randombit/botan | Build 24014286417 | source/src/lib/modes/cfb/cfb.cpp | Coveralls

17

CFB_Mode::CFB_Mode(std::unique_ptr<BlockCipher> cipher, size_t feedback_bits) :

705✔

18

      m_cipher(std::move(cipher)),

705✔

19

      m_block_size(m_cipher->block_size()),

705✔

20

      m_feedback_bytes(feedback_bits != 0 ? feedback_bits / 8 : m_block_size) {

705✔

21

   if(feedback_bits % 8 != 0 || feedback() > m_block_size) {

705✔

24

705✔

26

void CFB_Mode::clear() {

158✔

27

   m_cipher->clear();

158✔

28

   m_keystream.clear();

158✔

29

   reset();

158✔

30

158✔

32

void CFB_Mode::reset() {

474✔

33

   m_state.clear();

474✔

34

   zeroise(m_keystream);

474✔

35

   m_keystream_pos = 0;

474✔

36

474✔

38

std::string CFB_Mode::name() const {

948✔

39

   if(feedback() == cipher().block_size()) {

948✔

40

      return fmt("{}/CFB", cipher().name());

396✔

42

      return fmt("{}/CFB({})", cipher().name(), feedback() * 8);

552✔

46

size_t CFB_Mode::output_length(size_t input_length) const {

158✔

47

   return input_length;

158✔

50

size_t CFB_Mode::update_granularity() const {

553✔

51

   return feedback();

553✔

54

size_t CFB_Mode::ideal_granularity() const {

478✔

56

   return 16 * feedback();

478✔

59

size_t CFB_Mode::minimum_final_size() const {

160✔

60

   return 0;

160✔

63

Key_Length_Specification CFB_Mode::key_spec() const {

1,090✔

64

   return cipher().key_spec();

1,090✔

67

size_t CFB_Mode::default_nonce_length() const {

466✔

68

   return block_size();

466✔

71

bool CFB_Mode::valid_nonce_length(size_t n) const {

2,182✔

72

   return (n == 0 || n == block_size());

2,152✔

75

bool CFB_Mode::has_keying_material() const {

5,790✔

76

   return m_cipher->has_keying_material();

5,790✔

79

void CFB_Mode::key_schedule(std::span<const uint8_t> key) {

784✔

80

   m_cipher->set_key(key);

784✔

81

   m_keystream.resize(m_cipher->block_size());

784✔

82

784✔

84

void CFB_Mode::start_msg(const uint8_t nonce[], size_t nonce_len) {

1,840✔

85

   if(!valid_nonce_length(nonce_len)) {

1,840✔

86

      throw Invalid_IV_Length(name(), nonce_len);

316✔

89

   assert_key_material_set();

1,682✔

91

   if(nonce_len == 0) {

1,682✔

92

      if(m_state.empty()) {

30✔

97

      m_state.assign(nonce, nonce + nonce_len);

1,652✔

98

      cipher().encrypt(m_state, m_keystream);

1,652✔

99

      m_keystream_pos = 0;

1,652✔

101

1,682✔

103

void CFB_Mode::shift_register() {

7,921✔

104

   const size_t shift = feedback();

7,921✔

105

   const size_t carryover = block_size() - shift;

7,921✔

107

   if(carryover > 0) {

7,921✔

108

      copy_mem(m_state.data(), &m_state[shift], carryover);

4,296✔

110

   copy_mem(&m_state[carryover], m_keystream.data(), shift);

7,921✔

111

   cipher().encrypt(m_state, m_keystream);

7,921✔

112

   m_keystream_pos = 0;

7,921✔

113

7,921✔

115

size_t CFB_Encryption::process_msg(uint8_t buf[], size_t sz) {

1,765✔

116

   assert_key_material_set();

1,765✔

117

   BOTAN_STATE_CHECK(m_state.empty() == false);

1,449✔

119

   const size_t shift = feedback();

1,291✔

121

   size_t left = sz;

1,291✔

123

   if(m_keystream_pos != 0) {

1,291✔

124

      const size_t take = std::min<size_t>(left, shift - m_keystream_pos);

13✔

126

      xor_buf(m_keystream.data() + m_keystream_pos, buf, take);

13✔

127

      copy_mem(buf, m_keystream.data() + m_keystream_pos, take);

13✔

129

      m_keystream_pos += take;

13✔

130

      left -= take;

13✔

131

      buf += take;

13✔

133

      if(m_keystream_pos == shift) {

13✔

134

         shift_register();

10✔

138

   while(left >= shift) {

4,734✔

139

      xor_buf(m_keystream.data(), buf, shift);

3,443✔

140

      copy_mem(buf, m_keystream.data(), shift);

3,443✔

142

      left -= shift;

3,443✔

143

      buf += shift;

3,443✔

144

      shift_register();

3,443✔

147

   if(left > 0) {

1,291✔

148

      xor_buf(m_keystream.data(), buf, left);

