diff --git a/crypto/src/security/CipherUtilities.cs b/crypto/src/security/CipherUtilities.cs
index eb10baec8..fb2a31a56 100644
--- a/crypto/src/security/CipherUtilities.cs
+++ b/crypto/src/security/CipherUtilities.cs
@@ -33,6 +33,9 @@ namespace Org.BouncyCastle.Security
CAMELLIA,
CAST5,
CAST6,
+ CHACHA,
+ CHACHA20_POLY1305,
+ CHACHA7539,
DES,
DESEDE,
ELGAMAL,
@@ -64,7 +67,7 @@ namespace Org.BouncyCastle.Security
VMPC_KSA3,
XTEA,
};
-
+
private enum CipherMode { ECB, NONE, CBC, CCM, CFB, CTR, CTS, EAX, GCM, GOFB, OCB, OFB, OPENPGPCFB, SIC };
private enum CipherPadding
{
@@ -207,6 +210,9 @@ namespace Org.BouncyCastle.Security
algorithms[KisaObjectIdentifiers.IdSeedCbc.Id] = "SEED/CBC/PKCS7PADDING";
algorithms["1.3.6.1.4.1.3029.1.2"] = "BLOWFISH/CBC";
+
+ algorithms["CHACHA20"] = "CHACHA7539";
+ algorithms[PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305.Id] = "CHACHA20-POLY1305";
}
private CipherUtilities()
@@ -333,6 +339,7 @@ namespace Org.BouncyCastle.Security
string[] parts = algorithm.Split('/');
+ IAeadCipher aeadCipher = null;
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
@@ -376,6 +383,15 @@ namespace Org.BouncyCastle.Security
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
+ case CipherAlgorithm.CHACHA:
+ streamCipher = new ChaChaEngine();
+ break;
+ case CipherAlgorithm.CHACHA20_POLY1305:
+ aeadCipher = new ChaCha20Poly1305();
+ break;
+ case CipherAlgorithm.CHACHA7539:
+ streamCipher = new ChaCha7539Engine();
+ break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
@@ -468,6 +484,14 @@ namespace Org.BouncyCastle.Security
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
+ if (aeadCipher != null)
+ {
+ if (parts.Length > 1)
+ throw new ArgumentException("Modes and paddings cannot be applied to AEAD ciphers");
+
+ return new BufferedAeadCipher(aeadCipher);
+ }
+
if (streamCipher != null)
{
if (parts.Length > 1)
diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs
index 08281493a..f39d583d6 100644
--- a/crypto/src/security/GeneratorUtilities.cs
+++ b/crypto/src/security/GeneratorUtilities.cs
@@ -72,6 +72,11 @@ namespace Org.BouncyCastle.Security
AddKgAlgorithm("CAST5",
"1.2.840.113533.7.66.10");
AddKgAlgorithm("CAST6");
+ AddKgAlgorithm("CHACHA");
+ AddKgAlgorithm("CHACHA7539",
+ "CHACHA20",
+ "CHACHA20-POLY1305",
+ PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305);
AddKgAlgorithm("DES",
OiwObjectIdentifiers.DesCbc,
OiwObjectIdentifiers.DesCfb,
@@ -202,15 +207,16 @@ namespace Org.BouncyCastle.Security
AddDefaultKeySizeEntries(64, "DES");
AddDefaultKeySizeEntries(80, "SKIPJACK");
- AddDefaultKeySizeEntries(128, "AES128", "BLOWFISH", "CAMELLIA128", "CAST5", "DESEDE",
+ AddDefaultKeySizeEntries(128, "AES128", "BLOWFISH", "CAMELLIA128", "CAST5", "CHACHA", "DESEDE",
"HC128", "HMACMD2", "HMACMD4", "HMACMD5", "HMACRIPEMD128", "IDEA", "NOEKEON",
"RC2", "RC4", "RC5", "SALSA20", "SEED", "SM4", "TEA", "XTEA", "VMPC", "VMPC-KSA3");
AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1");
AddDefaultKeySizeEntries(192, "AES", "AES192", "CAMELLIA192", "DESEDE3", "HMACTIGER",
"RIJNDAEL", "SERPENT", "TNEPRES");
AddDefaultKeySizeEntries(224, "HMACSHA3-224", "HMACKECCAK224", "HMACSHA224", "HMACSHA512/224");
- AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "GOST28147",
- "HC256", "HMACGOST3411-2012-256", "HMACSHA3-256", "HMACKECCAK256", "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH");
+ AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "CHACHA7539", "GOST28147",
+ "HC256", "HMACGOST3411-2012-256", "HMACSHA3-256", "HMACKECCAK256", "HMACSHA256", "HMACSHA512/256",
+ "RC5-64", "RC6", "THREEFISH-256", "TWOFISH");
AddDefaultKeySizeEntries(288, "HMACKECCAK288");
AddDefaultKeySizeEntries(384, "HMACSHA3-384", "HMACKECCAK384", "HMACSHA384");
AddDefaultKeySizeEntries(512, "HMACGOST3411-2012-512", "HMACSHA3-512", "HMACKECCAK512", "HMACSHA512", "THREEFISH-512");
diff --git a/crypto/src/security/ParameterUtilities.cs b/crypto/src/security/ParameterUtilities.cs
index dc6992833..0ff1bdb4a 100644
--- a/crypto/src/security/ParameterUtilities.cs
+++ b/crypto/src/security/ParameterUtilities.cs
@@ -65,6 +65,11 @@ namespace Org.BouncyCastle.Security
AddAlgorithm("CAST5",
"1.2.840.113533.7.66.10");
AddAlgorithm("CAST6");
+ AddAlgorithm("CHACHA");
+ AddAlgorithm("CHACHA7539",
+ "CHACHA20",
+ "CHACHA20-POLY1305",
+ PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305);
AddAlgorithm("DES",
OiwObjectIdentifiers.DesCbc,
OiwObjectIdentifiers.DesCfb,
@@ -114,7 +119,8 @@ namespace Org.BouncyCastle.Security
AddAlgorithm("VMPC-KSA3");
AddAlgorithm("XTEA");
- AddBasicIVSizeEntries(8, "BLOWFISH", "DES", "DESEDE", "DESEDE3");
+ AddBasicIVSizeEntries(8, "BLOWFISH", "CHACHA", "DES", "DESEDE", "DESEDE3", "SALSA20");
+ AddBasicIVSizeEntries(12, "CHACHA7539");
AddBasicIVSizeEntries(16, "AES", "AES128", "AES192", "AES256",
"CAMELLIA", "CAMELLIA128", "CAMELLIA192", "CAMELLIA256",
"NOEKEON", "SEED", "SM4");
@@ -315,13 +321,9 @@ namespace Org.BouncyCastle.Security
return new DerOctetString(CreateIV(random, ivLength));
}
- private static byte[] CreateIV(
- SecureRandom random,
- int ivLength)
+ private static byte[] CreateIV(SecureRandom random, int ivLength)
{
- byte[] iv = new byte[ivLength];
- random.NextBytes(iv);
- return iv;
+ return SecureRandom.GetNextBytes(random, ivLength);
}
private static int FindBasicIVSize(
|
