diff --git a/crypto/test/src/crypto/test/OCBTest.cs b/crypto/test/src/crypto/test/OCBTest.cs
index a28e6c3f1..2f159994e 100644
--- a/crypto/test/src/crypto/test/OCBTest.cs
+++ b/crypto/test/src/crypto/test/OCBTest.cs
@@ -14,60 +14,91 @@ namespace Org.BouncyCastle.Crypto.Tests
{
/**
* Test vectors from the "work in progress" Internet-Draft <a
- * href="http://tools.ietf.org/html/draft-irtf-cfrg-ocb-05">The OCB Authenticated-Encryption
+ * href="http://tools.ietf.org/html/draft-irtf-cfrg-ocb-06">The OCB Authenticated-Encryption
* Algorithm</a>
*/
public class OcbTest
: SimpleTest
{
- private const string K = "000102030405060708090A0B0C0D0E0F";
- private const string N = "000102030405060708090A0B";
+ private const string KEY_128 = "000102030405060708090A0B0C0D0E0F";
+ private const string KEY_96 = "0F0E0D0C0B0A09080706050403020100";
/*
- * Test vectors contain the strings A, P, C in order
+ * Test vectors from Appendix A of the specification, containing the strings N, A, P, C in order
*/
- // Sample data for 96 bit tag, taken from a CFRG post
- private static readonly string[][] TEST_VECTORS_96 = new string[][]{ new string[]{
- "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
- "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
- "09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A96766FC4E2EE3E3A5A11B6C44F34E3ABB3CBF8976E7" } };
-
- // Test vectors from Appendix A of the specification
private static readonly string[][] TEST_VECTORS_128 = new string[][]{
- new string[]{ "", "", "197B9C3C441D3C83EAFB2BEF633B9182" },
- new string[]{ "0001020304050607", "0001020304050607", "92B657130A74B85A16DC76A46D47E1EAD537209E8A96D14E" },
- new string[]{ "0001020304050607", "", "98B91552C8C009185044E30A6EB2FE21" },
- new string[]{ "", "0001020304050607", "92B657130A74B85A971EFFCAE19AD4716F88E87B871FBEED" },
- new string[]{ "000102030405060708090A0B0C0D0E0F", "000102030405060708090A0B0C0D0E0F",
- "BEA5E8798DBE7110031C144DA0B26122776C9924D6723A1F" + "C4524532AC3E5BEB" },
- new string[]{ "000102030405060708090A0B0C0D0E0F", "", "7DDB8E6CEA6814866212509619B19CC6" },
- new string[]{ "", "000102030405060708090A0B0C0D0E0F",
- "BEA5E8798DBE7110031C144DA0B2612213CC8B747807121A" + "4CBB3E4BD6B456AF" },
- new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617", "000102030405060708090A0B0C0D0E0F1011121314151617",
- "BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48" + "5FA94FC3F38820F1DC3F3D1FD4E55E1C" },
- new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617", "", "282026DA3068BC9FA118681D559F10F6" },
- new string[]{ "", "000102030405060708090A0B0C0D0E0F1011121314151617",
- "BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48" + "6EF2F52587FDA0ED97DC7EEDE241DF68" },
- new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
- "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
- "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6" + "57149D53773463CBB2A040DD3BD5164372D76D7BB6824240" },
- new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F", "",
- "E1E072633BADE51A60E85951D9C42A1B" },
- new string[]{ "", "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
- "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6" + "57149D53773463CB4A3BAE824465CFDAF8C41FC50C7DF9D9" },
- new string[]{
- "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
- "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
- "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6" + "57149D53773463CB68C65778B058A635659C623211DEEA0D"
- + "E30D2C381879F4C8" },
- new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627", "",
- "7AEB7A69A1687DD082CA27B0D9A37096" },
- new string[]{
- "",
- "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
- "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6" + "57149D53773463CB68C65778B058A635060C8467F4ABAB5E"
- + "8B3C2067A2E115DC" },
+ new string[]{ "BBAA99887766554433221100",
+ "",
+ "",
+ "785407BFFFC8AD9EDCC5520AC9111EE6" },
+ new string[]{ "BBAA99887766554433221101",
+ "0001020304050607",
+ "0001020304050607",
+ "6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009" },
+ new string[]{ "BBAA99887766554433221102",
+ "0001020304050607",
+ "",
+ "81017F8203F081277152FADE694A0A00" },
+ new string[]{ "BBAA99887766554433221103",
+ "",
+ "0001020304050607",
+ "45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9" },
+ new string[]{ "BBAA99887766554433221104",
+ "000102030405060708090A0B0C0D0E0F",
+ "000102030405060708090A0B0C0D0E0F",
+ "571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358" },
+ new string[]{ "BBAA99887766554433221105",
+ "000102030405060708090A0B0C0D0E0F",
+ "",
+ "8CF761B6902EF764462AD86498CA6B97" },
+ new string[]{ "BBAA99887766554433221106",
+ "",
+ "000102030405060708090A0B0C0D0E0F",
+ "5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D" },
+ new string[]{ "BBAA99887766554433221107",
+ "000102030405060708090A0B0C0D0E0F1011121314151617",
+ "000102030405060708090A0B0C0D0E0F1011121314151617",
+ "1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F" },
+ new string[]{ "BBAA99887766554433221108",
+ "000102030405060708090A0B0C0D0E0F1011121314151617",
+ "",
+ "6DC225A071FC1B9F7C69F93B0F1E10DE" },
+ new string[]{ "BBAA99887766554433221109",
+ "",
+ "000102030405060708090A0B0C0D0E0F1011121314151617",
+ "221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF" },
+ new string[]{ "BBAA9988776655443322110A",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+ "BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240" },
+ new string[]{ "BBAA9988776655443322110B",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+ "",
+ "FE80690BEE8A485D11F32965BC9D2A32" },
+ new string[]{ "BBAA9988776655443322110C",
+ "",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+ "2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF" },
+ new string[]{ "BBAA9988776655443322110D",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60" },
+ new string[]{ "BBAA9988776655443322110E",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "",
+ "C5CD9D1850C141E358649994EE701B68" },
+ new string[]{ "BBAA9988776655443322110F",
+ "",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479" },
+ };
+
+ private static readonly string[][] TEST_VECTORS_96 = new string[][]{
+ new string[]{ "BBAA9988776655443322110D",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+ "1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA" },
};
public override string Name
@@ -77,31 +108,34 @@ namespace Org.BouncyCastle.Crypto.Tests
public override void PerformTest()
{
- for (int i = 0; i < TEST_VECTORS_96.Length; ++i)
+ byte[] K128 = Hex.Decode(KEY_128);
+ for (int i = 0; i < TEST_VECTORS_128.Length; ++i)
{
- RunTestCase("Test Case " + i, TEST_VECTORS_96[i], 96);
+ RunTestCase("Test Case " + i, TEST_VECTORS_128[i], 128, K128);
}
- for (int i = 0; i < TEST_VECTORS_128.Length; ++i)
+
+ byte[] K96 = Hex.Decode(KEY_96);
+ for (int i = 0; i < TEST_VECTORS_96.Length; ++i)
{
- RunTestCase("Test Case " + i, TEST_VECTORS_128[i], 128);
+ RunTestCase("Test Case " + i, TEST_VECTORS_96[i], 96, K96);
}
- RunLongerTestCase(128, 128, Hex.Decode("B2B41CBF9B05037DA7F16C24A35C1C94"));
- RunLongerTestCase(192, 128, Hex.Decode("1529F894659D2B51B776740211E7D083"));
- RunLongerTestCase(256, 128, Hex.Decode("42B83106E473C0EEE086C8D631FD4C7B"));
- RunLongerTestCase(128, 96, Hex.Decode("1A4F0654277709A5BDA0D380"));
- RunLongerTestCase(192, 96, Hex.Decode("AD819483E01DD648978F4522"));
- RunLongerTestCase(256, 96, Hex.Decode("CD2E41379C7E7C4458CCFB4A"));
- RunLongerTestCase(128, 64, Hex.Decode("B7ECE9D381FE437F"));
- RunLongerTestCase(192, 64, Hex.Decode("DE0574C87FF06DF9"));
- RunLongerTestCase(256, 64, Hex.Decode("833E45FF7D332F7E"));
+ RunLongerTestCase(128, 128, Hex.Decode("67E944D23256C5E0B6C61FA22FDF1EA2"));
+ RunLongerTestCase(192, 128, Hex.Decode("F673F2C3E7174AAE7BAE986CA9F29E17"));
+ RunLongerTestCase(256, 128, Hex.Decode("D90EB8E9C977C88B79DD793D7FFA161C"));
+ RunLongerTestCase(128, 96, Hex.Decode("77A3D8E73589158D25D01209"));
+ RunLongerTestCase(192, 96, Hex.Decode("05D56EAD2752C86BE6932C5E"));
+ RunLongerTestCase(256, 96, Hex.Decode("5458359AC23B0CBA9E6330DD"));
+ RunLongerTestCase(128, 64, Hex.Decode("192C9B7BD90BA06A"));
+ RunLongerTestCase(192, 64, Hex.Decode("0066BC6E0EF34E24"));
+ RunLongerTestCase(256, 64, Hex.Decode("7D4EA5D445501CBE"));
DoTestExceptions();
}
private void DoTestExceptions()
{
- OcbBlockCipher ocb = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+ IAeadBlockCipher ocb = CreateOcbCipher();
try
{
@@ -124,16 +158,14 @@ namespace Org.BouncyCastle.Crypto.Tests
}
// TODO