147✔

149

      copy_mem(buf, m_keystream.data(), left);

147✔

150

      m_keystream_pos += left;

147✔

153

   return sz;

1,291✔

156

void CFB_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset) {

767✔

157

   update(buffer, offset);

767✔

158

530✔

162

inline void xor_copy(uint8_t buf[], uint8_t key_buf[], size_t len) {

4,726✔

163

   for(size_t i = 0; i != len; ++i) {

44,141✔

164

      const uint8_t k = key_buf[i];

39,415✔

165

      key_buf[i] = buf[i];

39,415✔

166

      buf[i] ^= k;

39,415✔

172

size_t CFB_Decryption::process_msg(uint8_t buf[], size_t sz) {

1,869✔

173

   assert_key_material_set();

1,869✔

174

   BOTAN_STATE_CHECK(m_state.empty() == false);

1,553✔

176

   const size_t shift = feedback();

1,395✔

178

   size_t left = sz;

1,395✔

180

   if(m_keystream_pos != 0) {

1,395✔

181

      const size_t take = std::min<size_t>(left, shift - m_keystream_pos);

13✔

183

      xor_copy(buf, m_keystream.data() + m_keystream_pos, take);

13✔

185

      m_keystream_pos += take;

13✔

186

      left -= take;

13✔

187

      buf += take;

13✔

189

      if(m_keystream_pos == shift) {

13✔

190

         shift_register();

10✔

194

   while(left >= shift) {

5,853✔

195

      xor_copy(buf, m_keystream.data(), shift);

4,458✔

196

      left -= shift;

4,458✔

197

      buf += shift;

4,458✔

198

      shift_register();

4,458✔

201

   if(left > 0) {

1,395✔

202

      xor_copy(buf, m_keystream.data(), left);

255✔

203

      m_keystream_pos += left;

255✔

206

   return sz;

1,395✔

209

void CFB_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset) {

767✔

210

   update(buffer, offset);

