Crypto++ 8.7
Free C++ class library of cryptographic schemes
Public Member Functions | Static Public Member Functions | List of all members
ChaCha20Poly1305_Base Class Referenceabstract

IETF ChaCha20Poly1305 cipher base implementation. More...

#include <chachapoly.h>

+ Inheritance diagram for ChaCha20Poly1305_Base:

Public Member Functions

std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
size_t MinKeyLength () const
 Returns smallest valid key length. More...
 
size_t MaxKeyLength () const
 Returns largest valid key length. More...
 
size_t DefaultKeyLength () const
 Returns default key length. More...
 
size_t GetValidKeyLength (size_t n) const
 Returns a valid key length for the algorithm. More...
 
bool IsValidKeyLength (size_t n) const
 Returns whether keylength is a valid key length. More...
 
unsigned int OptimalDataAlignment () const
 Provides input and output data alignment for optimal performance. More...
 
IV_Requirement IVRequirement () const
 Minimal requirement for secure IVs. More...
 
unsigned int IVSize () const
 Returns length of the IV accepted by this object. More...
 
unsigned int MinIVLength () const
 Provides the minimum size of an IV. More...
 
unsigned int MaxIVLength () const
 Provides the maximum size of an IV. More...
 
unsigned int DigestSize () const
 Provides the digest size of the hash. More...
 
lword MaxHeaderLength () const
 Provides the maximum length of AAD that can be input. More...
 
lword MaxMessageLength () const
 Provides the maximum length of encrypted data. More...
 
lword MaxFooterLength () const
 Provides the maximum length of AAD. More...
 
virtual void EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *aad, size_t aadLength, const byte *message, size_t messageLength)
 Encrypts and calculates a MAC in one call. More...
 
virtual bool DecryptAndVerify (byte *message, const byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *aad, size_t aadLength, const byte *ciphertext, size_t ciphertextLength)
 Decrypts and verifies a MAC in one call. More...
 
- Public Member Functions inherited from AuthenticatedSymmetricCipherBase
bool IsRandomAccess () const
 Determines whether the cipher supports random access. More...
 
bool IsSelfInverting () const
 Determines whether the cipher is self-inverting. More...
 
void SetKey (const byte *userKey, size_t keylength, const NameValuePairs &params)
 Sets or reset the key of this object. More...
 
void Restart ()
 Restart the hash. More...
 
void Resynchronize (const byte *iv, int length=-1)
 Resynchronize with an IV. More...
 
void Update (const byte *input, size_t length)
 Updates a hash with additional input. More...
 
void ProcessData (byte *outString, const byte *inString, size_t length)
 Encrypt or decrypt an array of bytes. More...
 
void TruncatedFinal (byte *mac, size_t macSize)
 Computes the hash of the current message. More...
 
- Public Member Functions inherited from AuthenticatedSymmetricCipher
virtual lword MaxHeaderLength () const =0
 Provides the maximum length of AAD that can be input. More...
 
virtual lword MaxMessageLength () const =0
 Provides the maximum length of encrypted data. More...
 
virtual lword MaxFooterLength () const
 Provides the maximum length of AAD. More...
 
virtual bool NeedsPrespecifiedDataLengths () const
 Determines if data lengths must be specified prior to inputting data. More...
 
void SpecifyDataLengths (lword headerLength, lword messageLength, lword footerLength=0)
 Prescribes the data lengths. More...
 
virtual void EncryptAndAuthenticate (byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength)
 Encrypts and calculates a MAC in one call. More...
 
virtual bool DecryptAndVerify (byte *message, const byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength)
 Decrypts and verifies a MAC in one call. More...
 
virtual std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
virtual std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
- Public Member Functions inherited from SimpleKeyingInterface
virtual size_t MinKeyLength () const =0
 Returns smallest valid key length. More...
 
virtual size_t MaxKeyLength () const =0
 Returns largest valid key length. More...
 
virtual size_t DefaultKeyLength () const =0
 Returns default key length. More...
 
virtual size_t GetValidKeyLength (size_t keylength) const =0
 Returns a valid key length for the algorithm. More...
 
virtual bool IsValidKeyLength (size_t keylength) const
 Returns whether keylength is a valid key length. More...
 
virtual void SetKey (const byte *key, size_t length, const NameValuePairs &params=g_nullNameValuePairs)
 Sets or reset the key of this object. More...
 
void SetKeyWithRounds (const byte *key, size_t length, int rounds)
 Sets or reset the key of this object. More...
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv, size_t ivLength)
 Sets or reset the key of this object. More...
 
void SetKeyWithIV (const byte *key, size_t length, const byte *iv)
 Sets or reset the key of this object. More...
 
virtual IV_Requirement IVRequirement () const =0
 Minimal requirement for secure IVs. More...
 
