#include <cCipherWrap.h>

Public Member Functions
	cCipherWrap ()

	~cCipherWrap ()

HRESULT	SetCipherType (bool bEncodeMode, const cCipherTypeDef pCipherTypeDef, const void pKeyData)

void	SetZeroCipher ()

HRESULT	SetCipherKey (const void *pKeyData, size_t nSizeKey)

HRESULT	SetCipherIV (const BYTE *pIV, size_t nSizeIV)

void	ResetCipher ()

HRESULT	UpdateCipher (BYTE pOutput, const BYTE pInput, size_t nInputSize)

HRESULT	FinishCipher (BYTE pOutput, size_t nOutputSize)

size_t	get_BlockAlignSize () const

CIPHER_BLOCK_TYPE	get_CipherMode () const

size_t	get_CipherIVSize () const

HRESULT	CipherCrypt (BYTE pOutput, const BYTE pInput, size_t nInputSize, const BYTE *pIV, size_t nSizeIV)

HRESULT	put_CBCPadding (const cCipherPadding *pPadding=nullptr)

HRESULT	WriteGCMTag (BYTE *pTag, size_t nSizeTag)

HRESULT	CheckGCMTag (const BYTE *pTag, size_t nSizeTag)

HRESULT	AuthEncrypt (BYTE pOutput, const BYTE pInput, size_t nInputSize, const BYTE pIV, size_t nSizeIV, const BYTE pAdd, size_t nSizeAdd, BYTE *pTag, size_t nSizeTag)

HRESULT	AuthDecrypt (BYTE pOutput, const BYTE pInput, size_t nInputSize, const BYTE pIV, size_t nSizeIV, const BYTE pAdd, size_t nSizeAdd, const BYTE *pTag, size_t nSizeTag)

	UNITTEST_FRIEND (cCipherWrap)

Public Attributes
const cCipherTypeDef *	m_pCipherTypeDef
	Information about the associated SSL_Cipher_TYPE. More...

cNewPtr< cCipherBase >	m_pCryptBase
	e.g. cCipherBase created from m_pCipherTypeDef, e.g. cCipherCCM, cCipherGCM More...

size_t	m_nSizeKey
	Key length to use (if variable) More...

bool	m_bEncodeMode
	Operation that the m_pCryptBase has been initialized for. More...

const cCipherPadding *	m_pCBCPadding
	What Padding functions to use, if using CIPHER_BLOCK_CBC. More...

BYTE	m_Unprocessed [k_MAX_BLOCK_LENGTH]
	Buffer for data that hasn't been encrypted yet. didn't fit in block. More...

size_t	m_nSizeUnprocessed
	Number of bytes that still need processing. More...

BYTE	m_iv [k_MAX_IV_LENGTH]
	Current IV or NONCE_COUNTER for CTR-mode. More...

size_t	m_nSizeIV
	IV size in bytes (for ciphers with variable-length IVs) More...

Static Public Attributes
static const size_t	k_MAX_BLOCK_LENGTH = 16
	Maximum block size of any cipher, in bytes. More...

static const size_t	k_MAX_IV_LENGTH = 16
	Maximum length of any IV, in bytes. More...

Detailed Description

Wrap a Generic cCipherBase. SSL_Cipher_TYPE

Constructor & Destructor Documentation

◆ cCipherWrap()

GrayLib::cCipherWrap::cCipherWrap ( )

inline

◆ ~cCipherWrap()

GrayLib::cCipherWrap::~cCipherWrap ( )

inline

Member Function Documentation

◆ AuthDecrypt()

HRESULT GrayLib::cCipherWrap::AuthDecrypt	(	BYTE *	pOutput,
		const BYTE *	pInput,
		size_t	nInputSize,
		const BYTE *	pIV,
		size_t	nSizeIV,
		const BYTE *	pAdd,
		size_t	nSizeAdd,
		const BYTE *	pTag,
		size_t	nSizeTag
	)

Generic authenticated Packet-oriented decryption (AEAD ciphers). CIPHER_BLOCK_CCM or CIPHER_BLOCK_GCM

pOutput = buffer for the output data. Should be able to hold at least nInputSize.
pInput = buffer holding the input data
nInputSize = length of the input data
pIV = IV to use (or NONCE_COUNTER for CTR-mode ciphers)
nSizeIV = IV length for ciphers with variable-size IV; discarded by ciphers with fixed-size IV.
pAdd = Additional data to be authenticated.
nSizeAdd = Length of pAdd.
pTag = buffer holding the authentication tag
nSizeTag = length of the authentication tag
Returns
0 on success, < 0 = error HRESULT_WIN32_C(ERROR_NOT_AUTHENTICATED) if data isn't authentic,

Note
If the data is not authentic, then the output buffer is zeroed out to prevent the unauthentic plaintext to be used by mistake, making this interface safer.

◆ AuthEncrypt()

HRESULT GrayLib::cCipherWrap::AuthEncrypt	(	BYTE *	pOutput,
		const BYTE *	pInput,
		size_t	nInputSize,
		const BYTE *	pIV,
		size_t	nSizeIV,
		const BYTE *	pAdd,
		size_t	nSizeAdd,
		BYTE *	pTag,
		size_t	nSizeTag
	)

Packet-oriented encryption for AEAD modes. CIPHER_BLOCK_CCM or CIPHER_BLOCK_GCM

Generic authenticated encryption (AEAD ciphers).

pOutput = buffer for the output data. Should be able to hold at least nInputSize.
pInput = buffer holding the input data
nInputSize = length of the input data
pIV = IV to use (or NONCE_COUNTER for CTR-mode ciphers)
nSizeIV = IV length for ciphers with variable-size IV; discarded by ciphers with fixed-size IV.
pAdd = Additional data to authenticate.
nSizeAdd = Length of pAdd.
pTag = buffer for the authentication tag
nSizeTag = desired tag length
Returns
0 on success, or <0 = error

◆ CheckGCMTag()

HRESULT GrayLib::cCipherWrap::CheckGCMTag	(	const BYTE *	pTag,
		size_t	nSizeTag
	)

Check tag for AEAD ciphers. Currently only supported with GCM. Must be called after FinishCipher().

pTag = Buffer holding the tag
nSizeTag = Length of the tag to check
Returns
0 on success, or a specific error code.

◆ CipherCrypt()

HRESULT GrayLib::cCipherWrap::CipherCrypt	(	BYTE *	pOutput,
		const BYTE *	pInput,
		size_t	nInputSize,
		const BYTE *	pIV,
		size_t	nSizeIV
	)

Packet-oriented wrapper for non-AEAD modes Generic all-in-one encryption/decryption (for all ciphers except AEAD constructs).

pOutput = buffer for the output data. Should be able to hold at least nInputSize + block_size. Cannot be the same buffer as input!
pInput = buffer holding the input data
nInputSize = length of the input data
pIV = IV to use (or NONCE_COUNTER for CTR-mode ciphers)
nSizeIV = IV length for ciphers with variable-size IV; discarded by ciphers with fixed-size IV.

Note: Some ciphers don't use IVs nor NONCE. For these ciphers, use pIV = nullptr and nSizeIV = 0.

Returns: length on success, <0 = error

◆ FinishCipher()

HRESULT GrayLib::cCipherWrap::FinishCipher	(	BYTE *	pOutput,
		size_t *	nOutputSize
	)

Generic cipher finalization function. If data still needs to be flushed from an incomplete block, data contained within it will be padded with the size of the last block, and written to the output buffer.

pOutput = buffer to write data to. Needs block_size available.
nOutputSize = length of the data written to the output buffer.

Returns: 0 on success, E_POINTER if parameter verification fails, HRESULT_WIN32_C(ERROR_BAD_LENGTH) if decryption expected a full block but was not provided one, HRESULT_WIN32_C(ERROR_BAD_LENGTH) invalid padding while decrypting or a cipher specific error code.

◆ get_BlockAlignSize()

size_t GrayLib::cCipherWrap::get_BlockAlignSize ( ) const

inline

Returns: size of the cipher's blocks, or 0 if this has not been initialized.

◆ get_CipherIVSize()

size_t GrayLib::cCipherWrap::get_CipherIVSize ( ) const

inline

Returns the size of the cipher's IV/NONCE in bytes.

Returns: If IV has not been set yet: (recommended) IV size (0 for ciphers not using IV/NONCE). If IV has already been set: actual size.

◆ get_CipherMode()

CIPHER_BLOCK_TYPE GrayLib::cCipherWrap::get_CipherMode ( ) const

inline

Returns the mode of operation for the cipher. (e.g. CIPHER_BLOCK_CBC)

Returns: mode of operation, or CIPHER_BLOCK_UNK if this has not been initialized.

◆ put_CBCPadding()

HRESULT GrayLib::cCipherWrap::put_CBCPadding ( const cCipherPadding * pPadding = nullptr )

Set padding mode, for cipher modes that use padding. (Default: PKCS7 padding.) CIPHER_BLOCK_CBC

ePadding = padding mode
Returns
0 on success, ERROR_INVALID_STATE if cipher mode does not support padding.

◆ ResetCipher()

void GrayLib::cCipherWrap::ResetCipher ( )

Finish preparation of the given context

◆ SetCipherIV()

HRESULT GrayLib::cCipherWrap::SetCipherIV	(	const BYTE *	pIV,
		size_t	nSizeIV
	)

Set the initialization vector (IV) or nonce

pIV = IV to use (or NONCE_COUNTER for CTR-mode ciphers)
nSizeIV = IV length for ciphers with variable-size IV; discarded by ciphers with fixed-size IV.
Returns
0 on success, E_POINTER, NTE_BAD_LEN

Note
Some ciphers don't use IVs nor NONCE. For these ciphers, this function has no effect.

◆ SetCipherKey()

HRESULT GrayLib::cCipherWrap::SetCipherKey	(	const void *	pKeyData,
		size_t	nSizeKey
	)

Set the key to use with the given context.

pKeyData = set cipher key. Fix it if unaligned.
nSizeKey = key length to use, in bytes.
Returns
0 on success, NTE_BAD_LEN if parameter verification fails or a cipher specific error code.

◆ SetCipherType()

HRESULT GrayLib::cCipherWrap::SetCipherType	(	bool	bEncodeMode,
		const cCipherTypeDef *	pCipherTypeDef,
		const void *	pKeyData
	)

Initializes and fills the cipher context structure with the appropriate values.

pCryptTypeInfo = cipher to use.
Returns
0 on success, E_INVALIDARG on parameter failure, E_OUTOFMEMORY if allocation of the cipher-specific context failed.

◆ SetZeroCipher()

void GrayLib::cCipherWrap::SetZeroCipher ( )

Free and clear the cipher specific content of pCipher.

◆ UNITTEST_FRIEND()

GrayLib::cCipherWrap::UNITTEST_FRIEND ( cCipherWrap )

◆ UpdateCipher()

HRESULT GrayLib::cCipherWrap::UpdateCipher	(	BYTE *	pOutput,
		const BYTE *	pInput,
		size_t	nInputSize
	)

Generic cipher update function. Encrypts/decrypts using the given cipher context. Writes as many block sized blocks of data as possible to output. Any data that cannot be written immediately will either be added to the next block, or flushed when cipher_final is called. Exception: for CIPHER_BLOCK_ECB, expects single block in size (e.g. 16 bytes for AES)

pOutput = buffer for the output data. Should be able to hold at least nInputSize + block_size. Cannot be the same buffer as input!
pInput = buffer holding the input data
nInputSize = length of the input data
Returns
>= 0 = length of the output data, will be filled with the actual number of bytes written.

Note
If the underlying cipher is GCM, all calls to this function, except the last one before FinishCipher(), must have nInputSize a multiple of the block size.

◆ WriteGCMTag()

HRESULT GrayLib::cCipherWrap::WriteGCMTag	(	BYTE *	pTag,
		size_t	nSizeTag
	)

Write tag for AEAD ciphers. Currently only supported with GCM. Must be called after FinishCipher().

pTag = buffer to write the tag
nSizeTag = Length of the tag to write
Returns
0 on success, or a specific error code.

Member Data Documentation

◆ k_MAX_BLOCK_LENGTH

const size_t GrayLib::cCipherWrap::k_MAX_BLOCK_LENGTH = 16

static

Maximum block size of any cipher, in bytes.

◆ k_MAX_IV_LENGTH

const size_t GrayLib::cCipherWrap::k_MAX_IV_LENGTH = 16

static

Maximum length of any IV, in bytes.

◆ m_bEncodeMode

bool GrayLib::cCipherWrap::m_bEncodeMode

Operation that the m_pCryptBase has been initialized for.

◆ m_iv

BYTE GrayLib::cCipherWrap::m_iv[k_MAX_IV_LENGTH]

Current IV or NONCE_COUNTER for CTR-mode.

◆ m_nSizeIV

size_t GrayLib::cCipherWrap::m_nSizeIV

IV size in bytes (for ciphers with variable-length IVs)

◆ m_nSizeKey

size_t GrayLib::cCipherWrap::m_nSizeKey

Key length to use (if variable)

◆ m_nSizeUnprocessed

size_t GrayLib::cCipherWrap::m_nSizeUnprocessed

Number of bytes that still need processing.

◆ m_pCBCPadding

const cCipherPadding* GrayLib::cCipherWrap::m_pCBCPadding

What Padding functions to use, if using CIPHER_BLOCK_CBC.

◆ m_pCipherTypeDef

const cCipherTypeDef* GrayLib::cCipherWrap::m_pCipherTypeDef

Information about the associated SSL_Cipher_TYPE.

◆ m_pCryptBase

cNewPtr<cCipherBase> GrayLib::cCipherWrap::m_pCryptBase

e.g. cCipherBase created from m_pCipherTypeDef, e.g. cCipherCCM, cCipherGCM

◆ m_Unprocessed

BYTE GrayLib::cCipherWrap::m_Unprocessed[k_MAX_BLOCK_LENGTH]

Buffer for data that hasn't been encrypted yet. didn't fit in block.

The documentation for this class was generated from the following files:

c:/Dennis/Source/Gray/GrayLib/include/Cipher/cCipherWrap.h
c:/Dennis/Source/Gray/GrayLib/src/Cipher/cCipherWrap.cpp

Public Member Functions

Public Attributes

Static Public Attributes

Detailed Description

Constructor & Destructor Documentation

◆ cCipherWrap()

◆ ~cCipherWrap()

Member Function Documentation

◆ AuthDecrypt()

◆ AuthEncrypt()

◆ CheckGCMTag()

◆ CipherCrypt()

◆ FinishCipher()

◆ get_BlockAlignSize()

◆ get_CipherIVSize()

◆ get_CipherMode()

◆ put_CBCPadding()

◆ ResetCipher()

◆ SetCipherIV()

◆ SetCipherKey()

◆ SetCipherType()

◆ SetZeroCipher()

◆ UNITTEST_FRIEND()

◆ UpdateCipher()

◆ WriteGCMTag()

Member Data Documentation

◆ k_MAX_BLOCK_LENGTH

◆ k_MAX_IV_LENGTH

◆ m_bEncodeMode

◆ m_iv

◆ m_nSizeIV

◆ m_nSizeKey

◆ m_nSizeUnprocessed

◆ m_pCBCPadding

◆ m_pCipherTypeDef

◆ m_pCryptBase

◆ m_Unprocessed