, not bits. If keylength is less than MIN_KEYLENGTH, then the function returns MIN_KEYLENGTH. If keylength is greater than MAX_KEYLENGTH, then the function returns MAX_KEYLENGTH. if If keylength is a multiple of KEYLENGTH_MULTIPLE, then keylength is returned. Otherwise, the function returns a lower multiple of KEYLENGTH_MULTIPLE.

Implements SimpleKeyingInterface.

Definition at line 273 of file seckey.h.

SimpleKeyingInterface::IV_Requirement SimpleKeyingInterfaceImpl< VMAC_Base , SameKeyLengthAs< T_BlockCipher, SimpleKeyingInterface::UNIQUE_IV, T_BlockCipher::BLOCKSIZE > >::IVRequirement ( ) const
inlinevirtualinherited

The default IV requirements for the cipher.

The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement in cryptlib.h for allowed values.

Implements SimpleKeyingInterface.

Definition at line 278 of file seckey.h.

unsigned int SimpleKeyingInterfaceImpl< VMAC_Base , SameKeyLengthAs< T_BlockCipher, SimpleKeyingInterface::UNIQUE_IV, T_BlockCipher::BLOCKSIZE > >::IVSize ( ) const
inlinevirtualinherited

The default initialization vector length for the cipher.

IVSize is provided in bytes, not bits. The default implementation uses IV_LENGTH, which is 0.

Reimplemented from VMAC_Base.

Definition at line 283 of file seckey.h.

std::string VMAC_Base::AlgorithmName ( ) const
inlinevirtualinherited

Provides the name of this algorithm.

Returns
the standard algorithm name

The standard algorithm name can be a name like AES or AES/GCM. Some algorithms do not have standard names yet. For example, there is no standard algorithm name for Shoup's ECIES.

Note
AlgorithmName is not universally implemented yet

Reimplemented from Algorithm.

Definition at line 19 of file vmac.h.

References Name::DigestSize(), and IntToString().

void VMAC_Base::GetNextIV ( RandomNumberGenerator rng,
byte *  iv 
)
virtualinherited

Gets a secure IV for the next message.

Parameters
rnga RandomNumberGenerator to produce keying material
iva block of bytes to receive the IV

This method should be called after you finish encrypting one message and are ready to start the next one. After calling it, you must call SetKey() or Resynchronize() before using this object again.

key must be at least IVSize() in length.

Note
This method is not implemented on decryption objects.

Reimplemented from SimpleKeyingInterface.

Definition at line 100 of file vmac.cpp.

References SimpleKeyingInterface::GetNextIV().

unsigned int VMAC_Base::DigestSize ( ) const
inlinevirtualinherited

Provides the digest size of the hash.

Returns
the digest size of the hash.

Calls to Final() require a buffer that is equal to (or greater than) DigestSize().

Implements HashTransformation.

Definition at line 24 of file vmac.h.

void VMAC_Base::UncheckedSetKey ( const byte *  key,
unsigned int  length,
const NameValuePairs params 
)
virtualinherited

Sets the key for this object without performing parameter validation.

Parameters
keya byte buffer used to key the cipher
lengththe length of the byte buffer
paramsadditional parameters passed as NameValuePairs

key must be at least DEFAULT_KEYLENGTH in length.

Implements SimpleKeyingInterface.

Definition at line 43 of file vmac.cpp.

References BlockTransformation::AdvancedProcessBlocks(), BlockTransformation::BlockSize(), BlockTransformation::BT_InBlockIsCounter, SecBlock< T, A >::BytePtr(), SecBlock< T, A >::CleanNew(), Name::DigestSize(), NameValuePairs::GetIntValueWithDefault(), Name::L1KeyLength(), BlockTransformation::ProcessBlock(), VMAC_Base::Resynchronize(), and SimpleKeyingInterface::SetKey().

void VMAC_Base::TruncatedFinal ( byte *  digest,
size_t  digestSize 
)
virtualinherited

Computes the hash of the current message.

Parameters
digesta pointer to the buffer to receive the hash
digestSizethe size of the truncated digest, in bytes

TruncatedFinal() call Final() and then copies digestSize bytes to digest

TruncatedFinal() restarts the hash for the next nmessage.

Implements HashTransformation.

Definition at line 857 of file vmac.cpp.

References ConditionalByteReverse(), VMAC_Base::IVSize(), and ModPowerOf2().

unsigned int VMAC_Base::BlockSize ( ) const
inlinevirtualinherited

Provides the block size of the compression function.

Returns
the block size of the compression function, in bytes

BlockSize() will return 0 if the hash is not block based. For example, SHA3 is a recursive hash (not an iterative hash), and it does not have a block size.

Reimplemented from HashTransformation.

Definition at line 27 of file vmac.h.

unsigned int VMAC_Base::OptimalDataAlignment ( ) const
virtualinherited

Provides input and output data alignment for optimal performance.