bool IsResynchronizable () const
 Determines if the object can be resynchronized. More...
 
bool CanUseRandomIVs () const
 Determines if the object can use random IVs. More...
 
bool CanUsePredictableIVs () const
 Determines if the object can use random but possibly predictable IVs. More...
 
bool CanUseStructuredIVs () const
 Determines if the object can use structured IVs. More...
 
virtual unsigned int IVSize () const
 Returns length of the IV accepted by this object. More...
 
unsigned int DefaultIVLength () const
 Provides the default size of an IV. More...
 
virtual unsigned int MinIVLength () const
 Provides the minimum size of an IV. More...
 
virtual unsigned int MaxIVLength () const
 Provides the maximum size of an IV. More...
 
virtual void Resynchronize (const byte *iv, int ivLength=-1)
 Resynchronize with an IV. More...
 
virtual void GetNextIV (RandomNumberGenerator &rng, byte *iv)
 Retrieves a secure IV for the next message. More...
 
- Public Member Functions inherited from HashTransformation
HashTransformationRef ()
 Provides a reference to this object. More...
 
virtual void Update (const byte *input, size_t length)=0
 Updates a hash with additional input. More...
 
virtual byteCreateUpdateSpace (size_t &size)
 Request space which can be written into by the caller. More...
 
virtual void Final (byte *digest)
 Computes the hash of the current message. More...
 
virtual void Restart ()
 Restart the hash. More...
 
virtual unsigned int DigestSize () const =0
 Provides the digest size of the hash. More...
 
unsigned int TagSize () const
 Provides the tag size of the hash. More...
 
virtual unsigned int BlockSize () const
 Provides the block size of the compression function. More...
 
virtual unsigned int OptimalBlockSize () const
 Provides the input block size most efficient for this hash. More...
 
virtual unsigned int OptimalDataAlignment () const
 Provides input and output data alignment for optimal performance. More...
 
virtual void CalculateDigest (byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message. More...
 
virtual bool Verify (const byte *digest)
 Verifies the hash of the current message. More...
 
virtual bool VerifyDigest (const byte *digest, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message. More...
 
virtual void TruncatedFinal (byte *digest, size_t digestSize)=0
 Computes the hash of the current message. More...
 
virtual void CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length)
 Updates the hash with additional input and computes the hash of the current message. More...
 
virtual bool TruncatedVerify (const byte *digest, size_t digestLength)
 Verifies the hash of the current message. More...
 
virtual bool VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length)
 Updates the hash with additional input and verifies the hash of the current message. More...
 
- Public Member Functions inherited from Algorithm
 Algorithm (bool checkSelfTestStatus=true)
 Interface for all crypto algorithms. More...
 
virtual std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
virtual std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
- Public Member Functions inherited from Clonable
virtual ClonableClone () const
 Copies this object. More...
 
- Public Member Functions inherited from StreamTransformation
StreamTransformationRef ()
 Provides a reference to this object. More...
 
virtual unsigned int MandatoryBlockSize () const
 Provides the mandatory block size of the cipher. More...
 
virtual unsigned int OptimalBlockSize () const
 Provides the input block size most efficient for this cipher. More...
 
virtual unsigned int GetOptimalBlockSizeUsed () const
 Provides the number of bytes used in the current block when processing at optimal block size. More...
 
virtual unsigned int OptimalDataAlignment () const
 Provides input and output data alignment for optimal performance. More...
 
virtual void ProcessData (byte *outString, const byte *inString, size_t length)=0
 Encrypt or decrypt an array of bytes. More...
 
virtual size_t ProcessLastBlock (byte *outString, size_t outLength, const byte *inString, size_t inLength)
 Encrypt or decrypt the last block of data. More...
 
virtual unsigned int MinLastBlockSize () const
 Provides the size of the last block. More...
 
virtual bool IsLastBlockSpecial () const
 Determines if the last block receives special processing. More...
 
void ProcessString (byte *inoutString, size_t length)
 Encrypt or decrypt a string of bytes. More...
 
void ProcessString (byte *outString, const byte *inString, size_t length)
 Encrypt or decrypt a string of bytes. More...
 
byte ProcessByte (byte input)
 Encrypt or decrypt a byte. More...
 
virtual bool IsRandomAccess () const =0
 Determines whether the cipher supports random access. More...
 
virtual void Seek (lword pos)
 Seek to an absolute position. More...
 
virtual bool IsSelfInverting () const =0
 Determines whether the cipher is self-inverting. More...
 
virtual bool IsForwardTransformation () const =0
 Determines if the cipher is being operated in its forward direction. More...
 

