Crypto++  7.0
Free C++ class library of cryptographic schemes
vmac.h
Go to the documentation of this file.
1 // vmac.h - originally written and placed in the public domain by Wei Dai
2 
3 /// \file vmac.h
4 /// \brief Classes for the VMAC message authentication code
5 /// \since Crypto++ 5.5
6 
7 #ifndef CRYPTOPP_VMAC_H
8 #define CRYPTOPP_VMAC_H
9 
10 #include "cryptlib.h"
11 #include "iterhash.h"
12 #include "seckey.h"
13 
14 // Clang 3.3 integrated assembler crash on Linux
15 // http://github.com/weidai11/cryptopp/issues/264
16 #if (defined(CRYPTOPP_LLVM_CLANG_VERSION) && (CRYPTOPP_LLVM_CLANG_VERSION < 30400)) || CRYPTOPP_BOOL_X32
17 # define CRYPTOPP_DISABLE_VMAC_ASM
18 #endif
19 
20 NAMESPACE_BEGIN(CryptoPP)
21 
22 /// \brief VMAC message authentication code base class
23 /// \since Crypto++ 5.5
25 {
26 public:
27  std::string AlgorithmName() const {return std::string("VMAC(") + GetCipher().AlgorithmName() + ")-" + IntToString(DigestSize()*8);}
28  unsigned int IVSize() const {return GetCipher().BlockSize();}
29  unsigned int MinIVLength() const {return 1;}
30  void Resynchronize(const byte *nonce, int length=-1);
31  void GetNextIV(RandomNumberGenerator &rng, byte *IV);
32  unsigned int DigestSize() const {return m_is128 ? 16 : 8;};
33  void UncheckedSetKey(const byte *userKey, unsigned int keylength, const NameValuePairs &params);
34  void TruncatedFinal(byte *mac, size_t size);
35  unsigned int BlockSize() const {return m_L1KeyLength;}
36  ByteOrder GetByteOrder() const {return LITTLE_ENDIAN_ORDER;}
37  unsigned int OptimalDataAlignment() const;
38 
39 protected:
40  virtual BlockCipher & AccessCipher() =0;
41  virtual int DefaultDigestSize() const =0;
42  const BlockCipher & GetCipher() const {return const_cast<VMAC_Base *>(this)->AccessCipher();}
43  void HashEndianCorrectedBlock(const word64 *data);
44  size_t HashMultipleBlocks(const word64 *input, size_t length);
45  void Init() {}
46  word64* StateBuf() {return NULLPTR;}
47  word64* DataBuf() {return (word64 *)(void*)m_data();}
48 
49  void VHASH_Update_SSE2(const word64 *data, size_t blocksRemainingInWord64, int tagPart);
50  template <bool T_128BitTag>
51  void VHASH_Update_Template(const word64 *data, size_t blockRemainingInWord128);
52  void VHASH_Update(const word64 *data, size_t blocksRemainingInWord128);
53 
54  CRYPTOPP_BLOCK_1(polyState, word64, 4*(m_is128+1))
55  CRYPTOPP_BLOCK_2(nhKey, word64, m_L1KeyLength/sizeof(word64) + 2*m_is128)
56  CRYPTOPP_BLOCK_3(data, byte, m_L1KeyLength)
57  CRYPTOPP_BLOCK_4(l3Key, word64, 2*(m_is128+1))
58  CRYPTOPP_BLOCK_5(nonce, byte, IVSize())
59  CRYPTOPP_BLOCK_6(pad, byte, IVSize())
60  CRYPTOPP_BLOCKS_END(6)
61 
62  bool m_is128, m_padCached, m_isFirstBlock;
63  unsigned int m_L1KeyLength;
64 };
65 
66 /// \brief VMAC message authentication code
67 /// \tparam T_BlockCipher block cipher
68 /// \tparam T_DigestBitSize digest size, in bits
69 /// \details VMAC is a block cipher-based message authentication code algorithm
70 /// using a universal hash proposed by Ted Krovetz and Wei Dai in April 2007. The
71 /// algorithm was designed for high performance backed by a formal analysis.
72 /// \details The implementation is based on Ted Krovetz's public domain vmac.c
73 /// and <a href="http://tools.ietf.org/html/draft-krovetz-vmac-01">draft-krovetz-vmac-01.txt</a>.
74 /// \sa <a href="http://www.cryptolounge.org/wiki/VMAC">VMAC</a>.
75 /// \since Crypto++ 5.5
76 template <class T_BlockCipher, int T_DigestBitSize = 128>
77 class VMAC : public SimpleKeyingInterfaceImpl<VMAC_Base, SameKeyLengthAs<T_BlockCipher, SimpleKeyingInterface::UNIQUE_IV, T_BlockCipher::BLOCKSIZE> >
78 {
79 public:
80  static std::string StaticAlgorithmName() {return std::string("VMAC(") + T_BlockCipher::StaticAlgorithmName() + ")-" + IntToString(T_DigestBitSize);}
81 
82 private:
83  BlockCipher & AccessCipher() {return m_cipher;}
84  int DefaultDigestSize() const {return T_DigestBitSize/8;}
85  typename T_BlockCipher::Encryption m_cipher;
86 };
87 
88 NAMESPACE_END
89 
90 #endif
VMAC message authentication code.
Definition: vmac.h:77
const char * DigestSize()
int, in bytes
Definition: argnames.h:79
Interface for message authentication codes.
Definition: cryptlib.h:1245
ByteOrder
Provides the byte ordering.
Definition: cryptlib.h:140
unsigned int MinIVLength() const
Provides the minimum size of an IV.
Definition: vmac.h:29
VMAC message authentication code base class.
Definition: vmac.h:24
Provides a base implementation of SimpleKeyingInterface.
Definition: seckey.h:280
Abstract base classes that provide a uniform interface to this library.
Interface for random number generators.
Definition: cryptlib.h:1330
std::string AlgorithmName() const
Provides the name of this algorithm.
Definition: vmac.h:27
unsigned int BlockSize() const
Provides the block size of the compression function.
Definition: vmac.h:35
byte order is little-endian
Definition: cryptlib.h:142
Interface for one direction (encryption or decryption) of a block cipher.
Definition: cryptlib.h:1229
unsigned int IVSize() const
Returns length of the IV accepted by this object.
Definition: vmac.h:28
Classes and functions for implementing secret key algorithms.
const char * IV()
ConstByteArrayParameter, also accepts const byte * for backwards compatibility.
Definition: argnames.h:21
Iterated hash base class.
Definition: iterhash.h:39
unsigned int DigestSize() const
Provides the digest size of the hash.
Definition: vmac.h:32
std::string IntToString(T value, unsigned int base=10)
Converts a value to a string.
Definition: misc.h:576
Crypto++ library namespace.
Interface for retrieving values given their names.
Definition: cryptlib.h:290