include/cryptopp/dmac.h

0001 // dmac.h - originally written and placed in the public domain by Wei Dai

0002
0003 /// \file dmac.h

0004 /// \brief Classes for DMAC message authentication code

0005
0006 #ifndef CRYPTOPP_DMAC_H
0007 #define CRYPTOPP_DMAC_H
0008
0009 #include "cbcmac.h"
0010
0011 NAMESPACE_BEGIN(CryptoPP)
0012
0013 /// \brief DMAC message authentication code base class

0014 /// \tparam T class derived from BlockCipherDocumentation

0015 /// \since Crypto++ 3.1

0016 template <class T>
0017 class CRYPTOPP_NO_VTABLE DMAC_Base : public SameKeyLengthAs<T>, public MessageAuthenticationCode
0018 {
0019 public:
0020     CRYPTOPP_CONSTANT(DIGESTSIZE=T::BLOCKSIZE);
0021     static std::string StaticAlgorithmName() {return std::string("DMAC(") + T::StaticAlgorithmName() + ")";}
0022
0023     virtual~DMAC_Base() {}
0024     DMAC_Base() : m_subkeylength(0), m_counter(0) {}
0025
0026     void UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params);
0027     void Update(const byte *input, size_t length);
0028     void TruncatedFinal(byte *mac, size_t size);
0029     unsigned int DigestSize() const {return DIGESTSIZE;}
0030
0031     std::string AlgorithmProvider() const;
0032
0033 private:
0034     byte *GenerateSubKeys(const byte *key, size_t keylength);
0035
0036     size_t m_subkeylength;
0037     SecByteBlock m_subkeys;
0038     CBC_MAC<T> m_mac1;
0039     typename T::Encryption m_f2;
0040     unsigned int m_counter;
0041 };
0042
0043 template <class T>
0044 std::string DMAC_Base<T>::AlgorithmProvider() const
0045 {
0046     return m_f2.AlgorithmProvider();
0047 }
0048
0049 /// \brief DMAC message authentication code

0050 /// \tparam T class derived from BlockCipherDocumentation

0051 /// \sa <A HREF="https://eprint.iacr.org/1997/010">CBC MAC for Real-Time Data Sources (08.15.1997)</A>

0052 ///   by Erez Petrank and Charles Rackoff

0053 /// \since Crypto++ 3.1

0054 template <class T>
0055 class DMAC : public MessageAuthenticationCodeFinal<DMAC_Base<T> >
0056 {
0057 public:
0058     /// \brief Construct a DMAC

0059     DMAC() {}
0060
0061     /// \brief Construct a DMAC

0062     /// \param key a byte array used to key the cipher

0063     /// \param length the size of the byte array, in bytes

0064     DMAC(const byte *key, size_t length=DMAC_Base<T>::DEFAULT_KEYLENGTH)
0065         {this->SetKey(key, length);}
0066 };
0067
0068 template <class T>
0069 void DMAC_Base<T>::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params)
0070 {
0071     m_subkeylength = T::StaticGetValidKeyLength(T::BLOCKSIZE);
0072     m_subkeys.resize(2*UnsignedMin((unsigned int)T::BLOCKSIZE, m_subkeylength));
0073     m_mac1.SetKey(GenerateSubKeys(key, length), m_subkeylength, params);
0074     m_f2.SetKey(m_subkeys+m_subkeys.size()/2, m_subkeylength, params);
0075     m_counter = 0;
0076     m_subkeys.resize(0);
0077 }
0078
0079 template <class T>
0080 void DMAC_Base<T>::Update(const byte *input, size_t length)
0081 {
0082     m_mac1.Update(input, length);
0083     m_counter = (unsigned int)((m_counter + length) % T::BLOCKSIZE);
0084 }
0085
0086 template <class T>
0087 void DMAC_Base<T>::TruncatedFinal(byte *mac, size_t size)
0088 {
0089     ThrowIfInvalidTruncatedSize(size);
0090
0091     byte pad[T::BLOCKSIZE];
0092     byte padByte = byte(T::BLOCKSIZE-m_counter);
0093     std::memset(pad, padByte, padByte);
0094     m_mac1.Update(pad, padByte);
0095     m_mac1.TruncatedFinal(mac, size);
0096     m_f2.ProcessBlock(mac);
0097
0098     m_counter = 0;  // reset for next message

0099 }
0100
0101 template <class T>
0102 byte *DMAC_Base<T>::GenerateSubKeys(const byte *key, size_t keylength)
0103 {
0104     typename T::Encryption cipher(key, keylength);
0105     std::memset(m_subkeys, 0, m_subkeys.size());
0106     cipher.ProcessBlock(m_subkeys);
0107     m_subkeys[m_subkeys.size()/2 + T::BLOCKSIZE - 1] = 1;
0108     cipher.ProcessBlock(m_subkeys+m_subkeys.size()/2);
0109     return m_subkeys;
0110 }
0111
0112 NAMESPACE_END
0113
0114 #endif