Static Public Member Functions

static const char * StaticAlgorithmName ()
 

Additional Inherited Members

- Public Types inherited from SimpleKeyingInterface
enum  IV_Requirement {
  UNIQUE_IV = 0 , RANDOM_IV , UNPREDICTABLE_RANDOM_IV , INTERNALLY_GENERATED_IV ,
  NOT_RESYNCHRONIZABLE
}
 Secure IVs requirements as enumerated values. More...
 

Detailed Description

IETF ChaCha20Poly1305 cipher base implementation.

Base implementation of the AuthenticatedSymmetricCipher interface

Since
Crypto++ 8.1

Definition at line 29 of file chachapoly.h.

Constructor & Destructor Documentation

◆ ~ChaCha20Poly1305_Base()

virtual ChaCha20Poly1305_Base::~ChaCha20Poly1305_Base ( )
inlinevirtual

Definition at line 35 of file chachapoly.h.

Member Function Documentation

◆ StaticAlgorithmName()

static const char * ChaCha20Poly1305_Base::StaticAlgorithmName ( )
inlinestatic

Definition at line 32 of file chachapoly.h.

◆ AlgorithmName()

std::string ChaCha20Poly1305_Base::AlgorithmName ( ) const
inlinevirtual

Provides the name of this algorithm.

Returns
the standard algorithm name

The standard algorithm name can be a name like AES or AES/GCM. Some algorithms do not have standard names yet. For example, there is no standard algorithm name for Shoup's ECIES.

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 38 of file chachapoly.h.

◆ AlgorithmProvider()

std::string ChaCha20Poly1305_Base::AlgorithmProvider ( ) const
inlinevirtual

Retrieve the provider of this algorithm.

Returns
the algorithm provider

The algorithm provider can be a name like "C++", "SSE", "NEON", "AESNI", "ARMv8" and "Power8". C++ is standard C++ code. Other labels, like SSE, usually indicate a specialized implementation using instructions from a higher instruction set architecture (ISA). Future labels may include external hardware like a hardware security module (HSM).

Generally speaking Wei Dai's original IA-32 ASM code falls under "SSE2". Labels like "SSSE3" and "SSE4.1" follow after Wei's code and use intrinsics instead of ASM.

Algorithms which combine different instructions or ISAs provide the dominant one. For example on x86 AES/GCM returns "AESNI" rather than "CLMUL" or "AES+SSE4.1" or "AES+CLMUL" or "AES+SSE4.1+CLMUL".

Note
Provider is not universally implemented yet.
Since
Crypto++ 8.0

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 40 of file chachapoly.h.

◆ MinKeyLength()

size_t ChaCha20Poly1305_Base::MinKeyLength ( ) const
inlinevirtual

Returns smallest valid key length.

Returns
the minimum key length, in bytes

Implements SimpleKeyingInterface.

Definition at line 42 of file chachapoly.h.

◆ MaxKeyLength()

size_t ChaCha20Poly1305_Base::MaxKeyLength ( ) const
inlinevirtual

Returns largest valid key length.

Returns
the maximum key length, in bytes

Implements SimpleKeyingInterface.

Definition at line 44 of file chachapoly.h.

◆ DefaultKeyLength()

size_t ChaCha20Poly1305_Base::DefaultKeyLength ( ) const
inlinevirtual

Returns default key length.

Returns
the default key length, in bytes

Implements SimpleKeyingInterface.

Definition at line 46 of file chachapoly.h.

◆ GetValidKeyLength()

size_t ChaCha20Poly1305_Base::GetValidKeyLength ( size_t  keylength) const
inlinevirtual

Returns a valid key length for the algorithm.

Parameters
keylengththe size of the key, in bytes
Returns
the valid key length, in bytes

keylength is provided in bytes, not bits. If keylength is less than MIN_KEYLENGTH, then the function returns MIN_KEYLENGTH. If keylength is greater than MAX_KEYLENGTH, then the function returns MAX_KEYLENGTH. if If keylength is a multiple of KEYLENGTH_MULTIPLE, then keylength is returned. Otherwise, the function returns a lower multiple of KEYLENGTH_MULTIPLE.

Implements SimpleKeyingInterface.

Definition at line 48 of file chachapoly.h.

◆ IsValidKeyLength()

bool ChaCha20Poly1305_Base::IsValidKeyLength ( size_t  keylength) const
inlinevirtual

Returns whether keylength is a valid key length.

Parameters
keylengththe requested keylength
Returns
true if keylength is valid, false otherwise

Internally the function calls GetValidKeyLength()

Reimplemented from SimpleKeyingInterface.

Definition at line 50 of file chachapoly.h.

◆ OptimalDataAlignment()

unsigned int ChaCha20Poly1305_Base::OptimalDataAlignment ( ) const
inlinevirtual

Provides input and output data alignment for optimal performance.

Returns
the input data alignment that provides optimal performance
See also
GetAlignment() and OptimalBlockSize()

Reimplemented from StreamTransformation.