Returns
the input data alignment that provides optimal performance

Reimplemented from HashTransformation.

Definition at line 147 of file vmac.cpp.

References Name::L1KeyLength(), ModPowerOf2(), and BlockTransformation::OptimalDataAlignment().

virtual bool SimpleKeyingInterface::IsValidKeyLength ( size_t  keylength) const
inlinevirtualinherited

Returns whether keylength is a valid key length.

Internally the function calls GetValidKeyLength()

Reimplemented in CipherModeBase, GCM_Base, EAX_Base, and CCM_Base.

Definition at line 515 of file cryptlib.h.

References g_nullNameValuePairs.

void SimpleKeyingInterface::SetKey ( const byte *  key,
size_t  length,
const NameValuePairs params = g_nullNameValuePairs 
)
virtualinherited

Sets or reset the key of this object.

Parameters
keythe key to use when keying the object
lengththe size of the key, in bytes
paramsadditional initialization parameters that cannot be passed directly through the constructor

Reimplemented in ECB_OneWay, and AuthenticatedSymmetricCipherBase.

Definition at line 100 of file cryptlib.cpp.

Referenced by HKDF< T >::DeriveKey(), RandomPool::GenerateIntoBufferedTransformation(), TestDataNameValuePairs::GetVoidValue(), CBC_MAC_Base::UncheckedSetKey(), CMAC_Base::UncheckedSetKey(), VMAC_Base::UncheckedSetKey(), and BlockOrientedCipherModeBase::UncheckedSetKey().

void SimpleKeyingInterface::SetKeyWithRounds ( const byte *  key,
size_t  length,
int  rounds 
)
inherited

Sets or reset the key of this object.

Parameters
keythe key to use when keying the object
lengththe size of the key, in bytes
roundsthe number of rounds to apply the transformation function, if applicable

SetKeyWithRounds calls SetKey with an NameValuePairs object that just specifies rounds. rounds is an integer parameter, and -1 means use the default number of rounds.

Definition at line 106 of file cryptlib.cpp.

References MakeParameters(), and Name::Rounds().

void SimpleKeyingInterface::SetKeyWithIV ( const byte *  key,
size_t  length,
const byte *  iv,
size_t  ivLength 
)
inherited

Sets or reset the key of this object.

Parameters
keythe key to use when keying the object
lengththe size of the key, in bytes
ivthe intiialization vector to use when keying the object
ivLengththe size of the iv, in bytes

SetKeyWithIV calls SetKey with an NameValuePairs object that just specifies iv. iv is a byte buffer with size ivLength.

Definition at line 111 of file cryptlib.cpp.

References NameValuePairs::GetValue(), IntToString(), Name::IV(), and MakeParameters().

void SimpleKeyingInterface::SetKeyWithIV ( const byte *  key,
size_t  length,
const byte *  iv 
)
inlineinherited

Sets or reset the key of this object.

Parameters
keythe key to use when keying the object
lengththe size of the key, in bytes
ivthe intiialization vector to use when keying the object

SetKeyWithIV calls SetKey with an NameValuePairs object that just specifies iv. iv is a byte buffer, and it must have a size IVSize.

Definition at line 551 of file cryptlib.h.

bool SimpleKeyingInterface::IsResynchronizable ( ) const
inlineinherited

returns whether the object can be resynchronized (i.e. supports initialization vectors)

If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed.

Definition at line 573 of file cryptlib.h.

Referenced by CipherModeBase::IVSize(), and BlockOrientedCipherModeBase::UncheckedSetKey().

HashTransformation& HashTransformation::Ref ( )
inlineinherited

Provides a reference to this object.

Returns
A reference to this object

Useful for passing a temporary object to a function that takes a non-const reference

Definition at line 864 of file cryptlib.h.

virtual void HashTransformation::Final ( byte *  digest)
inlinevirtualinherited

Computes the hash of the current message.

Parameters
digesta pointer to the buffer to receive the hash

digest must be equal to (or greater than) DigestSize(). Final() restarts the hash for a new message.

Definition at line 885 of file cryptlib.h.

References Name::DigestSize().

Referenced by DefaultDecryptor::DefaultDecryptor(), DefaultEncryptor::DefaultEncryptor(), PKCS5_PBKDF2_HMAC< T >::DeriveKey(), RandomPool::IncorporateEntropy(), PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(), and HMAC_Base::TruncatedFinal().

unsigned int HashTransformation::TagSize ( ) const
inlineinherited

Provides the tag size of the hash.

Returns
the tag size of the hash.

Same as DigestSize().

Definition at line 901 of file cryptlib.h.

References Name::DigestSize().

virtual void HashTransformation::CalculateDigest ( byte *  digest,
const byte *  input,
size_t  length 
)
inlinevirtualinherited

Updates the hash with additional input and computes the hash of the current message.

