diff options
author | David Hook <dgh@bouncycastle.org> | 2017-03-07 10:24:47 +1100 |
---|---|---|
committer | David Hook <dgh@bouncycastle.org> | 2017-03-07 10:24:47 +1100 |
commit | d5444a1292a4b67dea5d0278e169abb7aaad7a3a (patch) | |
tree | 926a47aa629129c8b51a8cc760cb87ff9a1a5e46 | |
parent | Fix bug in SecT571KPoint.Add with order-2 points (lambda-projective). (diff) | |
download | BouncyCastle.NET-ed25519-d5444a1292a4b67dea5d0278e169abb7aaad7a3a.tar.xz |
Fixed N4 calculation issue - see BJA-655
-rw-r--r-- | crypto/src/crypto/modes/GOFBBlockCipher.cs | 6 | ||||
-rw-r--r-- | crypto/test/src/crypto/test/GOST28147Test.cs | 47 |
2 files changed, 50 insertions, 3 deletions
diff --git a/crypto/src/crypto/modes/GOFBBlockCipher.cs b/crypto/src/crypto/modes/GOFBBlockCipher.cs index a91562549..4299f11a9 100644 --- a/crypto/src/crypto/modes/GOFBBlockCipher.cs +++ b/crypto/src/crypto/modes/GOFBBlockCipher.cs @@ -169,7 +169,11 @@ namespace Org.BouncyCastle.Crypto.Modes } N3 += C2; N4 += C1; - intTobytes(N3, ofbV, 0); + if (N4 < C1) // addition is mod (2**32 - 1) + { + N4++; + } + intTobytes(N3, ofbV, 0); intTobytes(N4, ofbV, 4); cipher.ProcessBlock(ofbV, 0, ofbOutV, 0); diff --git a/crypto/test/src/crypto/test/GOST28147Test.cs b/crypto/test/src/crypto/test/GOST28147Test.cs index 5b6753517..865dcc2a7 100644 --- a/crypto/test/src/crypto/test/GOST28147Test.cs +++ b/crypto/test/src/crypto/test/GOST28147Test.cs @@ -37,7 +37,19 @@ namespace Org.BouncyCastle.Crypto.Tests 0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0 }; - static SimpleTest[] tests = + static byte[] TestSBox_1 = + { + 0xE, 0x3, 0xC, 0xD, 0x1, 0xF, 0xA, 0x9, 0xB, 0x6, 0x2, 0x7, 0x5, 0x0, 0x8, 0x4, + 0xD, 0x9, 0x0, 0x4, 0x7, 0x1, 0x3, 0xB, 0x6, 0xC, 0x2, 0xA, 0xF, 0xE, 0x5, 0x8, + 0x8, 0xB, 0xA, 0x7, 0x1, 0xD, 0x5, 0xC, 0x6, 0x3, 0x9, 0x0, 0xF, 0xE, 0x2, 0x4, + 0xD, 0x7, 0xC, 0x9, 0xF, 0x0, 0x5, 0x8, 0xA, 0x2, 0xB, 0x6, 0x4, 0x3, 0x1, 0xE, + 0xB, 0x4, 0x6, 0x5, 0x0, 0xF, 0x1, 0xC, 0x9, 0xE, 0xD, 0x8, 0x3, 0x7, 0xA, 0x2, + 0xD, 0xF, 0x9, 0x4, 0x2, 0xC, 0x5, 0xA, 0x6, 0x0, 0x3, 0x8, 0x7, 0xE, 0x1, 0xB, + 0xF, 0xE, 0x9, 0x5, 0xB, 0x2, 0x1, 0x8, 0x6, 0x0, 0xD, 0x3, 0x4, 0x7, 0xC, 0xA, + 0xA, 0x3, 0xE, 0x2, 0x0, 0x1, 0x4, 0x6, 0xB, 0x8, 0xC, 0x7, 0xD, 0x5, 0xF, 0x9 + }; + + static SimpleTest[] tests = { new BlockCipherVectorTest(1, new Gost28147Engine(), new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), input1, output1), @@ -128,7 +140,38 @@ namespace Org.BouncyCastle.Crypto.Tests Hex.Decode("1234567890abcdef")), //IV "bc350e71aa11345709acde", //input message "1bcc2282707c676fb656dc"), //encrypt message - + new BlockCipherVectorTest(15, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, IV, S-box + Hex.Decode("8001069080010690")), + "094C912C5EFDD703D42118971694580B", //input message + "2707B58DF039D1A64460735FFE76D55F"), //encrypt message + new BlockCipherVectorTest(16, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, S-box + Hex.Decode("800107A0800107A0")), + "FE780800E0690083F20C010CF00C0329", //input message + "9AF623DFF948B413B53171E8D546188D"), //encrypt message + new BlockCipherVectorTest(17, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, S-box + Hex.Decode("8001114080011140")), + "D1088FD8C0A86EE8F1DCD1088FE8C058", //input message + "62A6B64D12253BCD8241A4BB0CFD3E7C"), //encrypt message + new BlockCipherVectorTest(18, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, IV, S-box + Hex.Decode("80011A3080011A30")), + "D431FACD011C502C501B500A12921090", //input message + "07313C89D302FF73234B4A0506AB00F3"), //encrypt message }; private const int Gost28147_KEY_LENGTH = 32; |