diff options
| author | weidai <weidai11@users.noreply.github.com> | 2009-03-02 02:39:17 +0000 |
|---|---|---|
| committer | weidai <weidai11@users.noreply.github.com> | 2009-03-02 02:39:17 +0000 |
| commit | d8a644fc4ee2af9dc62f2a8c167b023d0c71d13b (patch) | |
| tree | 0fecaa7a6728d07549a41864ea2cedfb245f0bd3 /authenc.cpp | |
| parent | fa25129ac981ceed9569496c02b83771b394fa40 (diff) | |
| download | cryptopp-git-d8a644fc4ee2af9dc62f2a8c167b023d0c71d13b.tar.gz | |
changes for 5.6:
- added AuthenticatedSymmetricCipher interface class and Filter wrappers
- added CCM, GCM (with SSE2 assembly), CMAC, and SEED
- improved AES speed on x86 and x64
- removed WORD64_AVAILABLE; compiler 64-bit int support is now required
Diffstat (limited to 'authenc.cpp')
| -rw-r--r-- | authenc.cpp | 179 |
1 files changed, 179 insertions, 0 deletions
diff --git a/authenc.cpp b/authenc.cpp new file mode 100644 index 00000000..c9c22e33 --- /dev/null +++ b/authenc.cpp @@ -0,0 +1,179 @@ +// authenc.cpp - written and placed in the public domain by Wei Dai
+
+#include "pch.h"
+
+#ifndef CRYPTOPP_IMPORTS
+
+#include "authenc.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+void AuthenticatedSymmetricCipherBase::AuthenticateData(const byte *input, size_t len)
+{
+ unsigned int blockSize = AuthenticationBlockSize();
+ unsigned int &num = m_bufferedDataLength;
+ byte* data = m_buffer.begin();
+
+ if (num != 0) // process left over data
+ {
+ if (num+len >= blockSize)
+ {
+ memcpy(data+num, input, blockSize-num);
+ AuthenticateBlocks(data, blockSize);
+ input += (blockSize-num);
+ len -= (blockSize-num);
+ num = 0;
+ // drop through and do the rest
+ }
+ else
+ {
+ memcpy(data+num, input, len);
+ num += (unsigned int)len;
+ return;
+ }
+ }
+
+ // now process the input data in blocks of blockSize bytes and save the leftovers to m_data
+ if (len >= blockSize)
+ {
+ size_t leftOver = AuthenticateBlocks(input, len);
+ input += (len - leftOver);
+ len = leftOver;
+ }
+
+ memcpy(data, input, len);
+ num = (unsigned int)len;
+}
+
+void AuthenticatedSymmetricCipherBase::SetKey(const byte *userKey, size_t keylength, const NameValuePairs ¶ms)
+{
+ m_bufferedDataLength = 0;
+ m_state = State_Start;
+
+ SetKeyWithoutResync(userKey, keylength, params);
+ m_state = State_KeySet;
+
+ size_t length;
+ const byte *iv = GetIVAndThrowIfInvalid(params, length);
+ if (iv)
+ Resynchronize(iv, (int)length);
+}
+
+void AuthenticatedSymmetricCipherBase::Resynchronize(const byte *iv, int length)
+{
+ if (m_state < State_KeySet)
+ throw BadState(AlgorithmName(), "Resynchronize", "State_KeySet");
+
+ m_bufferedDataLength = 0;
+ m_totalHeaderLength = m_totalMessageLength = m_totalFooterLength = 0;
+ m_state = State_KeySet;
+
+ Resync(iv, this->ThrowIfInvalidIVLength(length));
+ m_state = State_IVSet;
+}
+
+void AuthenticatedSymmetricCipherBase::Update(const byte *input, size_t length)
+{
+ if (length == 0)
+ return;
+
+ switch (m_state)
+ {
+ case State_Start:
+ case State_KeySet:
+ throw BadState(AlgorithmName(), "Update", "State_IVSet");
+ case State_IVSet:
+ AuthenticateData(input, length);
+ m_totalHeaderLength += length;
+ break;
+ case State_AuthUntransformed:
+ case State_AuthTransformed:
+ AuthenticateLastConfidentialBlock();
+ m_bufferedDataLength = 0;
+ m_state = State_AuthFooter;
+ // fall through
+ case State_AuthFooter:
+ AuthenticateData(input, length);
+ m_totalFooterLength += length;
+ break;
+ default:
+ assert(false);
+ }
+}
+
+void AuthenticatedSymmetricCipherBase::ProcessData(byte *outString, const byte *inString, size_t length)
+{
+ m_totalMessageLength += length;
+ if (m_totalMessageLength > MaxMessageLength())
+ throw InvalidArgument(AlgorithmName() + ": message length exceeds maximum");
+
+reswitch:
+ switch (m_state)
+ {
+ case State_Start:
+ case State_KeySet:
+ case State_AuthFooter:
+ throw BadState(AlgorithmName(), "ProcessData", "State_IVSet or after State_AuthFooter");
+ case State_IVSet:
+ AuthenticateLastHeaderBlock();
+ m_bufferedDataLength = 0;
+ m_state = AuthenticationIsOnPlaintext()==IsForwardTransformation() ? State_AuthUntransformed : State_AuthTransformed;
+ goto reswitch;
+ case State_AuthUntransformed:
+ AuthenticateData(inString, length);
+ AccessSymmetricCipher().ProcessData(outString, inString, length);
+ break;
+ case State_AuthTransformed:
+ AccessSymmetricCipher().ProcessData(outString, inString, length);
+ AuthenticateData(outString, length);
+ break;
+ default:
+ assert(false);
+ }
+}
+
+void AuthenticatedSymmetricCipherBase::TruncatedFinal(byte *mac, size_t macSize)
+{
+ if (m_totalHeaderLength > MaxHeaderLength())
+ throw InvalidArgument(AlgorithmName() + ": header length of " + IntToString(m_totalHeaderLength) + " exceeds the maximum of " + IntToString(MaxHeaderLength()));
+
+ if (m_totalFooterLength > MaxFooterLength())
+ {
+ if (MaxFooterLength() == 0)
+ throw InvalidArgument(AlgorithmName() + ": unencrypted authenticated data cannot be input after encrypted data");
+ else
+ throw InvalidArgument(AlgorithmName() + ": footer length of " + IntToString(m_totalFooterLength) + " exceeds the maximum of " + IntToString(MaxFooterLength()));
+ }
+
+ switch (m_state)
+ {
+ case State_Start:
+ case State_KeySet:
+ throw BadState(AlgorithmName(), "TruncatedFinal", "State_IVSet");
+
+ case State_IVSet:
+ AuthenticateLastHeaderBlock();
+ m_bufferedDataLength = 0;
+ // fall through
+
+ case State_AuthUntransformed:
+ case State_AuthTransformed:
+ AuthenticateLastConfidentialBlock();
+ m_bufferedDataLength = 0;
+ // fall through
+
+ case State_AuthFooter:
+ AuthenticateLastFooterBlock(mac, macSize);
+ m_bufferedDataLength = 0;
+ break;
+
+ default:
+ assert(false);
+ }
+
+ m_state = State_KeySet;
+}
+
+NAMESPACE_END
+
+#endif
|