diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-04-08 21:33:09 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-04-08 21:33:09 +0700 |
commit | 4ba05d3a63090a5729665d6a3dbb120c4c996482 (patch) | |
tree | 64a3b8b90070caffbec025785a2b0ce50eaccff3 | |
parent | Add id_at_organizationIdentifier (diff) | |
download | BouncyCastle.NET-ed25519-4ba05d3a63090a5729665d6a3dbb120c4c996482.tar.xz |
Update registries for digests, MACs from bc-java
-rw-r--r-- | crypto/src/asn1/nist/NISTObjectIdentifiers.cs | 4 | ||||
-rw-r--r-- | crypto/src/security/DigestUtilities.cs | 6 | ||||
-rw-r--r-- | crypto/src/security/GeneratorUtilities.cs | 33 | ||||
-rw-r--r-- | crypto/src/security/MacUtilities.cs | 10 | ||||
-rw-r--r-- | crypto/test/src/test/HMacTest.cs | 182 |
5 files changed, 170 insertions, 65 deletions
diff --git a/crypto/src/asn1/nist/NISTObjectIdentifiers.cs b/crypto/src/asn1/nist/NISTObjectIdentifiers.cs index 55b9d8e68..b5002d28c 100644 --- a/crypto/src/asn1/nist/NISTObjectIdentifiers.cs +++ b/crypto/src/asn1/nist/NISTObjectIdentifiers.cs @@ -31,6 +31,10 @@ namespace Org.BouncyCastle.Asn1.Nist public static readonly DerObjectIdentifier IdSha3_512 = HashAlgs.Branch("10"); public static readonly DerObjectIdentifier IdShake128 = HashAlgs.Branch("11"); public static readonly DerObjectIdentifier IdShake256 = HashAlgs.Branch("12"); + public static readonly DerObjectIdentifier IdHMacWithSha3_224 = HashAlgs.Branch("13"); + public static readonly DerObjectIdentifier IdHMacWithSha3_256 = HashAlgs.Branch("14"); + public static readonly DerObjectIdentifier IdHMacWithSha3_384 = HashAlgs.Branch("15"); + public static readonly DerObjectIdentifier IdHMacWithSha3_512 = HashAlgs.Branch("16"); public static readonly DerObjectIdentifier Aes = new DerObjectIdentifier(NistAlgorithm + ".1"); diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs index c6adbdd95..445304196 100644 --- a/crypto/src/security/DigestUtilities.cs +++ b/crypto/src/security/DigestUtilities.cs @@ -83,6 +83,12 @@ namespace Org.BouncyCastle.Security algorithms[CryptoProObjectIdentifiers.GostR3411.Id] = "GOST3411"; + algorithms["KECCAK224"] = "KECCAK-224"; + algorithms["KECCAK256"] = "KECCAK-256"; + algorithms["KECCAK288"] = "KECCAK-288"; + algorithms["KECCAK384"] = "KECCAK-384"; + algorithms["KECCAK512"] = "KECCAK-512"; + algorithms[NistObjectIdentifiers.IdSha3_224.Id] = "SHA3-224"; algorithms[NistObjectIdentifiers.IdSha3_256.Id] = "SHA3-256"; algorithms[NistObjectIdentifiers.IdSha3_384.Id] = "SHA3-384"; diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs index 3beebd05b..db1929c16 100644 --- a/crypto/src/security/GeneratorUtilities.cs +++ b/crypto/src/security/GeneratorUtilities.cs @@ -8,6 +8,7 @@ using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Generators; @@ -138,17 +139,28 @@ namespace Org.BouncyCastle.Security PkcsObjectIdentifiers.IdHmacWithSha512); AddHMacKeyGenerator("SHA512/224"); AddHMacKeyGenerator("SHA512/256"); - AddHMacKeyGenerator("SHA3-224"); - AddHMacKeyGenerator("SHA3-256"); - AddHMacKeyGenerator("SHA3-384"); - AddHMacKeyGenerator("SHA3-512"); + AddHMacKeyGenerator("KECCAK224"); + AddHMacKeyGenerator("KECCAK256"); + AddHMacKeyGenerator("KECCAK288"); + AddHMacKeyGenerator("KECCAK384"); + AddHMacKeyGenerator("KECCAK512"); + AddHMacKeyGenerator("SHA3-224", + NistObjectIdentifiers.IdHMacWithSha3_224); + AddHMacKeyGenerator("SHA3-256", + NistObjectIdentifiers.IdHMacWithSha3_256); + AddHMacKeyGenerator("SHA3-384", + NistObjectIdentifiers.IdHMacWithSha3_384); + AddHMacKeyGenerator("SHA3-512", + NistObjectIdentifiers.IdHMacWithSha3_512); AddHMacKeyGenerator("RIPEMD128"); AddHMacKeyGenerator("RIPEMD160", IanaObjectIdentifiers.HmacRipeMD160); AddHMacKeyGenerator("TIGER", IanaObjectIdentifiers.HmacTiger); - - + AddHMacKeyGenerator("GOST3411-2012-256", + RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256); + AddHMacKeyGenerator("GOST3411-2012-512", + RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512); // // key pair generators. @@ -183,11 +195,12 @@ namespace Org.BouncyCastle.Security AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1"); AddDefaultKeySizeEntries(192, "AES", "AES192", "CAMELLIA192", "DESEDE3", "HMACTIGER", "RIJNDAEL", "SERPENT", "TNEPRES"); - AddDefaultKeySizeEntries(224, "HMACSHA224", "HMACSHA512/224"); + AddDefaultKeySizeEntries(224, "HMACSHA3-224", "HMACKECCAK224", "HMACSHA224", "HMACSHA512/224"); AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "GOST28147", - "HC256", "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH"); - AddDefaultKeySizeEntries(384, "HMACSHA384"); - AddDefaultKeySizeEntries(512, "HMACSHA512", "THREEFISH-512"); + "HC256", "HMACGOST3411-2012-256", "HMACSHA3-256", "HMACKECCAK256", "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH"); + AddDefaultKeySizeEntries(288, "HMACKECCAK288"); + AddDefaultKeySizeEntries(384, "HMACSHA3-384", "HMACKECCAK384", "HMACSHA384"); + AddDefaultKeySizeEntries(512, "HMACGOST3411-2012-512", "HMACSHA3-512", "HMACKECCAK512", "HMACSHA512", "THREEFISH-512"); AddDefaultKeySizeEntries(1024, "THREEFISH-1024"); } diff --git a/crypto/src/security/MacUtilities.cs b/crypto/src/security/MacUtilities.cs index 278f3bec1..a3bf8809f 100644 --- a/crypto/src/security/MacUtilities.cs +++ b/crypto/src/security/MacUtilities.cs @@ -4,7 +4,9 @@ using System.Globalization; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Macs; @@ -38,6 +40,14 @@ namespace Org.BouncyCastle.Security algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "HMAC-SHA384"; algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "HMAC-SHA512"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_224.Id] = "HMAC-SHA3-224"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_256.Id] = "HMAC-SHA3-256"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_384.Id] = "HMAC-SHA3-384"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_512.Id] = "HMAC-SHA3-512"; + + algorithms[RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.Id] = "HMAC-GOST3411-2012-256"; + algorithms[RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.Id] = "HMAC-GOST3411-2012-512"; + // TODO AESMAC? algorithms["DES"] = "DESMAC"; diff --git a/crypto/test/src/test/HMacTest.cs b/crypto/test/src/test/HMacTest.cs index e4f5cb9c1..4a018ac50 100644 --- a/crypto/test/src/test/HMacTest.cs +++ b/crypto/test/src/test/HMacTest.cs @@ -4,7 +4,10 @@ using System.Text; using NUnit.Framework; using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.UA; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; @@ -36,23 +39,33 @@ namespace Org.BouncyCastle.Tests private static byte[] outputOld384 = Hex.Decode("0a046aaa0255e432912228f8ccda437c8a8363fb160afb0570ab5b1fd5ddc20eb1888b9ed4e5b6cb5bc034cd9ef70e40"); private static byte[] outputOld512 = Hex.Decode("9656975ee5de55e75f2976ecce9a04501060b9dc22a6eda2eaef638966280182477fe09f080b2bf564649cad42af8607a2bd8d02979df3a980f15e2326a0a22a"); - public void doTestHMac( - string hmacName, - byte[] output) + private static byte[] outputKck224 = Hex.Decode("b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc"); + private static byte[] outputKck256 = Hex.Decode("9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821"); + private static byte[] outputKck288 = Hex.Decode("36145df8742160a1811139494d708f9a12757c30dedc622a98aa6ecb69da32a34ea55441"); + private static byte[] outputKck384 = Hex.Decode("892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048"); + private static byte[] outputKck512 = Hex.Decode("8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755"); + + private static byte[] outputSha3_224 = Hex.Decode("3b16546bbc7be2706a031dcafd56373d9884367641d8c59af3c860f7"); + private static byte[] outputSha3_256 = Hex.Decode("ba85192310dffa96e2a3a40e69774351140bb7185e1202cdcc917589f95e16bb"); + private static byte[] outputSha3_384 = Hex.Decode("68d2dcf7fd4ddd0a2240c8a437305f61fb7334cfb5d0226e1bc27dc10a2e723a20d370b47743130e26ac7e3d532886bd"); + private static byte[] outputSha3_512 = Hex.Decode("eb3fbd4b2eaab8f5c504bd3a41465aacec15770a7cabac531e482f860b5ec7ba47ccb2c6f2afce8f88d22b6dc61380f23a668fd3888bb80537c0a0b86407689e"); + + private static byte[] outputGost2012_256 = Hex.Decode("f03422dfa37a507ca126ce01b8eba6b7fdda8f8a60dd8f2703e3a372120b8294"); + private static byte[] outputGost2012_512 = Hex.Decode("86b6a06bfa9f1974aff6ccd7fa3f835f0bd850395d6084efc47b9dda861a2cdf0dcaf959160733d5269f6567966dd7a9f932a77cd6f080012cd476f1c2cc31bb"); + + private static byte[] outputDSTU7564_256 = Hex.Decode("98ac67aa21eaf6e8666fb748d66cfc15d5d66f5194c87fffa647e406d3375cdb"); + private static byte[] outputDSTU7564_384 = Hex.Decode("4e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d"); + private static byte[] outputDSTU7564_512 = Hex.Decode("5b7acf633a7551b8410fa66a60c74a494e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d"); + + private void DoTestHMac(string hmacName, byte[] output) { KeyParameter key = new KeyParameter(keyBytes); //, hmacName); IMac mac = MacUtilities.GetMac(hmacName); - mac.Init(key); - mac.Reset(); - mac.BlockUpdate(message, 0, message.Length); - -// byte[] outBytes = mac.DoFinal(); - byte[] outBytes = new byte[mac.GetMacSize()]; - mac.DoFinal(outBytes, 0); + byte[] outBytes = MacUtilities.DoFinal(mac); if (!AreEqual(outBytes, output)) { @@ -63,22 +76,42 @@ namespace Org.BouncyCastle.Tests // no key generator for the old algorithms if (hmacName.StartsWith("Old")) - { return; - } CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(hmacName); + key = new KeyParameter(kGen.GenerateKey()); + mac.Init(key); // hmacName + mac.BlockUpdate(message, 0, message.Length); + outBytes = MacUtilities.DoFinal(mac); + } + + private void DoTestHMac(string hmacName, int defKeySize, byte[] output) + { + KeyParameter key = new KeyParameter(keyBytes); //, hmacName); + + IMac mac = MacUtilities.GetMac(hmacName); + mac.Init(key); + mac.Reset(); + mac.BlockUpdate(message, 0, message.Length); + byte[] outBytes = MacUtilities.DoFinal(mac); - mac.Init(new KeyParameter(kGen.GenerateKey())); // hmacName + if (!AreEqual(outBytes, output)) + { + Fail("Failed - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(outBytes)); + } + CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(hmacName); + key = new KeyParameter(kGen.GenerateKey()); + mac.Init(key); // hmacName mac.BlockUpdate(message, 0, message.Length); + outBytes = MacUtilities.DoFinal(mac); -// outBytes = mac.DoFinal(); - outBytes = new byte[mac.GetMacSize()]; - mac.DoFinal(outBytes, 0); + IsTrue("default key wrong length", key.GetKey().Length == (defKeySize / 8)); } - private void doTestExceptions() + private void DoTestExceptions() { IMac mac = MacUtilities.GetMac("HmacSHA1"); @@ -124,47 +157,86 @@ namespace Org.BouncyCastle.Tests public override void PerformTest() { - doTestHMac("HMac-SHA1", output1); - doTestHMac("HMac-MD5", outputMD5); - doTestHMac("HMac-MD4", outputMD4); - doTestHMac("HMac-MD2", outputMD2); - doTestHMac("HMac-SHA224", output224); - doTestHMac("HMac-SHA256", output256); - doTestHMac("HMac-SHA384", output384); - doTestHMac("HMac-SHA512", output512); - doTestHMac("HMac-SHA512/224", output512_224); - doTestHMac("HMac-SHA512/256", output512_256); - doTestHMac("HMac-RIPEMD128", outputRipeMD128); - doTestHMac("HMac-RIPEMD160", outputRipeMD160); - doTestHMac("HMac-TIGER", outputTiger); - - doTestHMac("HMac/SHA1", output1); - doTestHMac("HMac/MD5", outputMD5); - doTestHMac("HMac/MD4", outputMD4); - doTestHMac("HMac/MD2", outputMD2); - doTestHMac("HMac/SHA224", output224); - doTestHMac("HMac/SHA256", output256); - doTestHMac("HMac/SHA384", output384); - doTestHMac("HMac/SHA512", output512); - doTestHMac("HMac/RIPEMD128", outputRipeMD128); - doTestHMac("HMac/RIPEMD160", outputRipeMD160); - doTestHMac("HMac/TIGER", outputTiger); - - doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha1.Id, output1); - doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha224.Id, output224); - doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha256.Id, output256); - doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha384.Id, output384); - doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha512.Id, output512); - doTestHMac(IanaObjectIdentifiers.HmacSha1.Id, output1); - doTestHMac(IanaObjectIdentifiers.HmacMD5.Id, outputMD5); - doTestHMac(IanaObjectIdentifiers.HmacRipeMD160.Id, outputRipeMD160); - doTestHMac(IanaObjectIdentifiers.HmacTiger.Id, outputTiger); + DoTestHMac("HMac-SHA1", output1); + DoTestHMac("HMac-MD5", outputMD5); + DoTestHMac("HMac-MD4", outputMD4); + DoTestHMac("HMac-MD2", outputMD2); + DoTestHMac("HMac-SHA224", output224); + DoTestHMac("HMac-SHA256", output256); + DoTestHMac("HMac-SHA384", output384); + DoTestHMac("HMac-SHA512", output512); + DoTestHMac("HMac-SHA512/224", output512_224); + DoTestHMac("HMac-SHA512/256", output512_256); + DoTestHMac("HMac-RIPEMD128", outputRipeMD128); + DoTestHMac("HMac-RIPEMD160", outputRipeMD160); + DoTestHMac("HMac-TIGER", outputTiger); + DoTestHMac("HMac-KECCAK224", 224, outputKck224); + DoTestHMac("HMac-KECCAK256", 256, outputKck256); + DoTestHMac("HMac-KECCAK288", 288, outputKck288); + DoTestHMac("HMac-KECCAK384", 384, outputKck384); + DoTestHMac("HMac-KECCAK512", 512, outputKck512); + DoTestHMac("HMac-SHA3-224", 224, outputSha3_224); + DoTestHMac("HMac-SHA3-256", 256, outputSha3_256); + DoTestHMac("HMac-SHA3-384", 384, outputSha3_384); + DoTestHMac("HMac-SHA3-512", 512, outputSha3_512); + + DoTestHMac("HMac-GOST3411-2012-256", 256, outputGost2012_256); + DoTestHMac("HMac-GOST3411-2012-512", 512, outputGost2012_512); + + //DoTestHMac("HMac-DSTU7564-256", 256, outputDSTU7564_256); + //DoTestHMac("HMac-DSTU7564-384", 384, outputDSTU7564_384); + //DoTestHMac("HMac-DSTU7564-512", 512, outputDSTU7564_512); + + DoTestHMac("HMac/SHA1", output1); + DoTestHMac("HMac/MD5", outputMD5); + DoTestHMac("HMac/MD4", outputMD4); + DoTestHMac("HMac/MD2", outputMD2); + DoTestHMac("HMac/SHA224", output224); + DoTestHMac("HMac/SHA256", output256); + DoTestHMac("HMac/SHA384", output384); + DoTestHMac("HMac/SHA512", output512); + DoTestHMac("HMac/RIPEMD128", outputRipeMD128); + DoTestHMac("HMac/RIPEMD160", outputRipeMD160); + DoTestHMac("HMac/TIGER", outputTiger); + DoTestHMac("HMac/KECCAK224", 224, outputKck224); + DoTestHMac("HMac/KECCAK256", 256, outputKck256); + DoTestHMac("HMac/KECCAK288", 288, outputKck288); + DoTestHMac("HMac/KECCAK384", 384, outputKck384); + DoTestHMac("HMac/KECCAK512", 512, outputKck512); + DoTestHMac("HMac/SHA3-224", 224, outputSha3_224); + DoTestHMac("HMac/SHA3-256", 256, outputSha3_256); + DoTestHMac("HMac/SHA3-384", 384, outputSha3_384); + DoTestHMac("HMac/SHA3-512", 512, outputSha3_512); + DoTestHMac("HMac/GOST3411-2012-256", 256, outputGost2012_256); + DoTestHMac("HMac/GOST3411-2012-512", 512, outputGost2012_512); + + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha1.Id, output1); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha224.Id, output224); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha256.Id, output256); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha384.Id, output384); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha512.Id, output512); + DoTestHMac(IanaObjectIdentifiers.HmacSha1.Id, output1); + DoTestHMac(IanaObjectIdentifiers.HmacMD5.Id, outputMD5); + DoTestHMac(IanaObjectIdentifiers.HmacRipeMD160.Id, outputRipeMD160); + DoTestHMac(IanaObjectIdentifiers.HmacTiger.Id, outputTiger); + + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_224.Id, 224, outputSha3_224); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_256.Id, 256, outputSha3_256); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_384.Id, 384, outputSha3_384); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_512.Id, 512, outputSha3_512); + + DoTestHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.Id, 256, outputGost2012_256); + DoTestHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.Id, 512, outputGost2012_512); + + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_256.Id, 256, outputDSTU7564_256); + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_384.Id, 384, outputDSTU7564_384); + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_512.Id, 512, outputDSTU7564_512); // // test for compatibility with broken HMac. -// doTestHMac("OldHMacSHA384", outputOld384); -// doTestHMac("OldHMacSHA512", outputOld512); +// DoTestHMac("OldHMacSHA384", outputOld384); +// DoTestHMac("OldHMacSHA512", outputOld512); - doTestExceptions(); + DoTestExceptions(); } public override string Name |