767✔

211

530✔

randombit / botan / 24014286417

Source File
Press 'n' to go to next uncovered line, 'b' for previous

1	/*
2	* CFB Mode
3	* (C) 1999-2007,2013,2017 Jack Lloyd
4	* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/internal/cfb.h>
10
11	#include <botan/exceptn.h>
12	#include <botan/mem_ops.h>
13	#include <botan/internal/fmt.h>
14
15	namespace Botan {
16
17	CFB_Mode::CFB_Mode(std::unique_ptr<BlockCipher> cipher, size_t feedback_bits) :	705✔
18	m_cipher(std::move(cipher)),	705✔
19	m_block_size(m_cipher->block_size()),	705✔
20	m_feedback_bytes(feedback_bits != 0 ? feedback_bits / 8 : m_block_size) {	705✔
21	if(feedback_bits % 8 != 0 \|\| feedback() > m_block_size) {	705✔
22	throw Invalid_Argument(fmt("{} does not support feedback bits of {}", name(), feedback_bits));	×
23	}
24	}	705✔
25
26	void CFB_Mode::clear() {	158✔
27	m_cipher->clear();	158✔
28	m_keystream.clear();	158✔
29	reset();	158✔
30	}	158✔
31
32	void CFB_Mode::reset() {	474✔
33	m_state.clear();	474✔
34	zeroise(m_keystream);	474✔
35	m_keystream_pos = 0;	474✔
36	}	474✔
37
38	std::string CFB_Mode::name() const {	948✔
39	if(feedback() == cipher().block_size()) {	948✔
40	return fmt("{}/CFB", cipher().name());	396✔
41	} else {
42	return fmt("{}/CFB({})", cipher().name(), feedback() * 8);	552✔
43	}
44	}
45
46	size_t CFB_Mode::output_length(size_t input_length) const {	158✔
47	return input_length;	158✔
48	}
49
50	size_t CFB_Mode::update_granularity() const {	553✔
51	return feedback();	553✔
52	}
53
54	size_t CFB_Mode::ideal_granularity() const {	478✔
55	// Multiplier here is arbitrary
56	return 16 * feedback();	478✔
57	}
58
59	size_t CFB_Mode::minimum_final_size() const {	160✔
60	return 0;	160✔
61	}
62
63	Key_Length_Specification CFB_Mode::key_spec() const {	1,090✔
64	return cipher().key_spec();	1,090✔
65	}
66
67	size_t CFB_Mode::default_nonce_length() const {	466✔
68	return block_size();	466✔
69	}
70
71	bool CFB_Mode::valid_nonce_length(size_t n) const {	2,182✔
72	return (n == 0 \|\| n == block_size());	2,152✔
73	}
74
75	bool CFB_Mode::has_keying_material() const {	5,790✔
76	return m_cipher->has_keying_material();	5,790✔
77	}
78
79	void CFB_Mode::key_schedule(std::span<const uint8_t> key) {	784✔
80	m_cipher->set_key(key);	784✔
81	m_keystream.resize(m_cipher->block_size());	784✔
82	}	784✔
83
84	void CFB_Mode::start_msg(const uint8_t nonce[], size_t nonce_len) {	1,840✔
85	if(!valid_nonce_length(nonce_len)) {	1,840✔
86	throw Invalid_IV_Length(name(), nonce_len);	316✔
87	}
88
89	assert_key_material_set();	1,682✔
90
91	if(nonce_len == 0) {	1,682✔
92	if(m_state.empty()) {	30✔
93	throw Invalid_State("CFB requires a non-empty initial nonce");	×
94	}
95	// No reason to encrypt state->keystream_buf, because no change
96	} else {
97	m_state.assign(nonce, nonce + nonce_len);	1,652✔
98	cipher().encrypt(m_state, m_keystream);	1,652✔
99	m_keystream_pos = 0;	1,652✔
100	}
101	}	1,682✔
102
103	void CFB_Mode::shift_register() {	7,921✔
104	const size_t shift = feedback();	7,921✔
105	const size_t carryover = block_size() - shift;	7,921✔
106
107	if(carryover > 0) {	7,921✔
108	copy_mem(m_state.data(), &m_state[shift], carryover);	4,296✔
109	}
110	copy_mem(&m_state[carryover], m_keystream.data(), shift);	7,921✔
111	cipher().encrypt(m_state, m_keystream);	7,921✔
112	m_keystream_pos = 0;	7,921✔
113	}	7,921✔
114
115	size_t CFB_Encryption::process_msg(uint8_t buf[], size_t sz) {	1,765✔
116	assert_key_material_set();	1,765✔
117	BOTAN_STATE_CHECK(m_state.empty() == false);	1,449✔
118
119	const size_t shift = feedback();	1,291✔
120
121	size_t left = sz;	1,291✔
122
123	if(m_keystream_pos != 0) {	1,291✔
124	const size_t take = std::min<size_t>(left, shift - m_keystream_pos);	13✔
125
126	xor_buf(m_keystream.data() + m_keystream_pos, buf, take);	13✔
127	copy_mem(buf, m_keystream.data() + m_keystream_pos, take);	13✔
128
129	m_keystream_pos += take;	13✔
130	left -= take;	13✔
131	buf += take;	13✔
132
133	if(m_keystream_pos == shift) {	13✔
134	shift_register();	10✔
135	}
136	}
137
138	while(left >= shift) {	4,734✔
139	xor_buf(m_keystream.data(), buf, shift);	3,443✔
140	copy_mem(buf, m_keystream.data(), shift);	3,443✔
141
142	left -= shift;	3,443✔
143	buf += shift;	3,443✔
144	shift_register();	3,443✔
145	}
146
147	if(left > 0) {	1,291✔
148	xor_buf(m_keystream.data(), buf, left);	147✔
149	copy_mem(buf, m_keystream.data(), left);	147✔
150	m_keystream_pos += left;	147✔
151	}
152
153	return sz;	1,291✔
154	}
155
156	void CFB_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset) {	767✔
157	update(buffer, offset);	767✔
158	}	530✔
159
160	namespace {
161
162	inline void xor_copy(uint8_t buf[], uint8_t key_buf[], size_t len) {	4,726✔
163	for(size_t i = 0; i != len; ++i) {	44,141✔
164	const uint8_t k = key_buf[i];	39,415✔
165	key_buf[i] = buf[i];	39,415✔
166	buf[i] ^= k;	39,415✔
167	}
168	}
169
170	} // namespace
171
172	size_t CFB_Decryption::process_msg(uint8_t buf[], size_t sz) {	1,869✔
173	assert_key_material_set();	1,869✔
174	BOTAN_STATE_CHECK(m_state.empty() == false);	1,553✔
175
176	const size_t shift = feedback();	1,395✔
177
178	size_t left = sz;	1,395✔
179
180	if(m_keystream_pos != 0) {	1,395✔
181	const size_t take = std::min<size_t>(left, shift - m_keystream_pos);	13✔
182
183	xor_copy(buf, m_keystream.data() + m_keystream_pos, take);	13✔
184
185	m_keystream_pos += take;	13✔
186	left -= take;	13✔
187	buf += take;	13✔
188
189	if(m_keystream_pos == shift) {	13✔
190	shift_register();	10✔
191	}
192	}
193
194	while(left >= shift) {	5,853✔
195	xor_copy(buf, m_keystream.data(), shift);	4,458✔
196	left -= shift;	4,458✔
197	buf += shift;	4,458✔
198	shift_register();	4,458✔
199	}
200
201	if(left > 0) {	1,395✔
202	xor_copy(buf, m_keystream.data(), left);	255✔
203	m_keystream_pos += left;	255✔
204	}
205
206	return sz;	1,395✔
207	}
208
209	void CFB_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset) {	767✔
210	update(buffer, offset);	767✔
211	}	530✔
212
213	} // namespace Botan

randombit / botan / 24014286417

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous