randombit · reneme · Mar 21, 2023 · Mar 20, 2023 · Mar 20, 2023 · Mar 20, 2023
diff --git a/src/lib/base/buf_comp.h b/src/lib/base/buf_comp.h
@@ -80,26 +80,14 @@ class BOTAN_PUBLIC_API(2,0) Buffered_Computation
  * final result as a container of your choice.
  * @return a contiguous container holding the result
  */
- template<typename T>
- requires(concepts::contiguous_container<T> &&
- concepts::resizable_container<T>)
- T final()
+ template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
+ T final()
  {
  T output(output_length());
  final_result(output.data());
  return output;
  }
 
- /**
- * Complete the computation and retrieve the
- * final result.
- * @return secure_vector holding the result
- */
- secure_vector<uint8_t> final()
- {
- return final<secure_vector<uint8_t>>();
- }
-
  std::vector<uint8_t> final_stdvec()
  {
  return final<std::vector<uint8_t>>();
@@ -111,8 +99,8 @@ class BOTAN_PUBLIC_API(2,0) Buffered_Computation
  final_result(out.data());
  }
 
- template<typename Alloc>
-  void final(std::vector<uint8_t, Alloc>& out)
+ template<concepts::resizable_byte_buffer T>
+ void final(T& out)
  {
  out.resize(output_length());
  final_result(out.data());
@@ -125,22 +113,11 @@ class BOTAN_PUBLIC_API(2,0) Buffered_Computation
  * @param length the length of the byte array
  * @result the result of the call to final()
  */
- secure_vector<uint8_t> process(const uint8_t in[], size_t length)
- {
- add_data(in, length);
- return final();
- }
-
- /**
- * Update and finalize computation. Does the same as calling update()
- * and final() consecutively.
- * @param in the input to process
- * @result the result of the call to final()
- */
- secure_vector<uint8_t> process(std::span<const uint8_t> in)
+ template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
+ T process(const uint8_t in[], size_t length)
  {
- add_data(in.data(), in.size());
- return final();
+ update(in, length);
+ return final<T>();
  }
 
  /**
@@ -149,25 +126,24 @@ class BOTAN_PUBLIC_API(2,0) Buffered_Computation
  * @param in the input to process as a string
  * @result the result of the call to final()
  */
- secure_vector<uint8_t> process(std::string_view in)
+ template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
+ T process(std::string_view in)
  {
  update(in);
- return final();
+ return final<T>();
  }
 
  /**
  * Update and finalize computation. Does the same as calling update()
  * and final() consecutively.
- * @param in the input to process as a contiguous container or string-like
+ * @param in the input to process as a contiguous container
  * @result the result of the call to final()
  */
- template<typename OutT, typename T>
- requires(concepts::convertible_to<T, std::string_view> ||
- concepts::convertible_to<T, std::span<const uint8_t>>)
- OutT process(T in)
+ template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
+ T process(std::span<const uint8_t> in)
  {
  update(in);
- return final<OutT>();
+ return final<T>();
  }
 
  virtual ~Buffered_Computation() = default;

diff --git a/src/lib/modes/aead/ccm/ccm.cpp b/src/lib/modes/aead/ccm/ccm.cpp
@@ -117,7 +117,7 @@ void CCM_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
  m_msg_buf.clear();
  }
 
-size_t CCM_Mode::process(uint8_t buf[], size_t sz)
+size_t CCM_Mode::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_STATE_CHECK(!m_nonce.empty());
  m_msg_buf.insert(m_msg_buf.end(), buf, buf + sz);
@@ -174,7 +174,7 @@ secure_vector<uint8_t> CCM_Mode::format_c0()
  return C;
  }
 
-void CCM_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void CCM_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(buffer.size() >= offset, "Offset is out of range");
 
@@ -227,7 +227,7 @@ void CCM_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
  reset();
  }
 
-void CCM_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void CCM_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(buffer.size() >= offset, "Offset is out of range");
 

diff --git a/src/lib/modes/aead/ccm/ccm.h b/src/lib/modes/aead/ccm/ccm.h
@@ -21,8 +21,6 @@ namespace Botan {
 class CCM_Mode : public AEAD_Mode
  {
  public:
- size_t process(uint8_t buf[], size_t sz) override final;
-
  void set_associated_data(const uint8_t ad[], size_t ad_len) override final;
 
  bool associated_data_requires_key() const override final { return false; }
@@ -67,6 +65,7 @@ class CCM_Mode : public AEAD_Mode
  secure_vector<uint8_t> format_c0();
  private:
  void start_msg(const uint8_t nonce[], size_t nonce_len) override final;
+ size_t process_msg(uint8_t buf[], size_t sz) override final;
 
  void key_schedule(const uint8_t key[], size_t length) override final;
 
@@ -93,12 +92,13 @@ class CCM_Encryption final : public CCM_Mode
  CCM_Encryption(std::unique_ptr<BlockCipher> cipher, size_t tag_size = 16, size_t L = 3) :
  CCM_Mode(std::move(cipher), tag_size, L) {}
 
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
-
  size_t output_length(size_t input_length) const override
  { return input_length + tag_size(); }
 
  size_t minimum_final_size() const override { return 0; }
+
+ private:
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 /**
@@ -117,15 +117,16 @@ class CCM_Decryption final : public CCM_Mode
  CCM_Decryption(std::unique_ptr<BlockCipher> cipher, size_t tag_size = 16, size_t L = 3) :
  CCM_Mode(std::move(cipher), tag_size, L) {}
 
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
-
  size_t output_length(size_t input_length) const override
  {
  BOTAN_ARG_CHECK(input_length >= tag_size(), "Sufficient input");
  return input_length - tag_size();
  }
 
  size_t minimum_final_size() const override { return tag_size(); }
+
+ private:
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 }

diff --git a/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.cpp b/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.cpp
@@ -105,15 +105,15 @@ void ChaCha20Poly1305_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
  }
  }
 
-size_t ChaCha20Poly1305_Encryption::process(uint8_t buf[], size_t sz)
+size_t ChaCha20Poly1305_Encryption::process_msg(uint8_t buf[], size_t sz)
  {
  m_chacha->cipher1(buf, sz);
  m_poly1305->update(buf, sz); // poly1305 of ciphertext
  m_ctext_len += sz;
  return sz;
  }
 
-void ChaCha20Poly1305_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void ChaCha20Poly1305_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  update(buffer, offset);
  if(cfrg_version())
@@ -133,15 +133,15 @@ void ChaCha20Poly1305_Encryption::finish(secure_vector<uint8_t>& buffer, size_t
  m_nonce_len = 0;
  }
 
-size_t ChaCha20Poly1305_Decryption::process(uint8_t buf[], size_t sz)
+size_t ChaCha20Poly1305_Decryption::process_msg(uint8_t buf[], size_t sz)
  {
  m_poly1305->update(buf, sz); // poly1305 of ciphertext
  m_chacha->cipher1(buf, sz);
  m_ctext_len += sz;
  return sz;
  }
 
-void ChaCha20Poly1305_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void ChaCha20Poly1305_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(buffer.size() >= offset, "Offset is out of range");
  const size_t sz = buffer.size() - offset;

diff --git a/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h b/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h
@@ -77,9 +77,9 @@ class ChaCha20Poly1305_Encryption final : public ChaCha20Poly1305_Mode
 
  size_t minimum_final_size() const override { return 0; }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 /**
@@ -96,9 +96,9 @@ class ChaCha20Poly1305_Decryption final : public ChaCha20Poly1305_Mode
 
  size_t minimum_final_size() const override { return tag_size(); }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 }

diff --git a/src/lib/modes/aead/eax/eax.cpp b/src/lib/modes/aead/eax/eax.cpp
@@ -128,15 +128,15 @@ void EAX_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
  m_cmac->update(2);
  }
 
-size_t EAX_Encryption::process(uint8_t buf[], size_t sz)
+size_t EAX_Encryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_STATE_CHECK(!m_nonce_mac.empty());
  m_ctr->cipher(buf, buf, sz);
  m_cmac->update(buf, sz);
  return sz;
  }
 
-void EAX_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void EAX_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_STATE_CHECK(!m_nonce_mac.empty());
  update(buffer, offset);
@@ -156,15 +156,15 @@ void EAX_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
  m_nonce_mac.clear();
  }
 
-size_t EAX_Decryption::process(uint8_t buf[], size_t sz)
+size_t EAX_Decryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_STATE_CHECK(!m_nonce_mac.empty());
  m_cmac->update(buf, sz);
  m_ctr->cipher(buf, buf, sz);
  return sz;
  }
 
-void EAX_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void EAX_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(buffer.size() >= offset, "Offset is out of range");
  const size_t sz = buffer.size() - offset;

diff --git a/src/lib/modes/aead/eax/eax.h b/src/lib/modes/aead/eax/eax.h
@@ -85,9 +85,9 @@ class EAX_Encryption final : public EAX_Mode
 
  size_t minimum_final_size() const override { return 0; }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 /**
@@ -111,9 +111,9 @@ class EAX_Decryption final : public EAX_Mode
 
  size_t minimum_final_size() const override { return tag_size(); }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 }

diff --git a/src/lib/modes/aead/gcm/gcm.cpp b/src/lib/modes/aead/gcm/gcm.cpp
@@ -128,15 +128,15 @@ void GCM_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
  clear_mem(m_y0.data(), m_y0.size());
  }
 
-size_t GCM_Encryption::process(uint8_t buf[], size_t sz)
+size_t GCM_Encryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_ARG_CHECK(sz % update_granularity() == 0, "Invalid buffer size");
  m_ctr->cipher(buf, buf, sz);
  m_ghash->update(buf, sz);
  return sz;
  }
 
-void GCM_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void GCM_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(offset <= buffer.size(), "Invalid offset");
  const size_t sz = buffer.size() - offset;
@@ -150,15 +150,15 @@ void GCM_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
  buffer += std::make_pair(mac, tag_size());
  }
 
-size_t GCM_Decryption::process(uint8_t buf[], size_t sz)
+size_t GCM_Decryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_ARG_CHECK(sz % update_granularity() == 0, "Invalid buffer size");
  m_ghash->update(buf, sz);
  m_ctr->cipher(buf, buf, sz);
  return sz;
  }
 
-void GCM_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void GCM_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  BOTAN_ARG_CHECK(offset <= buffer.size(), "Invalid offset");
  const size_t sz = buffer.size() - offset;

diff --git a/src/lib/modes/aead/gcm/gcm.h b/src/lib/modes/aead/gcm/gcm.h
@@ -83,9 +83,9 @@ class GCM_Encryption final : public GCM_Mode
 
  size_t minimum_final_size() const override { return 0; }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 /**
@@ -109,9 +109,9 @@ class GCM_Decryption final : public GCM_Mode
 
  size_t minimum_final_size() const override { return tag_size(); }
 
-  size_t process(uint8_t buf[], size_t size) override;
-
- void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
+ private:
+ size_t process_msg(uint8_t buf[], size_t size) override;
+ void finish_msg(secure_vector<uint8_t>& final_block, size_t offset = 0) override;
  };
 
 }

diff --git a/src/lib/modes/aead/ocb/ocb.cpp b/src/lib/modes/aead/ocb/ocb.cpp
@@ -375,14 +375,14 @@ void OCB_Encryption::encrypt(uint8_t buffer[], size_t blocks)
  }
  }
 
-size_t OCB_Encryption::process(uint8_t buf[], size_t sz)
+size_t OCB_Encryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_ARG_CHECK(sz % update_granularity() == 0, "Invalid OCB input size");
  encrypt(buf, sz / block_size());
  return sz;
  }
 
-void OCB_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void OCB_Encryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  assert_key_material_set();
  BOTAN_STATE_CHECK(m_L->initialized());
@@ -466,14 +466,14 @@ void OCB_Decryption::decrypt(uint8_t buffer[], size_t blocks)
  }
  }
 
-size_t OCB_Decryption::process(uint8_t buf[], size_t sz)
+size_t OCB_Decryption::process_msg(uint8_t buf[], size_t sz)
  {
  BOTAN_ARG_CHECK(sz % update_granularity() == 0, "Invalid OCB input size");
  decrypt(buf, sz / block_size());
  return sz;
  }
 
-void OCB_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset)
+void OCB_Decryption::finish_msg(secure_vector<uint8_t>& buffer, size_t offset)
  {
  assert_key_material_set();
  BOTAN_STATE_CHECK(m_L->initialized());