Merge remote-tracking branch 'refs/remotes/origin/master'

15 files changed, 198 insertions, 4 deletions

diff --git a/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs b/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs
index 65209abdb..3e90c5752 100644
--- a/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs
+++ b/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs
@@ -512,6 +512,15 @@ namespace Org.BouncyCastle.Crypto.Prng.Test
                 return cipher.ProcessBlock(input, inOff, output, outOff);
             }
 
+            // NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            public int ProcessBlock(ReadOnlySpan<byte> input, Span<byte> output)
+            {
+                return cipher.ProcessBlock(input, output);
+            }
+#endif
+
             public void Reset()
             {
                 cipher.Reset();
diff --git a/crypto/test/src/crypto/test/Blake2bDigestTest.cs b/crypto/test/src/crypto/test/Blake2bDigestTest.cs
index e7835e2a7..518331b2e 100644
--- a/crypto/test/src/crypto/test/Blake2bDigestTest.cs
+++ b/crypto/test/src/crypto/test/Blake2bDigestTest.cs
@@ -146,6 +146,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             ResetTest();
             DoTestNullKeyVsUnkeyed();
             DoTestLengthConstruction();
+
+            DigestTest.SpanConsistencyTests(this, new Blake2bDigest(512));
         }
 
         private void CloneTest()
diff --git a/crypto/test/src/crypto/test/Blake2sDigestTest.cs b/crypto/test/src/crypto/test/Blake2sDigestTest.cs
index 2080e2871..10c35579f 100644
--- a/crypto/test/src/crypto/test/Blake2sDigestTest.cs
+++ b/crypto/test/src/crypto/test/Blake2sDigestTest.cs
@@ -293,6 +293,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             RunSelfTest();
             DoTestNullKeyVsUnkeyed();
             DoTestLengthConstruction();
+
+            DigestTest.SpanConsistencyTests(this, new Blake2sDigest(256));
         }
 
         [Test]
diff --git a/crypto/test/src/crypto/test/CSHAKETest.cs b/crypto/test/src/crypto/test/CSHAKETest.cs
index 6a3c99a0f..581832aaf 100644
--- a/crypto/test/src/crypto/test/CSHAKETest.cs
+++ b/crypto/test/src/crypto/test/CSHAKETest.cs
@@ -103,6 +103,9 @@ namespace Org.BouncyCastle.Crypto.Tests
             checkSHAKE(128, new CShakeDigest(128, null, new byte[0]), Hex.Decode("eeaabeef"));
             checkSHAKE(128, new CShakeDigest(128, null, null), Hex.Decode("eeaabeef"));
             checkSHAKE(256, new CShakeDigest(256, null, null), Hex.Decode("eeaabeef"));
+
+            DigestTest.SpanConsistencyTests(this, new CShakeDigest(128, null, null));
+            DigestTest.SpanConsistencyTests(this, new CShakeDigest(256, null, null));
         }
 
         private void checkZeroPadZ()
diff --git a/crypto/test/src/crypto/test/DigestTest.cs b/crypto/test/src/crypto/test/DigestTest.cs
index 930979643..1809c07fb 100644
--- a/crypto/test/src/crypto/test/DigestTest.cs
+++ b/crypto/test/src/crypto/test/DigestTest.cs
@@ -1,7 +1,6 @@
 using System;
 
-using Org.BouncyCastle.Crypto;
-
+using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
@@ -11,6 +10,8 @@ namespace Org.BouncyCastle.Crypto.Tests
 	public abstract class DigestTest
 		: SimpleTest
 	{
+		internal static readonly SecureRandom Random = new SecureRandom();
+
 		private IDigest digest;
 		private string[] input;
 		private string[] results;
@@ -108,6 +109,8 @@ namespace Org.BouncyCastle.Crypto.Tests
 			{
 				Fail("failing memo copy vector test", results[results.Length - 1], Hex.ToHexString(resBuf));
 			}
+
+			SpanConsistencyTests(this, digest);
 		}
 
 		private byte[] toByteArray(
@@ -179,5 +182,57 @@ namespace Org.BouncyCastle.Crypto.Tests
 				Fail("64k test failed");
 			}
 		}
+
+		internal static void SpanConsistencyTests(SimpleTest test, IDigest digest)
+        {
+			// NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+
+			// Span-based API consistency checks
+			byte[] data = new byte[16 + 256];
+			Random.NextBytes(data);
+
+			for (int len = 0; len <= 256; ++len)
+			{
+				int off = Random.Next(0, 17);
+
+				SpanConsistencyTest(test, digest, data, off, len);
+			}
+#endif
+		}
+
+		internal static void SpanConsistencyTest(SimpleTest test, IDigest digest, byte[] buf, int off, int len)
+        {
+			// NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+			digest.Reset();
+
+			byte[] arrayResult = DigestUtilities.DoFinal(digest, buf, off, len);
+			byte[] spanResult1 = DigestUtilities.DoFinal(digest, buf.AsSpan(off, len));
+
+			if (!test.AreEqual(arrayResult, spanResult1))
+			{
+				test.Fail("failing span consistency test 1", Hex.ToHexString(arrayResult), Hex.ToHexString(spanResult1));
+			}
+
+			int pos = 0;
+			while (pos < len)
+			{
+				int next = 1 + Random.Next(len - pos);
+				digest.BlockUpdate(buf.AsSpan(off + pos, next));
+				pos += next;
+			}
+
+			byte[] spanResult2 = new byte[digest.GetDigestSize()];
+			digest.DoFinal(spanResult2.AsSpan());
+
+			if (!test.AreEqual(arrayResult, spanResult2))
+			{
+				test.Fail("failing span consistency test 2", Hex.ToHexString(arrayResult), Hex.ToHexString(spanResult2));
+			}
+#endif
+		}
 	}
 }
diff --git a/crypto/test/src/crypto/test/GcmSivTest.cs b/crypto/test/src/crypto/test/GcmSivTest.cs
index 16e53abdf..47f824db6 100644
--- a/crypto/test/src/crypto/test/GcmSivTest.cs
+++ b/crypto/test/src/crypto/test/GcmSivTest.cs
@@ -74,6 +74,15 @@ namespace Org.BouncyCastle.Crypto.Tests
                 pCipher.DoFinal(myOutput, 0);
                 IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
 
+                if (myData.Length >= 2)
+                {
+                    /* Repeat processing checking processBytes with non-empty internal buffer */
+                    pCipher.ProcessByte(myData[0], null, 0);
+                    pCipher.ProcessBytes(myData, 1, myData.Length - 1, null, 0);
+                    pCipher.DoFinal(myOutput, 0);
+                    IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
+                }
+
                 /* Re-initialise the cipher */
                 pCipher.Init(false, myParams);
                 pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0);
diff --git a/crypto/test/src/crypto/test/Haraka256DigestTest.cs b/crypto/test/src/crypto/test/Haraka256DigestTest.cs
index 3f7706211..18ff65ddc 100644
--- a/crypto/test/src/crypto/test/Haraka256DigestTest.cs
+++ b/crypto/test/src/crypto/test/Haraka256DigestTest.cs
@@ -2,6 +2,7 @@
 using NUnit.Framework;
 
 using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
@@ -185,6 +186,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             TestInputTooShort();
             TestOutput();
             TestMonty();
+
+            SpanConsistencyTests();
         }
 
         [Test]
@@ -194,5 +197,22 @@ namespace Org.BouncyCastle.Crypto.Tests
 
             Assert.AreEqual(Name + ": Okay", resultText);
         }
+
+        private void SpanConsistencyTests()
+        {
+            // NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            // Span-based API consistency checks
+            byte[] data = new byte[16 + 32];
+            DigestTest.Random.NextBytes(data);
+
+            var digest = new Haraka256Digest();
+            for (int off = 0; off <= 16; ++off)
+            {
+                DigestTest.SpanConsistencyTest(this, digest, data, off, 32);
+            }
+#endif
+        }
     }
-}
\ No newline at end of file
+}
diff --git a/crypto/test/src/crypto/test/Haraka512DigestTest.cs b/crypto/test/src/crypto/test/Haraka512DigestTest.cs
index 11aa746af..1ef178222 100644
--- a/crypto/test/src/crypto/test/Haraka512DigestTest.cs
+++ b/crypto/test/src/crypto/test/Haraka512DigestTest.cs
@@ -188,6 +188,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             TestInputTooShort();
             TestOutput();
             TestMonty();
+
+            SpanConsistencyTests();
         }
 
         [Test]
@@ -197,5 +199,22 @@ namespace Org.BouncyCastle.Crypto.Tests
 
             Assert.AreEqual(Name + ": Okay", resultText);
         }
+
+        private void SpanConsistencyTests()
+        {
+            // NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            // Span-based API consistency checks
+            byte[] data = new byte[16 + 64];
+            DigestTest.Random.NextBytes(data);
+
+            var digest = new Haraka512Digest();
+            for (int off = 0; off <= 16; ++off)
+            {
+                DigestTest.SpanConsistencyTest(this, digest, data, off, 64);
+            }
+#endif
+        }
     }
-}
\ No newline at end of file
+}
diff --git a/crypto/test/src/crypto/test/KeccakDigestTest.cs b/crypto/test/src/crypto/test/KeccakDigestTest.cs
index ddabddab4..12b310fc0 100644
--- a/crypto/test/src/crypto/test/KeccakDigestTest.cs
+++ b/crypto/test/src/crypto/test/KeccakDigestTest.cs
@@ -273,6 +273,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             //    Fail("Keccak mismatch on " + digest.AlgorithmName + " extreme data test");
             //}
             //Console.WriteLine("Done");
+
+            DigestTest.SpanConsistencyTests(this, digest);
         }
 
         private void TestDigestDoFinal(IDigest digest)
diff --git a/crypto/test/src/crypto/test/ParallelHashTest.cs b/crypto/test/src/crypto/test/ParallelHashTest.cs
index 536567313..e37516366 100644
--- a/crypto/test/src/crypto/test/ParallelHashTest.cs
+++ b/crypto/test/src/crypto/test/ParallelHashTest.cs
@@ -119,6 +119,9 @@ namespace Org.BouncyCastle.Crypto.Tests
             IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res));
 
             testEmpty();
+
+            DigestTest.SpanConsistencyTests(this, new ParallelHash(128, new byte[0], 8));
+            DigestTest.SpanConsistencyTests(this, new ParallelHash(256, new byte[0], 8));
         }
 
         private void testEmpty()
diff --git a/crypto/test/src/crypto/test/SHA3DigestTest.cs b/crypto/test/src/crypto/test/SHA3DigestTest.cs
index 7b9ab26cf..2984f1c83 100644
--- a/crypto/test/src/crypto/test/SHA3DigestTest.cs
+++ b/crypto/test/src/crypto/test/SHA3DigestTest.cs
@@ -40,6 +40,8 @@ namespace Org.BouncyCastle.Crypto.Tests
         public override void PerformTest()
         {
             TestVectors();
+
+            DigestTest.SpanConsistencyTests(this, new Sha3Digest());
         }
 
         public void TestVectors()
diff --git a/crypto/test/src/crypto/test/ShakeDigestTest.cs b/crypto/test/src/crypto/test/ShakeDigestTest.cs
index 4b4d0fbd6..0aeedb256 100644
--- a/crypto/test/src/crypto/test/ShakeDigestTest.cs
+++ b/crypto/test/src/crypto/test/ShakeDigestTest.cs
@@ -40,6 +40,8 @@ namespace Org.BouncyCastle.Crypto.Tests
         public override void PerformTest()
         {
             TestVectors();
+
+            DigestTest.SpanConsistencyTests(this, new ShakeDigest());
         }
 
         public void TestVectors()
diff --git a/crypto/test/src/crypto/test/ShortenedDigestTest.cs b/crypto/test/src/crypto/test/ShortenedDigestTest.cs
index 927ffee3a..01c408219 100644
--- a/crypto/test/src/crypto/test/ShortenedDigestTest.cs
+++ b/crypto/test/src/crypto/test/ShortenedDigestTest.cs
@@ -74,6 +74,8 @@ namespace Org.BouncyCastle.Crypto.Tests
 			{
 				// expected
 			}
+
+			DigestTest.SpanConsistencyTests(this, new ShortenedDigest(new Sha1Digest(), 10));
 		}
 
 		public override string Name
diff --git a/crypto/test/src/crypto/test/SkeinDigestTest.cs b/crypto/test/src/crypto/test/SkeinDigestTest.cs
index 50a2d9565..7935eaafb 100644
--- a/crypto/test/src/crypto/test/SkeinDigestTest.cs
+++ b/crypto/test/src/crypto/test/SkeinDigestTest.cs
@@ -205,6 +205,8 @@ namespace Org.BouncyCastle.Crypto.Tests
 				Case test = TEST_CASES[i];
 				runTest(test);
 			}
+
+			DigestTest.SpanConsistencyTests(this, new SkeinDigest(256, 256));
 		}
 
 		private void runTest(Case dc)
diff --git a/crypto/test/src/crypto/test/TupleHashTest.cs b/crypto/test/src/crypto/test/TupleHashTest.cs
index fd1ee001f..918fcbea4 100644
--- a/crypto/test/src/crypto/test/TupleHashTest.cs
+++ b/crypto/test/src/crypto/test/TupleHashTest.cs
@@ -3,6 +3,7 @@ using System;
 using NUnit.Framework;
 
 using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
@@ -103,6 +104,8 @@ namespace Org.BouncyCastle.Crypto.Tests
 
             IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res));
             IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res));
+
+            SpanConsistencyTests();
         }
 
         [Test]
@@ -112,5 +115,64 @@ namespace Org.BouncyCastle.Crypto.Tests
 
             Assert.AreEqual(Name + ": Okay", resultText);
         }
+
+        internal void SpanConsistencyTests()
+        {
+            // NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            IDigest digest1 = new TupleHash(128, new byte[0]);
+            IDigest digest2 = new TupleHash(128, new byte[0]);
+
+            // Span-based API consistency checks
+            byte[] data = new byte[16 + 256];
+            DigestTest.Random.NextBytes(data);
+
+            for (int len = 0; len <= 256; ++len)
+            {
+                int off = DigestTest.Random.Next(0, 17);
+
+                SpanConsistencyTest(digest1, digest2, data, off, len);
+            }
+#endif
+        }
+
+        internal void SpanConsistencyTest(IDigest digest1, IDigest digest2, byte[] buf, int off, int len)
+        {
+            // NOTE: .NET Core 2.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            digest1.Reset();
+            digest2.Reset();
+
+            byte[] arrayResult1 = DigestUtilities.DoFinal(digest1, buf, off, len);
+            byte[] spanResult1 = DigestUtilities.DoFinal(digest2, buf.AsSpan(off, len));
+
+            if (!AreEqual(arrayResult1, spanResult1))
+            {
+                Fail("failing span consistency test 1", Hex.ToHexString(arrayResult1), Hex.ToHexString(spanResult1));
+            }
+
+            int pos = 0;
+            while (pos < len)
+            {
+                int next = 1 + DigestTest.Random.Next(len - pos);
+                digest1.BlockUpdate(buf, off + pos, next);
+                digest2.BlockUpdate(buf.AsSpan(off + pos, next));
+                pos += next;
+            }
+
+            byte[] arrayResult2 = new byte[digest1.GetDigestSize()];
+            digest1.DoFinal(arrayResult2, 0);
+
+            byte[] spanResult2 = new byte[digest2.GetDigestSize()];
+            digest2.DoFinal(spanResult2.AsSpan());
+
+            if (!AreEqual(arrayResult2, spanResult2))
+            {
+                Fail("failing span consistency test 2", Hex.ToHexString(arrayResult2), Hex.ToHexString(spanResult2));
+            }
+#endif
+        }
     }
 }