Parameters
digesta pointer to the buffer to receive the hash
inputthe additional input as a buffer
lengththe size of the buffer, in bytes

Use this if your input is in one piece and you don't want to call Update() and Final() separately

CalculateDigest() restarts the hash for the next nmessage.

Definition at line 927 of file cryptlib.h.

Referenced by HKDF< T >::DeriveKey(), PKCS5_PBKDF2_HMAC< T >::DeriveKey(), and OAEP_Base::MaxUnpaddedLength().

virtual bool HashTransformation::Verify ( const byte *  digest)
inlinevirtualinherited

Verifies the hash of the current message.

Parameters
digesta pointer to the buffer of an existing hash
Returns
true if the existing hash matches the computed hash, false otherwise
Exceptions
ThrowIfInvalidTruncatedSize()if the existing hash's size exceeds DigestSize()

Calls to Verify() require a buffer that is equal to (or greater than) DigestSize().

Verify() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

Verify() restarts the hash for the next nmessage.

Definition at line 938 of file cryptlib.h.

References Name::DigestSize().

Referenced by Gunzip::Gunzip(), and ZlibDecompressor::ZlibDecompressor().

virtual bool HashTransformation::VerifyDigest ( const byte *  digest,
const byte *  input,
size_t  length 
)
inlinevirtualinherited

Updates the hash with additional input and verifies the hash of the current message.

Parameters
digesta pointer to the buffer of an existing hash
inputthe additional input as a buffer
lengththe size of the buffer, in bytes
Returns
true if the existing hash matches the computed hash, false otherwise
Exceptions
ThrowIfInvalidTruncatedSize()if the existing hash's size exceeds DigestSize()

Use this if your input is in one piece and you don't want to call Update() and Verify() separately

VerifyDigest() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

VerifyDigest() restarts the hash for the next nmessage.

Definition at line 952 of file cryptlib.h.

Referenced by OAEP_Base::MaxUnpaddedLength().

virtual void HashTransformation::CalculateTruncatedDigest ( byte *  digest,
size_t  digestSize,
const byte *  input,
size_t  length 
)
inlinevirtualinherited

Updates the hash with additional input and computes the hash of the current message.

Parameters
digesta pointer to the buffer to receive the hash
digestSizethe length of the truncated hash, in bytes
inputthe additional input as a buffer
lengththe size of the buffer, in bytes

Use this if your input is in one piece and you don't want to call Update() and CalculateDigest() separately.

CalculateTruncatedDigest() restarts the hash for the next nmessage.

Definition at line 970 of file cryptlib.h.

bool HashTransformation::TruncatedVerify ( const byte *  digest,
size_t  digestLength 
)
virtualinherited

Verifies the hash of the current message.

Parameters
digesta pointer to the buffer of an existing hash
digestLengththe size of the truncated hash, in bytes
Returns
true if the existing hash matches the computed hash, false otherwise
Exceptions
ThrowIfInvalidTruncatedSize()if digestLength exceeds DigestSize()

TruncatedVerify() is a truncated version of Verify(). It can operate on a buffer smaller than DigestSize(). However, digestLength cannot exceed DigestSize().

Verify() performs a bitwise compare on the buffers using VerifyBufsEqual(), which is a constant time comparison function. digestLength cannot exceed DigestSize().

TruncatedVerify() restarts the hash for the next nmessage.

Reimplemented in TruncatedHashTemplate< T >, and NullHash.

Definition at line 411 of file cryptlib.cpp.

References Name::DigestSize(), IntToString(), and VerifyBufsEqual().

virtual bool HashTransformation::VerifyTruncatedDigest ( const byte *  digest,
size_t  digestLength,
const byte *  input,
size_t  length 
)
inlinevirtualinherited

Updates the hash with additional input and verifies the hash of the current message.

Parameters
digesta pointer to the buffer of an existing hash
digestLengththe size of the truncated hash, in bytes
inputthe additional input as a buffer
lengththe size of the buffer, in bytes
Returns
true if the existing hash matches the computed hash, false otherwise
Exceptions
ThrowIfInvalidTruncatedSize()if digestLength exceeds DigestSize()

Use this if your input is in one piece and you don't want to call Update() and TruncatedVerify() separately.

VerifyTruncatedDigest() is a truncated version of VerifyDigest(). It can operate on a buffer smaller than DigestSize(). However, digestLength cannot exceed DigestSize().

VerifyTruncatedDigest() restarts the hash for the next nmessage.

Definition at line 997 of file cryptlib.h.

virtual Clonable* Clonable::Clone ( ) const
inlinevirtualinherited

Copies this object.

Returns
a copy of this object
Exceptions
NotImplemented
Note
this is not implemented by most classes
See also
NotCopyable

Definition at line 464 of file cryptlib.h.


The documentation for this class was generated from the following file: