diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2022-09-29 18:32:05 +1000 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2022-09-29 18:32:05 +1000 |
| commit | 0ad1654d152024af6241ab97a5c4462f66f83087 (patch) | |
| tree | 958dd20d85a30ed4f832f4a8a947463e27c7af29 | |
| parent | added grain128Aead (diff) | |
| download | BouncyCastle.NET-ed25519-0ad1654d152024af6241ab97a5c4462f66f83087.tar.xz | |
added IAeadCipjer to grain128Aead
| -rw-r--r-- | crypto/src/crypto/engines/Grain128AEADEngine.cs | 125 | ||||
| -rw-r--r-- | crypto/test/src/crypto/test/Grain128AeadTest.cs | 26 |
2 files changed, 107 insertions, 44 deletions
diff --git a/crypto/src/crypto/engines/Grain128AEADEngine.cs b/crypto/src/crypto/engines/Grain128AEADEngine.cs index e60368574..19d780362 100644 --- a/crypto/src/crypto/engines/Grain128AEADEngine.cs +++ b/crypto/src/crypto/engines/Grain128AEADEngine.cs @@ -1,14 +1,11 @@ using System; using System.IO; -using System.Numerics; -using Org.BouncyCastle.Asn1.Pkcs; -using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Engines { - public class Grain128AeadEngine//: AeadCipher + public class Grain128AeadEngine: IAeadCipher { /** @@ -36,10 +33,7 @@ namespace Org.BouncyCastle.Crypto.Engines private byte[] mac; - public String GetAlgorithmName() - { - return "Grain-128AEAD"; - } + public string AlgorithmName => "Grain-128AEAD"; /** * Initialize a Grain-128AEAD cipher. @@ -285,8 +279,7 @@ namespace Org.BouncyCastle.Crypto.Engines { if (!initialised) { - throw new ArgumentException(GetAlgorithmName() - + " not initialised"); + throw new ArgumentException(AlgorithmName + " not initialised"); } if (!aadFinished) { @@ -308,6 +301,28 @@ namespace Org.BouncyCastle.Crypto.Engines return len; } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public int ProcessBytes(ReadOnlySpan<byte> input, Span<byte> output) + { + if (!initialised) + { + throw new ArgumentException(AlgorithmName + " not initialised"); + } + if (!aadFinished) + { + DoProcessAADBytes(aadData.GetBuffer(), 0, (int)aadData.Length); + aadFinished = true; + } + + if (input.Length > output.Length) + { + throw new OutputLengthException("output buffer too short"); + } + GetKeyStream(input.ToArray(), 0, input.Length, output.ToArray(), 0); + return input.Length; + } +#endif + public void Reset() { this.isEven = true; @@ -379,7 +394,7 @@ namespace Org.BouncyCastle.Crypto.Engines { if (!initialised) { - throw new ArgumentException(GetAlgorithmName() + throw new ArgumentException(AlgorithmName + " not initialised"); } byte[] plaintext = new byte[1]; @@ -389,7 +404,7 @@ namespace Org.BouncyCastle.Crypto.Engines } - public void ProcessAADByte(byte input) + public void ProcessAadByte(byte input) { if (aadFinished) { @@ -399,14 +414,29 @@ namespace Org.BouncyCastle.Crypto.Engines } - public void ProcessAADBytes(byte[] input, int inOff, int len) + public void ProcessAadBytes(byte[] input, int inOff, int len) { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + ProcessAadBytes(input.AsSpan(inOff, len)); +#else if (aadFinished) { throw new ArgumentException("associated data must be added before plaintext/ciphertext"); } aadData.Write(input, inOff, len); +#endif + } + +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public void ProcessAadBytes(ReadOnlySpan<byte> input) + { + if (aadFinished) + { + throw new ArgumentException("associated data must be added before plaintext/ciphertext"); + } + aadData.Write(input); } +#endif private void Accumulate() { @@ -426,6 +456,14 @@ namespace Org.BouncyCastle.Crypto.Engines return ProcessBytes(new byte[] { input }, 0, 1, output, outOff); } + +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public int ProcessByte(byte input, Span<byte> output) + { + return ProcessBytes(new byte[] { input }.AsSpan<byte>(), output); + } +#endif + private void DoProcessAADBytes(byte[] input, int inOff, int len) { byte[] ader; @@ -498,6 +536,9 @@ namespace Org.BouncyCastle.Crypto.Engines public int DoFinal(byte[] output, int outOff) { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + return DoFinal(output.AsSpan(outOff)); +#else if (!aadFinished) { DoProcessAADBytes(aadData.GetBuffer(), 0, (int)aadData.Length); @@ -530,11 +571,48 @@ namespace Org.BouncyCastle.Crypto.Engines { Reset(); } - +#endif } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public int DoFinal(Span<byte> output) + { + if (!aadFinished) + { + DoProcessAADBytes(aadData.GetBuffer(), 0, (int)aadData.Length); + aadFinished = true; + } + + this.mac = new byte[8]; - public byte[] GetMac() + outputZ = GetOutput(); + nfsr = Shift(nfsr, (GetOutputNFSR() ^ lfsr[0]) & 1); + lfsr = Shift(lfsr, (GetOutputLFSR()) & 1); + Accumulate(); + + int cCnt = 0; + for (int i = 0; i < 2; ++i) + { + for (int j = 0; j < 4; ++j) + { + mac[cCnt++] = (byte)((authAcc[i] >> (j << 3)) & 0xff); + } + } + + Array.Copy(mac, 0, output.ToArray(), 0, mac.Length); + + try + { + return mac.Length; + } + finally + { + Reset(); + } + } +#endif + + public byte[] GetMac() { return mac; } @@ -558,21 +636,6 @@ namespace Org.BouncyCastle.Crypto.Engines x = (uint)(((x & 0x0f) << 4) | ((x & (~0x0f)) >> 4)) & 0xFF; return x; } - - public uint HighestOneBit(uint v) - { - int[] MultiplyDeBruijnBitPosition ={ - 0, 9, 1, 10, 13, 21, 2, 29, 11, 14, 16, 18, 22, 25, 3, 30, - 8, 12, 20, 28, 15, 17, 24, 7, 19, 27, 23, 6, 26, 5, 4, 31 - }; - v |= v >> 1; - v |= v >> 2; - v |= v >> 4; - v |= v >> 8; - v |= v >> 16; - - return (uint)(1 << MultiplyDeBruijnBitPosition[(v * 0x07C4ACDDU) >> 27]); - } } } diff --git a/crypto/test/src/crypto/test/Grain128AeadTest.cs b/crypto/test/src/crypto/test/Grain128AeadTest.cs index 049df3354..253adfdbf 100644 --- a/crypto/test/src/crypto/test/Grain128AeadTest.cs +++ b/crypto/test/src/crypto/test/Grain128AeadTest.cs @@ -34,7 +34,7 @@ namespace Org.BouncyCastle.Crypto.Tests ICipherParameters param; var buf = new Dictionary<string, string>(); //TestSampler sampler = new TestSampler(); - using (var src = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.LWC_Aead_KAT_128_96.txt"))) + using (var src = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.LWC_AEAD_KAT_128_96.txt"))) { string line; string[] data; @@ -49,7 +49,7 @@ namespace Org.BouncyCastle.Crypto.Tests param = new ParametersWithIV(new KeyParameter(Hex.Decode(map["Key"])), Hex.Decode(map["Nonce"])); grain.Init(true, param); adByte = Hex.Decode(map["AD"]); - grain.ProcessAADBytes(adByte, 0, adByte.Length); + grain.ProcessAadBytes(adByte, 0, adByte.Length); ptByte = Hex.Decode(map["PT"]); rv = new byte[ptByte.Length]; grain.ProcessBytes(ptByte, 0, ptByte.Length, rv, 0); @@ -86,9 +86,9 @@ namespace Org.BouncyCastle.Crypto.Tests ParametersWithIV param = new ParametersWithIV(new KeyParameter(Key), Nonce); grain.Init(true, param); - grain.ProcessAADBytes(AD, 0, 10); - grain.ProcessAADByte(AD[10]); - grain.ProcessAADBytes(AD, 11, AD.Length - 11); + grain.ProcessAadBytes(AD, 0, 10); + grain.ProcessAadByte(AD[10]); + grain.ProcessAadBytes(AD, 11, AD.Length - 11); byte[] rv = new byte[CT.Length]; int len = grain.ProcessBytes(PT, 0, 10, rv, 0); @@ -102,7 +102,7 @@ namespace Org.BouncyCastle.Crypto.Tests grain.ProcessBytes(PT, 0, 10, rv, 0); try { - grain.ProcessAADByte((byte)0x01); + grain.ProcessAadByte((byte)0x01); Assert.Fail("no exception"); } catch (ArgumentException e) @@ -112,7 +112,7 @@ namespace Org.BouncyCastle.Crypto.Tests try { - grain.ProcessAADBytes(AD, 0, AD.Length); + grain.ProcessAadBytes(AD, 0, AD.Length); Assert.Fail("no exception"); } catch (ArgumentException e) @@ -139,7 +139,7 @@ namespace Org.BouncyCastle.Crypto.Tests ParametersWithIV param = new ParametersWithIV(new KeyParameter(Key), Nonce); grain.Init(true, param); - grain.ProcessAADBytes(AD, 0, AD.Length); + grain.ProcessAadBytes(AD, 0, AD.Length); byte[] rv = new byte[CT.Length]; int len = grain.ProcessBytes(PT, 0, 10, rv, 0); @@ -153,7 +153,7 @@ namespace Org.BouncyCastle.Crypto.Tests grain.ProcessBytes(PT, 0, 10, rv, 0); try { - grain.ProcessAADByte((byte)0x01); + grain.ProcessAadByte((byte)0x01); Assert.Fail("no exception"); } catch (ArgumentException e) @@ -163,7 +163,7 @@ namespace Org.BouncyCastle.Crypto.Tests try { - grain.ProcessAADBytes(AD, 0, AD.Length); + grain.ProcessAadBytes(AD, 0, AD.Length); Assert.Fail("no exception"); } catch (ArgumentException e) @@ -184,7 +184,7 @@ namespace Org.BouncyCastle.Crypto.Tests } catch (ArgumentException e) { - Assert.IsTrue(Contains(e.Message, "Grain-128Aead Init parameters must include an IV")); + Assert.IsTrue(Contains(e.Message, "Grain-128AEAD Init parameters must include an IV")); } try @@ -196,7 +196,7 @@ namespace Org.BouncyCastle.Crypto.Tests } catch (ArgumentException e) { - Assert.IsTrue(Contains(e.Message, "Grain-128Aead requires exactly 12 bytes of IV")); + Assert.IsTrue(Contains(e.Message, "Grain-128AEAD requires exactly 12 bytes of IV")); } try @@ -208,7 +208,7 @@ namespace Org.BouncyCastle.Crypto.Tests } catch (ArgumentException e) { - Assert.IsTrue(Contains(e.Message, "Grain-128Aead key must be 128 bits long")); + Assert.IsTrue(Contains(e.Message, "Grain-128AEAD key must be 128 bits long")); } } |