Definition at line 52 of file chachapoly.h.

◆ IVRequirement()

IV_Requirement ChaCha20Poly1305_Base::IVRequirement ( ) const
inlinevirtual

Minimal requirement for secure IVs.

Returns
the secure IV requirement of the algorithm

Implements SimpleKeyingInterface.

Definition at line 54 of file chachapoly.h.

◆ IVSize()

unsigned int ChaCha20Poly1305_Base::IVSize ( ) const
inlinevirtual

Returns length of the IV accepted by this object.

Returns
the size of an IV, in bytes
Exceptions
NotImplemented()if the object does not support resynchronization

The default implementation throws NotImplemented

Reimplemented from SimpleKeyingInterface.

Definition at line 56 of file chachapoly.h.

◆ MinIVLength()

unsigned int ChaCha20Poly1305_Base::MinIVLength ( ) const
inlinevirtual

Provides the minimum size of an IV.

Returns
minimal length of IVs accepted by this object, in bytes
Exceptions
NotImplemented()if the object does not support resynchronization

Reimplemented from SimpleKeyingInterface.

Definition at line 58 of file chachapoly.h.

◆ MaxIVLength()

unsigned int ChaCha20Poly1305_Base::MaxIVLength ( ) const
inlinevirtual

Provides the maximum size of an IV.

Returns
maximal length of IVs accepted by this object, in bytes
Exceptions
NotImplemented()if the object does not support resynchronization

Reimplemented from SimpleKeyingInterface.

Definition at line 60 of file chachapoly.h.

◆ DigestSize()

unsigned int ChaCha20Poly1305_Base::DigestSize ( ) const
inlinevirtual

Provides the digest size of the hash.

Returns
the digest size of the hash.

Implements HashTransformation.

Definition at line 62 of file chachapoly.h.

◆ MaxHeaderLength()

lword ChaCha20Poly1305_Base::MaxHeaderLength ( ) const
inlinevirtual

Provides the maximum length of AAD that can be input.

Returns
the maximum length of AAD that can be input before the encrypted data

Implements AuthenticatedSymmetricCipher.

Definition at line 64 of file chachapoly.h.

◆ MaxMessageLength()

lword ChaCha20Poly1305_Base::MaxMessageLength ( ) const
inlinevirtual

Provides the maximum length of encrypted data.

Returns
the maximum length of encrypted data

Implements AuthenticatedSymmetricCipher.

Definition at line 66 of file chachapoly.h.

◆ MaxFooterLength()

lword ChaCha20Poly1305_Base::MaxFooterLength ( ) const
inlinevirtual

Provides the maximum length of AAD.

Returns
the maximum length of AAD that can be input after the encrypted data

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 68 of file chachapoly.h.

◆ EncryptAndAuthenticate()

void ChaCha20Poly1305_Base::EncryptAndAuthenticate ( byte ciphertext,
byte mac,
size_t  macSize,
const byte iv,
int  ivLength,
const byte aad,
size_t  aadLength,
const byte message,
size_t  messageLength 
)
virtual

Encrypts and calculates a MAC in one call.

Parameters
ciphertextthe encryption buffer
macthe mac buffer
macSizethe size of the MAC buffer, in bytes
ivthe iv buffer
ivLengththe size of the IV buffer, in bytes
aadthe AAD buffer
aadLengththe size of the AAD buffer, in bytes
messagethe message buffer
messageLengththe size of the messagetext buffer, in bytes

EncryptAndAuthenticate() encrypts and generates the MAC in one call. The function truncates the MAC if macSize < TagSize().

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 97 of file chachapoly.cpp.

◆ DecryptAndVerify()

bool ChaCha20Poly1305_Base::DecryptAndVerify ( byte message,
const byte mac,
size_t  macSize,
const byte iv,
int  ivLength,
const byte aad,
size_t  aadLength,
const byte ciphertext,
size_t  ciphertextLength 
)
virtual

Decrypts and verifies a MAC in one call.

Parameters
messagethe decryption buffer
macthe mac buffer
macSizethe size of the MAC buffer, in bytes
ivthe iv buffer
ivLengththe size of the IV buffer, in bytes
aadthe AAD buffer
aadLengththe size of the AAD buffer, in bytes
ciphertextthe cipher buffer
ciphertextLengththe size of the ciphertext buffer, in bytes
Returns
true if the MAC is valid and the decoding succeeded, false otherwise

DecryptAndVerify() decrypts and verifies the MAC in one call. message is a decryption buffer and should be at least as large as the ciphertext buffer.

The function returns true iff MAC is valid. DecryptAndVerify() assumes the MAC is truncated if macLength < TagSize().

Reimplemented from AuthenticatedSymmetricCipher.

Definition at line 105 of file chachapoly.cpp.


The documentation for this class was generated from the following files: