Symmetric block cipher. More...

#include <cipher.h>

Public Types
enum	Type { aes_gcm_type =1000 , aes_ccm_type =2000 }

Public Member Functions
	Cipher (Type type, const void *key_loc, int key_len, int=16)
	Create a cipher. More...

	Cipher (Type type, const std::vector< char > &key, int tag_len=16)

	Cipher (Type type, const std::string &key, int tag_len=16)

	Cipher (const Cipher &)=delete

Cipher &	operator= (const Cipher &)=delete

	Cipher (Cipher &&other)

Cipher &	operator= (Cipher &&other)

size_t	nonce_min () const

size_t	nonce_max () const

void	reset (const void nonce_loc, int nonce_len, const void aad_loc=nullptr, int aad_len=0)
	Reset the processor to prepare to encrypt or decrypt a new message. More...

void	aad (const void *aad_loc, int aad_len)
	Set additional authenticated data (for GCM type only). More...

void	encrypt (const void msg_loc, int msg_len, void cipher_loc, int cipher_len)
	Encrypt a message. More...

void	decrypt (const void cipher_loc, int cipher_len, void msg_loc, int msg_len)
	Decrypt a message. More...

void	auth_tag (char *tag_loc, int tag_len)
	Gets the authentication tag. More...

Detailed Description

Symmetric block cipher.

A symmetric block cipher with fix bit width.

Definition at line 96 of file cipher.h.

Constructor & Destructor Documentation

◆ Cipher()

scc::crypto::Cipher::Cipher	(	Type	type,
		const void *	key_loc,
		int	key_len,
		int	= `16`
	)

Create a cipher.

Parameters

type	Cipher type
key_loc	Key buffer
key_len	Key size, must be 16, 24, or 32 bytes
tag_len	Auth tag length, must be specified during creation only for ccm (between 4 and 16 and even).

TLS_AES_128_GCM_SHA256 has key size 16 TLS_AES_256_GCM_SHA384 has key size 32 TLS_AES_128_CCM_SHA256 has key size 16, and tag_len 16

https://tools.ietf.org/html/rfc5116

Note for

AEAD_AES_128_GCM (used in TLS_AES_128_GCM_SHA256) has key 16, tag 16, nonce 12 Ciphertext is Encrypted Plaintext + tag (16 bytes longer than plaintext)

AEAD_AES_256_GCM (used in TLS_AES_256_GCM_SHA384) has key 32, tag 16, nonce 12 Ciphertext is Encrypted Plaintext + tag (16 bytes longer than plaintext)

AEAD_AES_256_GCM (used in TLS_AES_128_CCM_SHA256) has key 16, tag 16, nonce 12 Ciphertext is Encrypted Plaintext + tag (16 bytes longer than plaintext)

Symmetric block cipher, of either aes_gcm_type, or aes_ccm_type.

Member Function Documentation

◆ aad()

void scc::crypto::Cipher::aad	(	const void *	aad_loc,
		int	aad_len
	)

inline

Set additional authenticated data (for GCM type only).

This must be called after reset(), but before and data is encrypted or decrypted. Can be called multiple times.

TLS_AES_128_GCM_SHA256 and TLS_AES_256_GCM_SHA384 specifies max aad as 2^61 - 1 TLS_AES_128_CCM_SHA256 specifies max aad as 2^64 - 1

Definition at line 204 of file cipher.h.

◆ auth_tag()

void scc::crypto::Cipher::auth_tag	(	char *	tag_loc,
		int	tag_len
	)

inline

Gets the authentication tag.

This validates the message and additional data.

Parameters

tag_loc	Tag buffer
tag_len	Tag buffer size

Size can be to be 1 <= tag_len <= 16 for GCM Size must be be the constructed tag_len for CCM

Definition at line 248 of file cipher.h.

◆ decrypt()

void scc::crypto::Cipher::decrypt	(	const void *	cipher_loc,
		int	cipher_len,
		void *	msg_loc,
		int	msg_len
	)

inline

Decrypt a message.

Parameters

cipher_loc	Ciphertext message buffer
cipher_len	Ciphertext message size
msg_loc	Plaintext message buffer
msg_len	Plaintext message size (must be >= cipher_len)

Resulting plaintext must be the same length as ciphertext.

Can call multiple times to continue decrypting a single message.

Definition at line 236 of file cipher.h.

◆ encrypt()

void scc::crypto::Cipher::encrypt	(	const void *	msg_loc,
		int	msg_len,
		void *	cipher_loc,
		int	cipher_len
	)

inline

Encrypt a message.

Parameters

msg_loc	Plaintext message buffer
msg_len	Plaintext message size
cipher_loc	Ciphertext message buffer
cipher_len	Ciphertext buffer size (must be >= msg_len)

Resulting ciphertext must be the same length as plaintext.

Can call multiple times to continue encrypting a single message.

Definition at line 220 of file cipher.h.

◆ reset()

void scc::crypto::Cipher::reset	(	const void *	nonce_loc,
		int	nonce_len,
		const void *	aad_loc = `nullptr`,
		int	aad_len = `0`
	)

inline

Reset the processor to prepare to encrypt or decrypt a new message.

Parameters

nonce_loc	Initialization buffer
nonce_len	Initialization buffer size
data_len	Data length

Nonce is an initialization vector, generally a random byte sequence. The nonce must be between 8 and 12 for CCM, and greater than 1 for GCM.

TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_AES_128_CCM_SHA256 specify nonce size 12.

Additional authenticated data can be specified, which is authenticated but not encrypted or decrypted.

The total message length must be specified. Encrypt and decrypt will be called until the entire message is processed.

TLS_AES_128_GCM_SHA256 and TLS_AES_256_GCM_SHA384 specifies max msg_len as 2^36 - 31 TLS_AES_128_CCM_SHA256 specifies max msg_len as 2^24 - 1

Definition at line 191 of file cipher.h.

The documentation for this class was generated from the following file:

crypto/pub/crypto/cipher.h

Public Types

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ Cipher()

Member Function Documentation

◆ aad()

◆ auth_tag()

◆ decrypt()

◆ encrypt()

◆ reset()