Crypto++  5.6.5
Free C++ class library of cryptographic schemes
strciphr.h
Go to the documentation of this file.
1 // strciphr.h - written and placed in the public domain by Wei Dai
2 
3 //! \file strciphr.h
4 //! \brief Classes for implementing stream ciphers
5 //! \details This file contains helper classes for implementing stream ciphers.
6 //! All this infrastructure may look very complex compared to what's in Crypto++ 4.x,
7 //! but stream ciphers implementations now support a lot of new functionality,
8 //! including better performance (minimizing copying), resetting of keys and IVs, and methods to
9 //! query which features are supported by a cipher.
10 //! \details Here's an explanation of these classes. The word "policy" is used here to mean a class with a
11 //! set of methods that must be implemented by individual stream cipher implementations.
12 //! This is usually much simpler than the full stream cipher API, which is implemented by
13 //! either AdditiveCipherTemplate or CFB_CipherTemplate using the policy. So for example, an
14 //! implementation of SEAL only needs to implement the AdditiveCipherAbstractPolicy interface
15 //! (since it's an additive cipher, i.e., it xors a keystream into the plaintext).
16 //! See this line in seal.h:
17 //! <pre>
18 //! typedef SymmetricCipherFinal<ConcretePolicyHolder<SEAL_Policy<B>, AdditiveCipherTemplate<> > > Encryption;
19 //! </pre>
20 //! \details AdditiveCipherTemplate and CFB_CipherTemplate are designed so that they don't need
21 //! to take a policy class as a template parameter (although this is allowed), so that
22 //! their code is not duplicated for each new cipher. Instead they each
23 //! get a reference to an abstract policy interface by calling AccessPolicy() on itself, so
24 //! AccessPolicy() must be overriden to return the actual policy reference. This is done
25 //! by the ConceretePolicyHolder class. Finally, SymmetricCipherFinal implements the constructors and
26 //! other functions that must be implemented by the most derived class.
27 
28 #ifndef CRYPTOPP_STRCIPHR_H
29 #define CRYPTOPP_STRCIPHR_H
30 
31 #include "config.h"
32 
33 #if CRYPTOPP_MSC_VERSION
34 # pragma warning(push)
35 # pragma warning(disable: 4127 4189)
36 #endif
37 
38 #include "cryptlib.h"
39 #include "seckey.h"
40 #include "secblock.h"
41 #include "argnames.h"
42 
43 NAMESPACE_BEGIN(CryptoPP)
44 
45 //! \class AbstractPolicyHolder
46 //! \brief Access a stream cipher policy object
47 //! \tparam POLICY_INTERFACE class implementing AbstractPolicyHolder
48 //! \tparam BASE class or type to use as a base class
49 template <class POLICY_INTERFACE, class BASE = Empty>
50 class CRYPTOPP_NO_VTABLE AbstractPolicyHolder : public BASE
51 {
52 public:
53  typedef POLICY_INTERFACE PolicyInterface;
54  virtual ~AbstractPolicyHolder() {}
55 
56 protected:
57  virtual const POLICY_INTERFACE & GetPolicy() const =0;
58  virtual POLICY_INTERFACE & AccessPolicy() =0;
59 };
60 
61 //! \class ConcretePolicyHolder
62 //! \brief Stream cipher policy object
63 //! \tparam POLICY class implementing AbstractPolicyHolder
64 //! \tparam BASE class or type to use as a base class
65 template <class POLICY, class BASE, class POLICY_INTERFACE = typename BASE::PolicyInterface>
66 class ConcretePolicyHolder : public BASE, protected POLICY
67 {
68 public:
69  virtual ~ConcretePolicyHolder() {}
70 protected:
71  const POLICY_INTERFACE & GetPolicy() const {return *this;}
72  POLICY_INTERFACE & AccessPolicy() {return *this;}
73 };
74 
75 //! \brief Keystream operation flags
76 //! \sa AdditiveCipherAbstractPolicy::GetBytesPerIteration(), AdditiveCipherAbstractPolicy::GetOptimalBlockSize()
77 //! and AdditiveCipherAbstractPolicy::GetAlignment()
79  //! \brief Output buffer is aligned
81  //! \brief Input buffer is aligned
83  //! \brief Input buffer is NULL
85 };
86 
87 //! \brief Keystream operation flags
88 //! \sa AdditiveCipherAbstractPolicy::GetBytesPerIteration(), AdditiveCipherAbstractPolicy::GetOptimalBlockSize()
89 //! and AdditiveCipherAbstractPolicy::GetAlignment()
91  //! \brief Wirte the keystream to the output buffer, input is NULL
93  //! \brief Wirte the keystream to the aligned output buffer, input is NULL
95  //! \brief XOR the input buffer and keystream, write to the output buffer
97  //! \brief XOR the aligned input buffer and keystream, write to the output buffer
99  //! \brief XOR the input buffer and keystream, write to the aligned output buffer
101  //! \brief XOR the aligned input buffer and keystream, write to the aligned output buffer
103 
104 //! \class AdditiveCipherAbstractPolicy
105 //! \brief Policy object for additive stream ciphers
106 struct CRYPTOPP_DLL CRYPTOPP_NO_VTABLE AdditiveCipherAbstractPolicy
107 {
108  virtual ~AdditiveCipherAbstractPolicy() {}
109 
110  //! \brief Provides data alignment requirements
111  //! \returns data alignment requirements, in bytes
112  //! \details Internally, the default implementation returns 1. If the stream cipher is implemented
113  //! using an SSE2 ASM or intrinsics, then the value returned is usually 16.
114  virtual unsigned int GetAlignment() const {return 1;}
115 
116  //! \brief Provides number of bytes operated upon during an iteration
117  //! \returns bytes operated upon during an iteration, in bytes
118  //! \sa GetOptimalBlockSize()
119  virtual unsigned int GetBytesPerIteration() const =0;
120 
121  //! \brief Provides number of ideal bytes to process
122  //! \returns the ideal number of bytes to process
123  //! \details Internally, the default implementation returns GetBytesPerIteration()
124  //! \sa GetBytesPerIteration()
125  virtual unsigned int GetOptimalBlockSize() const {return GetBytesPerIteration();}
126 
127  //! \brief Provides buffer size based on iterations
128  //! \returns the buffer size based on iterations, in bytes
129  virtual unsigned int GetIterationsToBuffer() const =0;
130 
131  //! \brief Generate the keystream
132  //! \param keystream the key stream
133  //! \param iterationCount the number of iterations to generate the key stream
134  //! \sa CanOperateKeystream(), OperateKeystream(), WriteKeystream()
135  virtual void WriteKeystream(byte *keystream, size_t iterationCount)
136  {OperateKeystream(KeystreamOperation(INPUT_NULL | (KeystreamOperationFlags)IsAlignedOn(keystream, GetAlignment())), keystream, NULL, iterationCount);}
137 
138  //! \brief Flag indicating
139  //! \returns true if the stream can be generated independent of the transformation input, false otherwise
140  //! \sa CanOperateKeystream(), OperateKeystream(), WriteKeystream()
141  virtual bool CanOperateKeystream() const {return false;}
142 
143  //! \brief Operates the keystream
144  //! \param operation the operation with additional flags
145  //! \param output the output buffer
146  //! \param input the input buffer
147  //! \param iterationCount the number of iterations to perform on the input
148  //! \details OperateKeystream() will attempt to operate upon GetOptimalBlockSize() buffer,
149  //! which will be derived from GetBytesPerIteration().
150  //! \sa CanOperateKeystream(), OperateKeystream(), WriteKeystream(), KeystreamOperation()
151  virtual void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
152  {CRYPTOPP_UNUSED(operation); CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(input); CRYPTOPP_UNUSED(iterationCount); CRYPTOPP_ASSERT(false);}
153 
154  //! \brief Key the cipher
155  //! \param params set of NameValuePairs use to initialize this object
156  //! \param key a byte array used to key the cipher
157  //! \param length the size of the key array
158  virtual void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length) =0;
159 
160  //! \brief Resynchronize the cipher
161  //! \param keystreamBuffer the keystream buffer
162  //! \param iv a byte array used to resynchronize the cipher
163  //! \param length the size of the IV array
164  virtual void CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
165  {CRYPTOPP_UNUSED(keystreamBuffer); CRYPTOPP_UNUSED(iv); CRYPTOPP_UNUSED(length); throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
166 
167  //! \brief Flag indicating random access
168  //! \returns true if the cipher is seekable, false otherwise
169  //! \sa SeekToIteration()
170  virtual bool CipherIsRandomAccess() const =0;
171 
172  //! \brief Seeks to a random position in the stream
173  //! \returns iterationCount
174  //! \sa CipherIsRandomAccess()
175  virtual void SeekToIteration(lword iterationCount)
176  {CRYPTOPP_UNUSED(iterationCount); CRYPTOPP_ASSERT(!CipherIsRandomAccess()); throw NotImplemented("StreamTransformation: this object doesn't support random access");}
177 };
178 
179 //! \class AdditiveCipherConcretePolicy
180 //! \brief Base class for additive stream ciphers
181 //! \tparam WT word type
182 //! \tparam W count of words
183 //! \tparam X bytes per iteration count
184 //! \tparam BASE AdditiveCipherAbstractPolicy derived base class
185 template <typename WT, unsigned int W, unsigned int X = 1, class BASE = AdditiveCipherAbstractPolicy>
186 struct CRYPTOPP_NO_VTABLE AdditiveCipherConcretePolicy : public BASE
187 {
188  typedef WT WordType;
189  CRYPTOPP_CONSTANT(BYTES_PER_ITERATION = sizeof(WordType) * W)
190 
191 #if !(CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X64)
192  //! \brief Provides data alignment requirements
193  //! \returns data alignment requirements, in bytes
194  //! \details Internally, the default implementation returns 1. If the stream cipher is implemented
195  //! using an SSE2 ASM or intrinsics, then the value returned is usually 16.
