AesWrap: update from bc-java

- fix wrap/unwrap of 64-bit keys
author: Peter Dettman <peter.dettman@bouncycastle.org> 2022-12-05 17:53:47 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2022-12-05 17:53:47 +0700
commit: 7e78f2644963a3f52023232d930c98fac8b13d0c (patch)
tree: 3360317d061d1482994c267710b84959b2475283 /crypto/test
parent: Rfc3394WrapEngine: check input length in Unwrap (diff)
download: BouncyCastle.NET-ed25519-7e78f2644963a3f52023232d930c98fac8b13d0c.tar.xz
1 files changed, 33 insertions, 13 deletions
diff --git a/crypto/test/src/crypto/test/AESWrapTest.cs b/crypto/test/src/crypto/test/AESWrapTest.cs
index 7d9bcd497..27881a391 100644
--- a/crypto/test/src/crypto/test/AESWrapTest.cs
+++ b/crypto/test/src/crypto/test/AESWrapTest.cs
@@ -26,13 +26,14 @@ namespace Org.BouncyCastle.Crypto.Tests
 			}
 		}
 
-		private ITestResult wrapTest(
-			int     id,
-			byte[]  kek,
-			byte[]  inBytes,
-			byte[]  outBytes)
+        private ITestResult WrapTest(int id, byte[] kek, byte[] inBytes, byte[] outBytes)
+        {
+            return WrapTest(id, kek, inBytes, outBytes, false);
+        }
+
+        private ITestResult WrapTest(int id, byte[] kek, byte[] inBytes, byte[] outBytes, bool useReverseDirection)
 		{
-			IWrapper wrapper = new AesWrapEngine();
+			IWrapper wrapper = new AesWrapEngine(useReverseDirection);
 
 			wrapper.Init(true, new KeyParameter(kek));
 
@@ -76,7 +77,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
 			byte[]  in1 = Hex.Decode("00112233445566778899aabbccddeeff");
 			byte[]  out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
-			ITestResult result = wrapTest(1, kek1, in1, out1);
+			ITestResult result = WrapTest(1, kek1, in1, out1);
 
 			if (!result.IsSuccessful())
 			{
@@ -86,7 +87,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek2 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
 			byte[]  in2 = Hex.Decode("00112233445566778899aabbccddeeff");
 			byte[]  out2 = Hex.Decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d");
-			result = wrapTest(2, kek2, in2, out2);
+			result = WrapTest(2, kek2, in2, out2);
 			if (!result.IsSuccessful())
 			{
 				return result;
@@ -95,7 +96,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek3 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
 			byte[]  in3 = Hex.Decode("00112233445566778899aabbccddeeff");
 			byte[]  out3 = Hex.Decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7");
-			result = wrapTest(3, kek3, in3, out3);
+			result = WrapTest(3, kek3, in3, out3);
 			if (!result.IsSuccessful())
 			{
 				return result;
@@ -104,7 +105,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek4 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
 			byte[]  in4 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
 			byte[]  out4 = Hex.Decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2");
-			result = wrapTest(4, kek4, in4, out4);
+			result = WrapTest(4, kek4, in4, out4);
 			if (!result.IsSuccessful())
 			{
 				return result;
@@ -113,7 +114,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek5 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
 			byte[]  in5 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
 			byte[]  out5 = Hex.Decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1");
-			result = wrapTest(5, kek5, in5, out5);
+			result = WrapTest(5, kek5, in5, out5);
 			if (!result.IsSuccessful())
 			{
 				return result;
@@ -122,13 +123,32 @@ namespace Org.BouncyCastle.Crypto.Tests
 			byte[]  kek6 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
 			byte[]  in6 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
 			byte[]  out6 = Hex.Decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21");
-			result = wrapTest(6, kek6, in6, out6);
+			result = WrapTest(6, kek6, in6, out6);
 			if (!result.IsSuccessful())
 			{
 				return result;
 			}
 
-			IWrapper wrapper = new AesWrapEngine();
+            byte[] kek7 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+            byte[] in7 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
+            byte[] out7 = Hex.Decode("cba01acbdb4c7c39fa59babb383c485f318837208731a81c735b5be6ba710375a1159e26a9b57228");
+            result = WrapTest(7, kek7, in7, out7, true);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            // Example of 64-bit input (which uses a simplified wrapping algorithm)
+            byte[] kek8 = Hex.Decode("574957151fc2afe0fa3dc7a9a7da6495");
+            byte[] in8 = Hex.Decode("0001020304050607");
+            byte[] out8 = Hex.Decode("6f0b501f1f2f59e3ae605aa679ce43a6");
+            result = WrapTest(8, kek8, in8, out8);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            IWrapper wrapper = new AesWrapEngine();
 			KeyParameter key = new KeyParameter(new byte[16]);
 			byte[]       buf = new byte[16];
author	Peter Dettman <peter.dettman@bouncycastle.org>	2022-12-05 17:53:47 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2022-12-05 17:53:47 +0700
commit	7e78f2644963a3f52023232d930c98fac8b13d0c (patch)
tree	3360317d061d1482994c267710b84959b2475283 /crypto/test
parent	Rfc3394WrapEngine: check input length in Unwrap (diff)
download	BouncyCastle.NET-ed25519-7e78f2644963a3f52023232d930c98fac8b13d0c.tar.xz