- //AEADTestUtil.testReset(this, new OCBBlockCipher(new AESEngine(), new AESEngine()), new OCBBlockCipher(new AESEngine(), new AESEngine()), new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15]));
+ //AEADTestUtil.testReset(this, createOCBCipher(), createOCBCipher(), new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15]));
//AEADTestUtil.testTampering(this, ocb, new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15]));
}
- private void RunTestCase(string testName, string[] testVector, int macLengthBits)
+ private void RunTestCase(string testName, string[] testVector, int macLengthBits, byte[] K)
{
- byte[] key = Hex.Decode(K);
- byte[] nonce = Hex.Decode(N);
-
int pos = 0;
+ byte[] N = Hex.Decode(testVector[pos++]);
byte[] A = Hex.Decode(testVector[pos++]);
byte[] P = Hex.Decode(testVector[pos++]);
byte[] C = Hex.Decode(testVector[pos++]);
@@ -142,11 +174,11 @@ namespace Org.BouncyCastle.Crypto.Tests
// TODO Variations processing AAD and cipher bytes incrementally
- KeyParameter keyParameter = new KeyParameter(key);
- AeadParameters aeadParameters = new AeadParameters(keyParameter, macLengthBits, nonce, A);
+ KeyParameter keyParameter = new KeyParameter(K);
+ AeadParameters aeadParameters = new AeadParameters(keyParameter, macLengthBits, N, A);
- OcbBlockCipher encCipher = InitCipher(true, aeadParameters);
- OcbBlockCipher decCipher = InitCipher(false, aeadParameters);
+ IAeadBlockCipher encCipher = InitOcbCipher(true, aeadParameters);
+ IAeadBlockCipher decCipher = InitOcbCipher(false, aeadParameters);
CheckTestCase(encCipher, decCipher, testName, macLengthBytes, P, C);
CheckTestCase(encCipher, decCipher, testName + " (reused)", macLengthBytes, P, C);
@@ -154,14 +186,24 @@ namespace Org.BouncyCastle.Crypto.Tests
// TODO Key reuse
}
- private OcbBlockCipher InitCipher(bool forEncryption, AeadParameters parameters)
+ private IBlockCipher CreateUnderlyingCipher()
+ {
+ return new AesEngine();
+ }
+
+ private IAeadBlockCipher CreateOcbCipher()
+ {
+ return new OcbBlockCipher(CreateUnderlyingCipher(), CreateUnderlyingCipher());
+ }
+
+ private IAeadBlockCipher InitOcbCipher(bool forEncryption, AeadParameters parameters)
{
- OcbBlockCipher c = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+ IAeadBlockCipher c = CreateOcbCipher();
c.Init(forEncryption, parameters);
return c;
}
- private void CheckTestCase(OcbBlockCipher encCipher, OcbBlockCipher decCipher, string testName,
+ private void CheckTestCase(IAeadBlockCipher encCipher, IAeadBlockCipher decCipher, string testName,
int macLengthBytes, byte[] P, byte[] C)
{
byte[] tag = Arrays.Copy(C, C.Length - macLengthBytes, macLengthBytes);
@@ -209,28 +251,28 @@ namespace Org.BouncyCastle.Crypto.Tests
}
}
- private void RunLongerTestCase(int aesKeySize, int tagLen, byte[] expectedOutput)
+ private void RunLongerTestCase(int keyLen, int tagLen, byte[] expectedOutput)
{
- KeyParameter key = new KeyParameter(new byte[aesKeySize / 8]);
- byte[] N = new byte[12];
+ byte[] keyBytes = new byte[keyLen / 8];
+ keyBytes[keyBytes.Length - 1] = (byte)tagLen;
+ KeyParameter key = new KeyParameter(keyBytes);
- IAeadBlockCipher c1 = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
- c1.Init(true, new AeadParameters(key, tagLen, N));
+ IAeadBlockCipher c1 = InitOcbCipher(true, new AeadParameters(key, tagLen, CreateNonce(385)));
- IAeadBlockCipher c2 = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+ IAeadBlockCipher c2 = CreateOcbCipher();
long total = 0;
byte[] S = new byte[128];
+ uint n = 0;
for (int i = 0; i < 128; ++i)
{
- N[11] = (byte) i;
-
- c2.Init(true, new AeadParameters(key, tagLen, N));
-
+ c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n)));
total += UpdateCiphers(c1, c2, S, i, true, true);
+ c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n)));
total += UpdateCiphers(c1, c2, S, i, false, true);
+ c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n)));
total += UpdateCiphers(c1, c2, S, i, true, false);
}
@@ -250,6 +292,11 @@ namespace Org.BouncyCastle.Crypto.Tests
}
}
+ private byte[] CreateNonce(uint n)
+ {
+ return new byte[]{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, (byte)(n >> 8), (byte)n };
+ }
+
private int UpdateCiphers(IAeadBlockCipher c1, IAeadBlockCipher c2, byte[] S, int i,
bool includeAAD, bool includePlaintext)
{
|