196  unsigned int GetAlignment() const {return GetAlignmentOf<WordType>();}
197 #endif
198 
199  //! \brief Provides number of bytes operated upon during an iteration
200  //! \returns bytes operated upon during an iteration, in bytes
201  //! \sa GetOptimalBlockSize()
202  unsigned int GetBytesPerIteration() const {return BYTES_PER_ITERATION;}
203 
204  //! \brief Provides buffer size based on iterations
205  //! \returns the buffer size based on iterations, in bytes
206  unsigned int GetIterationsToBuffer() const {return X;}
207 
208  //! \brief Flag indicating
209  //! \returns true if the stream can be generated independent of the transformation input, false otherwise
210  //! \sa CanOperateKeystream(), OperateKeystream(), WriteKeystream()
211  bool CanOperateKeystream() const {return true;}
212 
213  //! \brief Operates the keystream
214  //! \param operation the operation with additional flags
215  //! \param output the output buffer
216  //! \param input the input buffer
217  //! \param iterationCount the number of iterations to perform on the input
218  //! \details OperateKeystream() will attempt to operate upon GetOptimalBlockSize() buffer,
219  //! which will be derived from GetBytesPerIteration().
220  //! \sa CanOperateKeystream(), OperateKeystream(), WriteKeystream(), KeystreamOperation()
221  virtual void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount) =0;
222 };
223 
224 //! \brief Helper macro to implement OperateKeystream
225 #define CRYPTOPP_KEYSTREAM_OUTPUT_WORD(x, b, i, a) \
226  PutWord(bool(x & OUTPUT_ALIGNED), b, output+i*sizeof(WordType), (x & INPUT_NULL) ? (a) : (a) ^ GetWord<WordType>(bool(x & INPUT_ALIGNED), b, input+i*sizeof(WordType)));
227 
228 //! \brief Helper macro to implement OperateKeystream
229 #define CRYPTOPP_KEYSTREAM_OUTPUT_XMM(x, i, a) {\
230  __m128i t = (x & INPUT_NULL) ? a : _mm_xor_si128(a, (x & INPUT_ALIGNED) ? _mm_load_si128((__m128i *)input+i) : _mm_loadu_si128((__m128i *)input+i));\
231  if (x & OUTPUT_ALIGNED) _mm_store_si128((__m128i *)output+i, t);\
232  else _mm_storeu_si128((__m128i *)output+i, t);}
233 
234 //! \brief Helper macro to implement OperateKeystream
235 #define CRYPTOPP_KEYSTREAM_OUTPUT_SWITCH(x, y) \
236  switch (operation) \
237  { \
238  case WRITE_KEYSTREAM: \
239  x(WRITE_KEYSTREAM) \
240  break; \
241  case XOR_KEYSTREAM: \
242  x(XOR_KEYSTREAM) \
243  input += y; \
244  break; \
245  case XOR_KEYSTREAM_INPUT_ALIGNED: \
246  x(XOR_KEYSTREAM_INPUT_ALIGNED) \
247  input += y; \
248  break; \
249  case XOR_KEYSTREAM_OUTPUT_ALIGNED: \
250  x(XOR_KEYSTREAM_OUTPUT_ALIGNED) \
251  input += y; \
252  break; \
253  case WRITE_KEYSTREAM_ALIGNED: \
254  x(WRITE_KEYSTREAM_ALIGNED) \
255  break; \
256  case XOR_KEYSTREAM_BOTH_ALIGNED: \
257  x(XOR_KEYSTREAM_BOTH_ALIGNED) \
258  input += y; \
259  break; \
260  } \
261  output += y;
262 
263 //! \class AdditiveCipherTemplate
264 //! \brief Base class for additive stream ciphers with SymmetricCipher interface
265 //! \tparam BASE AbstractPolicyHolder base class
266 template <class BASE = AbstractPolicyHolder<AdditiveCipherAbstractPolicy, SymmetricCipher> >
267 class CRYPTOPP_NO_VTABLE AdditiveCipherTemplate : public BASE, public RandomNumberGenerator
268 {
269 public:
270  virtual ~AdditiveCipherTemplate() {}
271 
272  //! \brief Generate random array of bytes
273  //! \param output the byte buffer
274  //! \param size the length of the buffer, in bytes
275  //! \details All generated values are uniformly distributed over the range specified within the
276  //! the contraints of a particular generator.
277  void GenerateBlock(byte *output, size_t size);
278 
279  //! \brief Apply keystream to data
280  //! \param outString a buffer to write the transformed data
281  //! \param inString a buffer to read the data
282  //! \param length the size fo the buffers, in bytes
283  //! \details This is the primary method to operate a stream cipher. For example:
284  //! <pre>
285  //! size_t size = 30;
286  //! byte plain[size] = "Do or do not; there is no try";
287  //! byte cipher[size];
288  //! ...
289  //! ChaCha20 chacha(key, keySize);
290  //! chacha.ProcessData(cipher, plain, size);
291  //! </pre>
292  void ProcessData(byte *outString, const byte *inString, size_t length);
293 
294  //! \brief Resynchronize the cipher
295  //! \param iv a byte array used to resynchronize the cipher
296  //! \param length the size of the IV array
297  void Resynchronize(const byte *iv, int length=-1);
298 
299  //! \brief Provides number of ideal bytes to process
300  //! \returns the ideal number of bytes to process
301  //! \details Internally, the default implementation returns GetBytesPerIteration()
302  //! \sa GetBytesPerIteration() and GetOptimalNextBlockSize()
303  unsigned int OptimalBlockSize() const {return this->GetPolicy().GetOptimalBlockSize();}
304 
305  //! \brief Provides number of ideal bytes to process
306  //! \returns the ideal number of bytes to process
307  //! \details Internally, the default implementation returns remaining unprocessed bytes
308  //! \sa GetBytesPerIteration() and OptimalBlockSize()
309  unsigned int GetOptimalNextBlockSize() const {return (unsigned int)this->m_leftOver;}
310 
311  //! \brief Provides number of ideal data alignment
312  //! \returns the ideal data alignment, in bytes
313  //! \sa GetAlignment() and OptimalBlockSize()
314  unsigned int OptimalDataAlignment() const {return this->GetPolicy().GetAlignment();}
315 
316  //! \brief Determines if the cipher is self inverting
317  //! \returns true if the stream cipher is self inverting, false otherwise
318  bool IsSelfInverting() const {return true;}
319 
320  //! \brief Determines if the cipher is a forward transformation
321  //! \returns true if the stream cipher is a forward transformation, false otherwise
322  bool IsForwardTransformation() const {return true;}
323 
324  //! \brief Flag indicating random access
325  //! \returns true if the cipher is seekable, false otherwise
326  //! \sa Seek()
327  bool IsRandomAccess() const {return this->GetPolicy().CipherIsRandomAccess();}
328 
329  //! \brief Seeks to a random position in the stream
330  //! \param position the absolute position in the stream
331  //! \sa IsRandomAccess()
332  void Seek(lword position);
333 
334  typedef typename BASE::PolicyInterface PolicyInterface;
335 
336 protected:
337  void UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params);
338 
339  unsigned int GetBufferByteSize(const PolicyInterface &policy) const {return policy.GetBytesPerIteration() * policy.GetIterationsToBuffer();}
340 
341  inline byte * KeystreamBufferBegin() {return this->m_buffer.data();}
342  inline byte * KeystreamBufferEnd() {return (this->m_buffer.data() + this->m_buffer.size());}
343 
344  SecByteBlock m_buffer;
345  size_t m_leftOver;
346 };
347 
348 //! \class CFB_CipherAbstractPolicy
349 //! \brief Policy object for feeback based stream ciphers
350 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CFB_CipherAbstractPolicy
351 {
352 public:
353  virtual ~CFB_CipherAbstractPolicy() {}
354 
355  //! \brief Provides data alignment requirements
356  //! \returns data alignment requirements, in bytes
357  //! \details Internally, the default implementation returns 1. If the stream cipher is implemented
358  //! using an SSE2 ASM or intrinsics, then the value returned is usually 16.
359  virtual unsigned int GetAlignment() const =0;
360 
361  //! \brief Provides number of bytes operated upon during an iteration
362  //! \returns bytes operated upon during an iteration, in bytes
363  //! \sa GetOptimalBlockSize()
364  virtual unsigned int GetBytesPerIteration() const =0;
365 
366  //! \brief Access the feedback register
367  //! \returns pointer to the first byte of the feedback register
368  virtual byte * GetRegisterBegin() =0;
369 
370  //! \brief TODO
371  virtual void TransformRegister() =0;
372 
373  //! \brief Flag indicating iteration support
374  //! \returns true if the cipher supports iteration, false otherwise
375  virtual bool CanIterate() const {return false;}
376 
377  //! \brief Iterate the cipher
378  //! \param output the output buffer
379  //! \param input the input buffer
380  //! \param dir the direction of the cipher
381  //! \param iterationCount the number of iterations to perform on the input
382  //! \sa IsSelfInverting() and IsForwardTransformation()
383  virtual void Iterate(byte *output, const byte *input, CipherDir dir, size_t iterationCount)
384  {CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(input); CRYPTOPP_UNUSED(dir); CRYPTOPP_UNUSED(iterationCount);
385  CRYPTOPP_ASSERT(false); /*throw 0;*/ throw Exception(Exception::OTHER_ERROR, "SimpleKeyingInterface: unexpected error");}
386 
387  //! \brief Key the cipher
388  //! \param params set of NameValuePairs use to initialize this object
389  //! \param key a byte array used to key the cipher
390  //! \param length the size of the key array
391  virtual void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length) =0;
392 
393  //! \brief Resynchronize the cipher
394  //! \param iv a byte array used to resynchronize the cipher
395  //! \param length the size of the IV array
396  virtual void CipherResynchronize(const byte *iv, size_t length)
397  {CRYPTOPP_UNUSED(iv); CRYPTOPP_UNUSED(length); throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
398 };
399 
400 //! \class CFB_CipherConcretePolicy
401 //! \brief Base class for feedback based stream ciphers
402 //! \tparam WT word type
403 //! \tparam W count of words
404 //! \tparam BASE CFB_CipherAbstractPolicy derived base class
405 template <typename WT, unsigned int W, class BASE = CFB_CipherAbstractPolicy>
406 struct CRYPTOPP_NO_VTABLE CFB_CipherConcretePolicy : public BASE
407 {
408  typedef WT WordType;
409 
410  //! \brief Provides data alignment requirements
411  //! \returns data alignment requirements, in bytes
412  //! \details Internally, the default implementation returns 1. If the stream cipher is implemented
413  //! using an SSE2 ASM or intrinsics, then the value returned is usually 16.
414  unsigned int GetAlignment() const {return sizeof(WordType);}
415 
416  //! \brief Provides number of bytes operated upon during an iteration
417  //! \returns bytes operated upon during an iteration, in bytes
418  //! \sa GetOptimalBlockSize()
419  unsigned int GetBytesPerIteration() const {return sizeof(WordType) * W;}
420 
421  //! \brief Flag indicating iteration support
422  //! \returns true if the cipher supports iteration, false otherwise
423  bool CanIterate() const {return true;}
424 
425  //! \brief Perform one iteration in the forward direction
426  void TransformRegister() {this->Iterate(NULL, NULL, ENCRYPTION, 1);}
427 
428  //! \brief
429  //! \tparam B enumeration indicating endianess
430  //! \details RegisterOutput() provides alternate access to the feedback register. The
431  //! enumeration B is BigEndian or LittleEndian. Repeatedly applying operator()
432  //! results in advancing in the register.
433  template <class B>
435  {
436  RegisterOutput(byte *output, const byte *input, CipherDir dir)
437  : m_output(output), m_input(input), m_dir(dir) {}
438 
439  //! \brief XOR feedback register with data
440  //! \param registerWord data represented as a word type
441  //! \returns reference to the next feedback register word
442  inline RegisterOutput& operator()(WordType &registerWord)
443  {
444  CRYPTOPP_ASSERT(IsAligned<WordType>(m_output));
445  CRYPTOPP_ASSERT(IsAligned<WordType>(m_input));
446 
447  if (!NativeByteOrderIs(B::ToEnum()))
448  registerWord = ByteReverse(registerWord);
449 
450  if (m_dir == ENCRYPTION)
451  {
452  if (m_input == NULL)
453  {
454  CRYPTOPP_ASSERT(m_output == NULL);
455  }
456  else
457  {
458  WordType ct = *(const WordType *)m_input ^ registerWord;
459  registerWord = ct;
460  *(WordType*)m_output = ct;
461  m_input += sizeof(WordType);
462  m_output += sizeof(WordType);
463  }
464  }
465  else
466  {
467  WordType ct = *(const WordType *)m_input;
468  *(WordType*)m_output = registerWord ^ ct;
469  registerWord = ct;
470  m_input += sizeof(WordType);
471  m_output += sizeof(WordType);
472  }
473 
474  // registerWord is left unreversed so it can be xor-ed with further input
475 
476  return *this;
477  }
478 
479  byte *m_output;
480  const byte *m_input;
481  CipherDir m_dir;
482  };
483 };
484 
485 //! \class CFB_CipherTemplate
486 //! \brief Base class for feedback based stream ciphers with SymmetricCipher interface
487 //! \tparam BASE AbstractPolicyHolder base class
488 template <class BASE>
489 class CRYPTOPP_NO_VTABLE CFB_CipherTemplate : public BASE
490 {
491 public:
492  //! \brief Apply keystream to data
493  //! \param outString a buffer to write the transformed data
494  //! \param inString a buffer to read the data
495  //! \param length the size fo the buffers, in bytes
496  //! \details This is the primary method to operate a stream cipher. For example:
497  //! <pre>
498  //! size_t size = 30;
499  //! byte plain[size] = "Do or do not; there is no try";
500  //! byte cipher[size];
501  //! ...
502  //! ChaCha20 chacha(key, keySize);
503  //! chacha.ProcessData(cipher, plain, size);
504  //! </pre>
505  void ProcessData(byte *outString, const byte *inString, size_t length);
506 
507  //! \brief Resynchronize the cipher
508  //! \param iv a byte array used to resynchronize the cipher
509  //! \param length the size of the IV array
510  void Resynchronize(const byte *iv, int length=-1);
511 
512  //! \brief Provides number of ideal bytes to process
513  //! \returns the ideal number of bytes to process
514  //! \details Internally, the default implementation returns GetBytesPerIteration()
515  //! \sa GetBytesPerIteration() and GetOptimalNextBlockSize()
516  unsigned int OptimalBlockSize() const {return this->GetPolicy().GetBytesPerIteration();}
517 
518  //! \brief Provides number of ideal bytes to process
519  //! \returns the ideal number of bytes to process
520  //! \details Internally, the default implementation returns remaining unprocessed bytes
521  //! \sa GetBytesPerIteration() and OptimalBlockSize()
522  unsigned int GetOptimalNextBlockSize() const {return (unsigned int)m_leftOver;}
523 
524  //! \brief Provides number of ideal data alignment
525  //! \returns the ideal data alignment, in bytes
526  //! \sa GetAlignment() and OptimalBlockSize()
527  unsigned int OptimalDataAlignment() const {return this->GetPolicy().GetAlignment();}
528 
529  //! \brief Flag indicating random access
530  //! \returns true if the cipher is seekable, false otherwise
531  //! \sa Seek()
532  bool IsRandomAccess() const {return false;}
533 
534  //! \brief Determines if the cipher is self inverting
535  //! \returns true if the stream cipher is self inverting, false otherwise
536  bool IsSelfInverting() const {return false;}
537 
538  typedef typename BASE::PolicyInterface PolicyInterface;
539 
540 protected:
541  virtual void CombineMessageAndShiftRegister(byte *output, byte *reg, const byte *message, size_t length) =0;
542 
543  void UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params);
544 
545  size_t m_leftOver;
546 };
547 
548 //! \class CFB_EncryptionTemplate
549 //! \brief Base class for feedback based stream ciphers in the forward direction with SymmetricCipher interface
550 //! \tparam BASE AbstractPolicyHolder base class
551 template <class BASE = AbstractPolicyHolder<CFB_CipherAbstractPolicy, SymmetricCipher> >
552 class CRYPTOPP_NO_VTABLE CFB_EncryptionTemplate : public CFB_CipherTemplate<BASE>
553 {
554  bool IsForwardTransformation() const {return true;}
555  void CombineMessageAndShiftRegister(byte *output, byte *reg, const byte *message, size_t length);
556 };
557 
558 //! \class CFB_DecryptionTemplate
559 //! \brief Base class for feedback based stream ciphers in the reverse direction with SymmetricCipher interface
560 //! \tparam BASE AbstractPolicyHolder base class
561 template <class BASE = AbstractPolicyHolder<CFB_CipherAbstractPolicy, SymmetricCipher> >
562 class CRYPTOPP_NO_VTABLE CFB_DecryptionTemplate : public CFB_CipherTemplate<BASE>
563 {
564  bool IsForwardTransformation() const {return false;}
565  void CombineMessageAndShiftRegister(byte *output, byte *reg, const byte *message, size_t length);
566 };
567 
568 //! \class CFB_RequireFullDataBlocks
569 //! \brief Base class for feedback based stream ciphers with a mandatory block size
570 //! \tparam BASE CFB_EncryptionTemplate or CFB_DecryptionTemplate base class
571 template <class BASE>
572 class CFB_RequireFullDataBlocks : public BASE
573 {
574 public:
575  unsigned int MandatoryBlockSize() const {return this->OptimalBlockSize();}
576 };
577 
578 //! \class SymmetricCipherFinal
579 //! \brief SymmetricCipher implementation
580 //! \tparam BASE AbstractPolicyHolder derived base class
581 //! \tparam INFO AbstractPolicyHolder derived information class
582 //! \sa Weak::ARC4, ChaCha8, ChaCha12, ChaCha20, Salsa20, SEAL, Sosemanuk, WAKE
583 template <class BASE, class INFO = BASE>
584 class SymmetricCipherFinal : public AlgorithmImpl<SimpleKeyingInterfaceImpl<BASE, INFO>, INFO>
585 {
586 public:
587  virtual ~SymmetricCipherFinal() {}
588 
589  //! \brief Construct a stream cipher
591 
592  //! \brief Construct a stream cipher
593  //! \param key a byte array used to key the cipher
594  //! \details This overload uses DEFAULT_KEYLENGTH
595  SymmetricCipherFinal(const byte *key)
596  {this->SetKey(key, this->DEFAULT_KEYLENGTH);}
597 
598  //! \brief Construct a stream cipher
599  //! \param key a byte array used to key the cipher
600  //! \param length the size of the key array
601  SymmetricCipherFinal(const byte *key, size_t length)
602  {this->SetKey(key, length);}
603 
604  //! \brief Construct a stream cipher
605  //! \param key a byte array used to key the cipher
606  //! \param length the size of the key array
607  //! \param iv a byte array used as an initialization vector
608  SymmetricCipherFinal(const byte *key, size_t length, const byte *iv)
609  {this->SetKeyWithIV(key, length, iv);}
610 
611  //! \brief Clone a SymmetricCipher
612  //! \returns a new SymmetricCipher based on this object
613  Clonable * Clone() const {return static_cast<SymmetricCipher *>(new SymmetricCipherFinal<BASE, INFO>(*this));}
614 };
615 
616 NAMESPACE_END
617 
618 #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
619 #include "strciphr.cpp"
620 #endif
621 
622 NAMESPACE_BEGIN(CryptoPP)
624 CRYPTOPP_DLL_TEMPLATE_CLASS AdditiveCipherTemplate<AbstractPolicyHolder<AdditiveCipherAbstractPolicy, SymmetricCipher> >;
625 CRYPTOPP_DLL_TEMPLATE_CLASS CFB_CipherTemplate<AbstractPolicyHolder<CFB_CipherAbstractPolicy, SymmetricCipher> >;
626 CRYPTOPP_DLL_TEMPLATE_CLASS CFB_EncryptionTemplate<AbstractPolicyHolder<CFB_CipherAbstractPolicy, SymmetricCipher> >;
627 CRYPTOPP_DLL_TEMPLATE_CLASS CFB_DecryptionTemplate<AbstractPolicyHolder<CFB_CipherAbstractPolicy, SymmetricCipher> >;
628 
629 NAMESPACE_END
630 
631 #if CRYPTOPP_MSC_VERSION
632 # pragma warning(pop)
633 #endif
634 
635 #endif
Base class for all exceptions thrown by the library.
Definition: cryptlib.h:140
Standard names for retrieving values by name when working with NameValuePairs.
virtual unsigned int GetOptimalBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:125
bool NativeByteOrderIs(ByteOrder order)
Determines whether order follows native byte ordering.
Definition: misc.h:993
Output buffer is aligned.
Definition: strciphr.h:80
SymmetricCipherFinal(const byte *key)
Construct a stream cipher.
Definition: strciphr.h:595
Input buffer is aligned.
Definition: strciphr.h:82
virtual void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
Definition: cryptlib.cpp:326
unsigned int GetBytesPerIteration() const
Provides number of bytes operated upon during an iteration.
Definition: strciphr.h:419
unsigned int GetAlignment() const
Provides data alignment requirements.
Definition: strciphr.h:196
Base class for feedback based stream ciphers.
Definition: strciphr.h:406
Base class for additive stream ciphers.
Definition: strciphr.h:186
virtual void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
Operates the keystream.
Definition: strciphr.h:151
XOR the input buffer and keystream, write to the aligned output buffer.
Definition: strciphr.h:100
XOR the input buffer and keystream, write to the output buffer.
Definition: strciphr.h:96
CipherDir
Specifies a direction for a cipher to operate.
Definition: cryptlib.h:104
Abstract base classes that provide a uniform interface to this library.
Base class for feedback based stream ciphers with SymmetricCipher interface.
Definition: strciphr.h:489
Some other error occurred not belonging to other categories.
Definition: cryptlib.h:159
Library configuration file.
Interface for random number generators.
Definition: cryptlib.h:1188
Wirte the keystream to the output buffer, input is NULL.
Definition: strciphr.h:92
SecBlock typedef.
Definition: secblock.h:731
Stream cipher policy object.
Definition: strciphr.h:66
Interface for cloning objects.
Definition: cryptlib.h:482
unsigned int OptimalBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:303
virtual void WriteKeystream(byte *keystream, size_t iterationCount)
Generate the keystream.
Definition: strciphr.h:135
Policy object for additive stream ciphers.
Definition: strciphr.h:106
the cipher is performing encryption
Definition: cryptlib.h:106
Classes and functions for secure memory allocations.
virtual unsigned int GetAlignment() const
Provides data alignment requirements.
Definition: strciphr.h:114
void TransformRegister()
Perform one iteration in the forward direction.
Definition: strciphr.h:426
bool IsAlignedOn(const void *ptr, unsigned int alignment)
Determines whether ptr is aligned to a minimum value.
Definition: misc.h:954
Input buffer is NULL.
Definition: strciphr.h:84
Base class for feedback based stream ciphers in the reverse direction with SymmetricCipher interface...
Definition: strciphr.h:562
unsigned int OptimalDataAlignment() const
Provides number of ideal data alignment.
Definition: strciphr.h:527
A method was called which was not implemented.
Definition: cryptlib.h:205
RegisterOutput & operator()(WordType &registerWord)
XOR feedback register with data.
Definition: strciphr.h:442
Classes and functions for implementing secret key algorithms.
bool IsSelfInverting() const
Determines if the cipher is self inverting.
Definition: strciphr.h:318
virtual void SeekToIteration(lword iterationCount)
Seeks to a random position in the stream.
Definition: strciphr.h:175
Interface for one direction (encryption or decryption) of a stream cipher or cipher mode...
Definition: cryptlib.h:1103
Base class for feedback based stream ciphers with a mandatory block size.
Definition: strciphr.h:572
Policy object for feeback based stream ciphers.
Definition: strciphr.h:350
bool CanIterate() const
Flag indicating iteration support.
Definition: strciphr.h:423
unsigned int GetAlignment() const
Provides data alignment requirements.
Definition: strciphr.h:414
Base class for feedback based stream ciphers in the forward direction with SymmetricCipher interface...
Definition: strciphr.h:552
Clonable * Clone() const
Clone a SymmetricCipher.
Definition: strciphr.h:613
SymmetricCipherFinal()
Construct a stream cipher.
Definition: strciphr.h:590
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Definition: trap.h:62
virtual bool CanIterate() const
Flag indicating iteration support.
Definition: strciphr.h:375
unsigned int OptimalBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:516
bool IsRandomAccess() const
Flag indicating random access.
Definition: strciphr.h:327
XOR the aligned input buffer and keystream, write to the aligned output buffer.
Definition: strciphr.h:102
unsigned int OptimalDataAlignment() const
Provides number of ideal data alignment.
Definition: strciphr.h:314
SymmetricCipherFinal(const byte *key, size_t length, const byte *iv)
Construct a stream cipher.
Definition: strciphr.h:608
unsigned int GetOptimalNextBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:309
unsigned int GetBytesPerIteration() const
Provides number of bytes operated upon during an iteration.
Definition: strciphr.h:202
bool IsForwardTransformation() const
Determines if the cipher is a forward transformation.
Definition: strciphr.h:322
virtual void CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
Resynchronize the cipher.
Definition: strciphr.h:164
virtual void Iterate(byte *output, const byte *input, CipherDir dir, size_t iterationCount)
Iterate the cipher.
Definition: strciphr.h:383
An Empty class.
Definition: misc.h:184
virtual bool CanOperateKeystream() const
Flag indicating.
Definition: strciphr.h:141
KeystreamOperation
Keystream operation flags.
Definition: strciphr.h:90
bool IsSelfInverting() const
Determines if the cipher is self inverting.
Definition: strciphr.h:536
SymmetricCipherFinal(const byte *key, size_t length)
Construct a stream cipher.
Definition: strciphr.h:601
unsigned int GetIterationsToBuffer() const
Provides buffer size based on iterations.
Definition: strciphr.h:206
virtual void CipherResynchronize(const byte *iv, size_t length)
Resynchronize the cipher.
Definition: strciphr.h:396
Crypto++ library namespace.
bool IsRandomAccess() const
Flag indicating random access.
Definition: strciphr.h:532
SymmetricCipher implementation.
Definition: strciphr.h:584
Wirte the keystream to the aligned output buffer, input is NULL.
Definition: strciphr.h:94
bool CanOperateKeystream() const
Flag indicating.
Definition: strciphr.h:211
unsigned int GetOptimalNextBlockSize() const
Provides number of ideal bytes to process.
Definition: strciphr.h:522
byte ByteReverse(byte value)
Reverses bytes in a 8-bit value.
Definition: misc.h:1663
Base class for additive stream ciphers with SymmetricCipher interface.
Definition: strciphr.h:267
Access a stream cipher policy object.
Definition: strciphr.h:50
XOR the aligned input buffer and keystream, write to the output buffer.
Definition: strciphr.h:98
KeystreamOperationFlags
Keystream operation flags.
Definition: strciphr.h:78
Interface for retrieving values given their names.
Definition: cryptlib.h:279
Base class for identifying alogorithm.
Definition: simple.h:38