diff options
46 files changed, 2691 insertions, 2571 deletions
diff --git a/crypto/BouncyCastle.Android.csproj b/crypto/BouncyCastle.Android.csproj index af8757ff7..0f15e30ab 100644 --- a/crypto/BouncyCastle.Android.csproj +++ b/crypto/BouncyCastle.Android.csproj @@ -671,6 +671,7 @@ <Compile Include="src\crypto\CipherKeyGenerator.cs" /> <Compile Include="src\crypto\CryptoException.cs" /> <Compile Include="src\crypto\DataLengthException.cs" /> + <Compile Include="src\crypto\IAlphabetMapper.cs" /> <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" /> <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" /> <Compile Include="src\crypto\IBasicAgreement.cs" /> @@ -759,6 +760,7 @@ <Compile Include="src\crypto\digests\MD5Digest.cs" /> <Compile Include="src\crypto\digests\NonMemoableDigest.cs" /> <Compile Include="src\crypto\digests\NullDigest.cs" /> + <Compile Include="src\crypto\digests\ParallelHash.cs" /> <Compile Include="src\crypto\digests\RipeMD128Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD160Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD256Digest.cs" /> @@ -776,6 +778,7 @@ <Compile Include="src\crypto\digests\SkeinDigest.cs" /> <Compile Include="src\crypto\digests\SkeinEngine.cs" /> <Compile Include="src\crypto\digests\TigerDigest.cs" /> + <Compile Include="src\crypto\digests\TupleHash.cs" /> <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" /> <Compile Include="src\crypto\digests\XofUtils.cs" /> <Compile Include="src\crypto\ec\CustomNamedCurves.cs" /> @@ -839,6 +842,10 @@ <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" /> <Compile Include="src\crypto\engines\XSalsa20Engine.cs" /> <Compile Include="src\crypto\engines\XTEAEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" /> + <Compile Include="src\crypto\fpe\SP80038G.cs" /> <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" /> <Compile Include="src\crypto\generators\BCrypt.cs" /> <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" /> @@ -904,6 +911,7 @@ <Compile Include="src\crypto\modes\CtsBlockCipher.cs" /> <Compile Include="src\crypto\modes\EAXBlockCipher.cs" /> <Compile Include="src\crypto\modes\GCMBlockCipher.cs" /> + <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" /> <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadCipher.cs" /> @@ -976,6 +984,7 @@ <Compile Include="src\crypto\parameters\ElGamalParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\FpeParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" /> @@ -1229,6 +1238,7 @@ <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" /> <Compile Include="src\crypto\util\CipherFactory.cs" /> <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> @@ -1563,6 +1573,7 @@ <Compile Include="src\tsp\TimeStampTokenInfo.cs" /> <Compile Include="src\util\Arrays.cs" /> <Compile Include="src\util\BigIntegers.cs" /> + <Compile Include="src\util\Bytes.cs" /> <Compile Include="src\util\Enums.cs" /> <Compile Include="src\util\IMemoable.cs" /> <Compile Include="src\util\Integers.cs" /> diff --git a/crypto/BouncyCastle.csproj b/crypto/BouncyCastle.csproj index ab6f3fee5..f7a15d49f 100644 --- a/crypto/BouncyCastle.csproj +++ b/crypto/BouncyCastle.csproj @@ -665,6 +665,7 @@ <Compile Include="src\crypto\CipherKeyGenerator.cs" /> <Compile Include="src\crypto\CryptoException.cs" /> <Compile Include="src\crypto\DataLengthException.cs" /> + <Compile Include="src\crypto\IAlphabetMapper.cs" /> <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" /> <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" /> <Compile Include="src\crypto\IBasicAgreement.cs" /> @@ -753,6 +754,7 @@ <Compile Include="src\crypto\digests\MD5Digest.cs" /> <Compile Include="src\crypto\digests\NonMemoableDigest.cs" /> <Compile Include="src\crypto\digests\NullDigest.cs" /> + <Compile Include="src\crypto\digests\ParallelHash.cs" /> <Compile Include="src\crypto\digests\RipeMD128Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD160Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD256Digest.cs" /> @@ -770,6 +772,7 @@ <Compile Include="src\crypto\digests\SkeinDigest.cs" /> <Compile Include="src\crypto\digests\SkeinEngine.cs" /> <Compile Include="src\crypto\digests\TigerDigest.cs" /> + <Compile Include="src\crypto\digests\TupleHash.cs" /> <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" /> <Compile Include="src\crypto\digests\XofUtils.cs" /> <Compile Include="src\crypto\ec\CustomNamedCurves.cs" /> @@ -833,6 +836,10 @@ <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" /> <Compile Include="src\crypto\engines\XSalsa20Engine.cs" /> <Compile Include="src\crypto\engines\XTEAEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" /> + <Compile Include="src\crypto\fpe\SP80038G.cs" /> <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" /> <Compile Include="src\crypto\generators\BCrypt.cs" /> <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" /> @@ -898,6 +905,7 @@ <Compile Include="src\crypto\modes\CtsBlockCipher.cs" /> <Compile Include="src\crypto\modes\EAXBlockCipher.cs" /> <Compile Include="src\crypto\modes\GCMBlockCipher.cs" /> + <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" /> <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadCipher.cs" /> @@ -970,6 +978,7 @@ <Compile Include="src\crypto\parameters\ElGamalParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\FpeParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" /> @@ -1223,6 +1232,7 @@ <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" /> <Compile Include="src\crypto\util\CipherFactory.cs" /> <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> @@ -1557,6 +1567,7 @@ <Compile Include="src\tsp\TimeStampTokenInfo.cs" /> <Compile Include="src\util\Arrays.cs" /> <Compile Include="src\util\BigIntegers.cs" /> + <Compile Include="src\util\Bytes.cs" /> <Compile Include="src\util\Enums.cs" /> <Compile Include="src\util\IMemoable.cs" /> <Compile Include="src\util\Integers.cs" /> diff --git a/crypto/BouncyCastle.iOS.csproj b/crypto/BouncyCastle.iOS.csproj index 3f776b98e..64bb4fdf9 100644 --- a/crypto/BouncyCastle.iOS.csproj +++ b/crypto/BouncyCastle.iOS.csproj @@ -666,6 +666,7 @@ <Compile Include="src\crypto\CipherKeyGenerator.cs" /> <Compile Include="src\crypto\CryptoException.cs" /> <Compile Include="src\crypto\DataLengthException.cs" /> + <Compile Include="src\crypto\IAlphabetMapper.cs" /> <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" /> <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" /> <Compile Include="src\crypto\IBasicAgreement.cs" /> @@ -754,6 +755,7 @@ <Compile Include="src\crypto\digests\MD5Digest.cs" /> <Compile Include="src\crypto\digests\NonMemoableDigest.cs" /> <Compile Include="src\crypto\digests\NullDigest.cs" /> + <Compile Include="src\crypto\digests\ParallelHash.cs" /> <Compile Include="src\crypto\digests\RipeMD128Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD160Digest.cs" /> <Compile Include="src\crypto\digests\RipeMD256Digest.cs" /> @@ -771,6 +773,7 @@ <Compile Include="src\crypto\digests\SkeinDigest.cs" /> <Compile Include="src\crypto\digests\SkeinEngine.cs" /> <Compile Include="src\crypto\digests\TigerDigest.cs" /> + <Compile Include="src\crypto\digests\TupleHash.cs" /> <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" /> <Compile Include="src\crypto\digests\XofUtils.cs" /> <Compile Include="src\crypto\ec\CustomNamedCurves.cs" /> @@ -834,6 +837,10 @@ <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" /> <Compile Include="src\crypto\engines\XSalsa20Engine.cs" /> <Compile Include="src\crypto\engines\XTEAEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeEngine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" /> + <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" /> + <Compile Include="src\crypto\fpe\SP80038G.cs" /> <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" /> <Compile Include="src\crypto\generators\BCrypt.cs" /> <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" /> @@ -899,6 +906,7 @@ <Compile Include="src\crypto\modes\CtsBlockCipher.cs" /> <Compile Include="src\crypto\modes\EAXBlockCipher.cs" /> <Compile Include="src\crypto\modes\GCMBlockCipher.cs" /> + <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" /> <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" /> <Compile Include="src\crypto\modes\IAeadCipher.cs" /> @@ -971,6 +979,7 @@ <Compile Include="src\crypto\parameters\ElGamalParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\FpeParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" /> <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" /> @@ -1224,6 +1233,7 @@ <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" /> <Compile Include="src\crypto\util\CipherFactory.cs" /> <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> @@ -1558,6 +1568,7 @@ <Compile Include="src\tsp\TimeStampTokenInfo.cs" /> <Compile Include="src\util\Arrays.cs" /> <Compile Include="src\util\BigIntegers.cs" /> + <Compile Include="src\util\Bytes.cs" /> <Compile Include="src\util\Enums.cs" /> <Compile Include="src\util\IMemoable.cs" /> <Compile Include="src\util\Integers.cs" /> diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj index e39070c66..a4b45afc3 100644 --- a/crypto/crypto.csproj +++ b/crypto/crypto.csproj @@ -3214,6 +3214,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\IAlphabetMapper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\IAsymmetricBlockCipher.cs" SubType = "Code" BuildAction = "Compile" @@ -3649,6 +3654,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\digests\ParallelHash.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\digests\RIPEMD128Digest.cs" SubType = "Code" BuildAction = "Compile" @@ -3734,6 +3744,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\digests\TupleHash.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\digests\WhirlpoolDigest.cs" SubType = "Code" BuildAction = "Compile" @@ -4049,6 +4064,26 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\fpe\FpeEngine.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\fpe\FpeFf1Engine.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\fpe\FpeFf3_1Engine.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\fpe\SP80038G.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\generators\BaseKDFBytesGenerator.cs" SubType = "Code" BuildAction = "Compile" @@ -4374,6 +4409,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\modes\GcmSivBlockCipher.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\modes\GOFBBlockCipher.cs" SubType = "Code" BuildAction = "Compile" @@ -4734,6 +4774,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\parameters\FpeParameters.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\parameters\GOST3410KeyGenerationParameters.cs" SubType = "Code" BuildAction = "Compile" @@ -6004,6 +6049,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\util\BasicAlphabetMapper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\util\CipherFactory.cs" SubType = "Code" BuildAction = "Compile" @@ -7674,6 +7724,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\util\Bytes.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\util\Enums.cs" SubType = "Code" BuildAction = "Compile" @@ -12387,6 +12442,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crypto\test\GcmSivTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\test\GCMTest.cs" SubType = "Code" BuildAction = "Compile" @@ -12562,6 +12622,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crypto\test\ParallelHashTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\test\Pkcs12Test.cs" SubType = "Code" BuildAction = "Compile" @@ -12807,6 +12872,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crypto\test\SP80038GTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\test\SRP6Test.cs" SubType = "Code" BuildAction = "Compile" @@ -12852,6 +12922,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crypto\test\TupleHashTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\test\TwofishTest.cs" SubType = "Code" BuildAction = "Compile" @@ -13307,6 +13382,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\openpgp\test\PgpFeaturesTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\openpgp\test\PgpKeyRingTest.cs" SubType = "Code" BuildAction = "Compile" diff --git a/crypto/src/crypto/digests/ParallelHash.cs b/crypto/src/crypto/digests/ParallelHash.cs index 1e42d86ab..7d9be7618 100644 --- a/crypto/src/crypto/digests/ParallelHash.cs +++ b/crypto/src/crypto/digests/ParallelHash.cs @@ -1,210 +1,210 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Digests { - /// <summary> + /// <summary> /// ParallelHash - a hash designed to support the efficient hashing of very long strings, by taking advantage, - /// of the parallelism available in modern processors with an optional XOF mode. - /// <para> - /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash - /// </para> + /// of the parallelism available in modern processors with an optional XOF mode. + /// <para> + /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash + /// </para> /// </summary> - public class ParallelHash - : IXof, IDigest - { - private static readonly byte[] N_PARALLEL_HASH = Strings.ToByteArray("ParallelHash"); - - private readonly CShakeDigest cshake; - private readonly CShakeDigest compressor; - private readonly int bitLength; - private readonly int outputLength; - private readonly int B; - private readonly byte[] buffer; - private readonly byte[] compressorBuffer; - - private bool firstOutput; - private int nCount; - private int bufOff; - - /** + public class ParallelHash + : IXof, IDigest + { + private static readonly byte[] N_PARALLEL_HASH = Strings.ToByteArray("ParallelHash"); + + private readonly CShakeDigest cshake; + private readonly CShakeDigest compressor; + private readonly int bitLength; + private readonly int outputLength; + private readonly int B; + private readonly byte[] buffer; + private readonly byte[] compressorBuffer; + + private bool firstOutput; + private int nCount; + private int bufOff; + + /** * Base constructor. * * @param bitLength bit length of the underlying SHAKE function, 128 or 256. * @param S the customization string - available for local use. * @param B the blocksize (in bytes) for hashing. */ - public ParallelHash(int bitLength, byte[] S, int B): this(bitLength, S, B, bitLength * 2) - { - - } - - public ParallelHash(int bitLength, byte[] S, int B, int outputSize) - { - this.cshake = new CShakeDigest(bitLength, N_PARALLEL_HASH, S); - this.compressor = new CShakeDigest(bitLength, new byte[0], new byte[0]); - this.bitLength = bitLength; - this.B = B; - this.outputLength = (outputSize + 7) / 8; - this.buffer = new byte[B]; - this.compressorBuffer = new byte[bitLength * 2 / 8]; - - Reset(); - } - - public ParallelHash(ParallelHash source) - { - this.cshake = new CShakeDigest(source.cshake); - this.compressor = new CShakeDigest(source.compressor); - this.bitLength = source.bitLength; - this.B = source.B; - this.outputLength = source.outputLength; - this.buffer = Arrays.Clone(source.buffer); - this.compressorBuffer = Arrays.Clone(source.compressorBuffer); - } - - public string AlgorithmName - { - get { return "ParallelHash" + cshake.AlgorithmName.Substring(6); } - } - - public int GetByteLength() - { - return cshake.GetByteLength(); - } - - public int GetDigestSize() - { - return outputLength; - } - - public void Update(byte b) - { - buffer[bufOff++] = b; - if (bufOff == buffer.Length) - { - compress(); - } - } - - public void BlockUpdate(byte[] inBuf, int inOff, int len) - { - len = System.Math.Max(0, len); - - // - // fill the current word - // - int i = 0; - if (bufOff != 0) - { - while (i < len && bufOff != buffer.Length) - { - buffer[bufOff++] = inBuf[inOff + i++]; - } - - if (bufOff == buffer.Length) - { - compress(); - } - } - - if (i < len) - { - while (len - i > B) - { - compress(inBuf, inOff + i, B); - i += B; - } - } - - while (i < len) - { - Update(inBuf[inOff + i++]); - } - } - - private void compress() - { - compress(buffer, 0, bufOff); - bufOff = 0; - } - - private void compress(byte[] buf, int offSet, int len) - { - compressor.BlockUpdate(buf, offSet, len); - compressor.DoFinal(compressorBuffer, 0, compressorBuffer.Length); - - cshake.BlockUpdate(compressorBuffer, 0, compressorBuffer.Length); - - nCount++; - } - - private void wrapUp(int outputSize) - { - if (bufOff != 0) - { - compress(); - } - byte[] nOut = XofUtilities.RightEncode(nCount); - byte[] encOut = XofUtilities.RightEncode(outputSize * 8); - - cshake.BlockUpdate(nOut, 0, nOut.Length); - cshake.BlockUpdate(encOut, 0, encOut.Length); - - firstOutput = false; - } - - public int DoFinal(byte[] outBuf, int outOff) - { - if (firstOutput) - { - wrapUp(outputLength); - } - - int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); - - Reset(); - - return rv; - } - - public int DoFinal(byte[] outBuf, int outOff, int outLen) - { - if (firstOutput) - { - wrapUp(outputLength); - } - - int rv = cshake.DoFinal(outBuf, outOff, outLen); - - Reset(); - - return rv; - } - - public int DoOutput(byte[] outBuf, int outOff, int outLen) - { - if (firstOutput) - { - wrapUp(0); - } - - return cshake.DoOutput(outBuf, outOff, outLen); - } - - public void Reset() - { - cshake.Reset(); - Arrays.Clear(buffer); - - byte[] hdr = XofUtilities.LeftEncode(B); - cshake.BlockUpdate(hdr, 0, hdr.Length); - - nCount = 0; - bufOff = 0; - firstOutput = true; - } - } + public ParallelHash(int bitLength, byte[] S, int B) + : this(bitLength, S, B, bitLength * 2) + { + + } + + public ParallelHash(int bitLength, byte[] S, int B, int outputSize) + { + this.cshake = new CShakeDigest(bitLength, N_PARALLEL_HASH, S); + this.compressor = new CShakeDigest(bitLength, new byte[0], new byte[0]); + this.bitLength = bitLength; + this.B = B; + this.outputLength = (outputSize + 7) / 8; + this.buffer = new byte[B]; + this.compressorBuffer = new byte[bitLength * 2 / 8]; + + Reset(); + } + + public ParallelHash(ParallelHash source) + { + this.cshake = new CShakeDigest(source.cshake); + this.compressor = new CShakeDigest(source.compressor); + this.bitLength = source.bitLength; + this.B = source.B; + this.outputLength = source.outputLength; + this.buffer = Arrays.Clone(source.buffer); + this.compressorBuffer = Arrays.Clone(source.compressorBuffer); + } + + public virtual string AlgorithmName + { + get { return "ParallelHash" + cshake.AlgorithmName.Substring(6); } + } + + public virtual int GetByteLength() + { + return cshake.GetByteLength(); + } + + public virtual int GetDigestSize() + { + return outputLength; + } + + public virtual void Update(byte b) + { + buffer[bufOff++] = b; + if (bufOff == buffer.Length) + { + compress(); + } + } + + public virtual void BlockUpdate(byte[] inBuf, int inOff, int len) + { + len = System.Math.Max(0, len); + + // + // fill the current word + // + int i = 0; + if (bufOff != 0) + { + while (i < len && bufOff != buffer.Length) + { + buffer[bufOff++] = inBuf[inOff + i++]; + } + + if (bufOff == buffer.Length) + { + compress(); + } + } + + if (i < len) + { + while (len - i > B) + { + compress(inBuf, inOff + i, B); + i += B; + } + } + + while (i < len) + { + Update(inBuf[inOff + i++]); + } + } + + private void compress() + { + compress(buffer, 0, bufOff); + bufOff = 0; + } + + private void compress(byte[] buf, int offSet, int len) + { + compressor.BlockUpdate(buf, offSet, len); + compressor.DoFinal(compressorBuffer, 0, compressorBuffer.Length); + + cshake.BlockUpdate(compressorBuffer, 0, compressorBuffer.Length); + + nCount++; + } + + private void wrapUp(int outputSize) + { + if (bufOff != 0) + { + compress(); + } + byte[] nOut = XofUtilities.RightEncode(nCount); + byte[] encOut = XofUtilities.RightEncode(outputSize * 8); + + cshake.BlockUpdate(nOut, 0, nOut.Length); + cshake.BlockUpdate(encOut, 0, encOut.Length); + + firstOutput = false; + } + + public virtual int DoFinal(byte[] outBuf, int outOff) + { + if (firstOutput) + { + wrapUp(outputLength); + } + + int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); + + Reset(); + + return rv; + } + + public virtual int DoFinal(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(outputLength); + } + + int rv = cshake.DoFinal(outBuf, outOff, outLen); + + Reset(); + + return rv; + } + + public virtual int DoOutput(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(0); + } + + return cshake.DoOutput(outBuf, outOff, outLen); + } + + public virtual void Reset() + { + cshake.Reset(); + Arrays.Clear(buffer); + + byte[] hdr = XofUtilities.LeftEncode(B); + cshake.BlockUpdate(hdr, 0, hdr.Length); + + nCount = 0; + bufOff = 0; + firstOutput = true; + } + } } diff --git a/crypto/src/crypto/digests/TupleHash.cs b/crypto/src/crypto/digests/TupleHash.cs index 76bba3f94..98c2d2acf 100644 --- a/crypto/src/crypto/digests/TupleHash.cs +++ b/crypto/src/crypto/digests/TupleHash.cs @@ -1,134 +1,134 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Digests { - /// <summary> + /// <summary> /// TupleHash - a hash designed to simply hash a tuple of input strings, any or all of which may be empty strings, - /// in an unambiguous way with an optional XOF mode. - /// <para> - /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash - /// </para> + /// in an unambiguous way with an optional XOF mode. + /// <para> + /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash + /// </para> /// </summary> - public class TupleHash - : IXof, IDigest - { - private static readonly byte[] N_TUPLE_HASH = Strings.ToByteArray("TupleHash"); + public class TupleHash + : IXof, IDigest + { + private static readonly byte[] N_TUPLE_HASH = Strings.ToByteArray("TupleHash"); - private readonly CShakeDigest cshake; - private readonly int bitLength; - private readonly int outputLength; + private readonly CShakeDigest cshake; + private readonly int bitLength; + private readonly int outputLength; - private bool firstOutput; + private bool firstOutput; - /** + /** * Base constructor. * * @param bitLength bit length of the underlying SHAKE function, 128 or 256. * @param S the customization string - available for local use. */ - public TupleHash(int bitLength, byte[] S): this(bitLength, S, bitLength * 2) - { - - } - - public TupleHash(int bitLength, byte[] S, int outputSize) - { - this.cshake = new CShakeDigest(bitLength, N_TUPLE_HASH, S); - this.bitLength = bitLength; - this.outputLength = (outputSize + 7) / 8; - - Reset(); - } - - public TupleHash(TupleHash original) - { - this.cshake = new CShakeDigest(original.cshake); - this.bitLength = cshake.fixedOutputLength; - this.outputLength = bitLength * 2 / 8; - this.firstOutput = original.firstOutput; - } - - public string AlgorithmName - { - get { return "TupleHash" + cshake.AlgorithmName.Substring(6); } - } - - public int GetByteLength() - { - return cshake.GetByteLength(); - } - - public int GetDigestSize() - { - return outputLength; - } - - public void Update(byte b) - { - byte[] bytes = XofUtilities.Encode(b); - cshake.BlockUpdate(bytes, 0, bytes.Length); - } - - public void BlockUpdate(byte[] inBuf, int inOff, int len) - { - byte[] bytes = XofUtilities.Encode(inBuf, inOff, len); - cshake.BlockUpdate(bytes, 0, bytes.Length); - } - - private void wrapUp(int outputSize) - { - byte[] encOut = XofUtilities.RightEncode(outputSize * 8); - - cshake.BlockUpdate(encOut, 0, encOut.Length); - - firstOutput = false; - } - - public int DoFinal(byte[] outBuf, int outOff) - { - if (firstOutput) - { - wrapUp(GetDigestSize()); - } - - int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); - - Reset(); - - return rv; - } - - public int DoFinal(byte[] outBuf, int outOff, int outLen) - { - if (firstOutput) - { - wrapUp(GetDigestSize()); - } - - int rv = cshake.DoFinal(outBuf, outOff, outLen); - - Reset(); - - return rv; - } - - public int DoOutput(byte[] outBuf, int outOff, int outLen) - { - if (firstOutput) - { - wrapUp(0); - } - - return cshake.DoOutput(outBuf, outOff, outLen); - } - - public void Reset() - { - cshake.Reset(); - firstOutput = true; - } - } + public TupleHash(int bitLength, byte[] S) + : this(bitLength, S, bitLength * 2) + { + + } + + public TupleHash(int bitLength, byte[] S, int outputSize) + { + this.cshake = new CShakeDigest(bitLength, N_TUPLE_HASH, S); + this.bitLength = bitLength; + this.outputLength = (outputSize + 7) / 8; + + Reset(); + } + + public TupleHash(TupleHash original) + { + this.cshake = new CShakeDigest(original.cshake); + this.bitLength = cshake.fixedOutputLength; + this.outputLength = bitLength * 2 / 8; + this.firstOutput = original.firstOutput; + } + + public virtual string AlgorithmName + { + get { return "TupleHash" + cshake.AlgorithmName.Substring(6); } + } + + public virtual int GetByteLength() + { + return cshake.GetByteLength(); + } + + public virtual int GetDigestSize() + { + return outputLength; + } + + public virtual void Update(byte b) + { + byte[] bytes = XofUtilities.Encode(b); + cshake.BlockUpdate(bytes, 0, bytes.Length); + } + + public virtual void BlockUpdate(byte[] inBuf, int inOff, int len) + { + byte[] bytes = XofUtilities.Encode(inBuf, inOff, len); + cshake.BlockUpdate(bytes, 0, bytes.Length); + } + + private void wrapUp(int outputSize) + { + byte[] encOut = XofUtilities.RightEncode(outputSize * 8); + + cshake.BlockUpdate(encOut, 0, encOut.Length); + + firstOutput = false; + } + + public virtual int DoFinal(byte[] outBuf, int outOff) + { + if (firstOutput) + { + wrapUp(GetDigestSize()); + } + + int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); + + Reset(); + + return rv; + } + + public virtual int DoFinal(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(GetDigestSize()); + } + + int rv = cshake.DoFinal(outBuf, outOff, outLen); + + Reset(); + + return rv; + } + + public virtual int DoOutput(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(0); + } + + return cshake.DoOutput(outBuf, outOff, outLen); + } + + public virtual void Reset() + { + cshake.Reset(); + firstOutput = true; + } + } } diff --git a/crypto/src/crypto/fpe/FpeEngine.cs b/crypto/src/crypto/fpe/FpeEngine.cs index 6757bad3a..5545b7dca 100644 --- a/crypto/src/crypto/fpe/FpeEngine.cs +++ b/crypto/src/crypto/fpe/FpeEngine.cs @@ -1,121 +1,73 @@ using System; -using System.Diagnostics; -using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Crypto.Utilities; -using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Fpe { -/** - * Base class for format-preserving encryption. - */ -public abstract class FpeEngine -{ - protected IBlockCipher baseCipher; - - protected bool forEncryption; - protected FpeParameters fpeParameters; - - protected FpeEngine(IBlockCipher baseCipher) + /// <summary>Base class for format-preserving encryption.</summary> + public abstract class FpeEngine { - this.baseCipher = baseCipher; - } - - /// <summary> - /// Process length bytes from inBuf, writing the output to outBuf. - /// </summary> - /// <returns>number of bytes output.</returns> - /// <param name="inBuf">input data.</param> - /// <param name="inOff">offset in input data to start at.</param> - /// <param name="length">number of bytes to process.</param> - /// <param name="outBuf">destination buffer.</param> - /// <param name="outOff">offset to start writing at in destination buffer.</param> - public int ProcessBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) - { - if (fpeParameters == null) - { - throw new InvalidOperationException("FPE engine not initialized"); - } - - if (length < 0) - { - throw new ArgumentException("input length cannot be negative"); - } + protected readonly IBlockCipher baseCipher; - if (inBuf == null || outBuf == null) - { - throw new NullReferenceException("buffer value is null"); - } + protected bool forEncryption; + protected FpeParameters fpeParameters; - if (inBuf.Length < inOff + length) + protected FpeEngine(IBlockCipher baseCipher) { - throw new DataLengthException("input buffer too short"); + this.baseCipher = baseCipher; } - if (outBuf.Length < outOff + length) - { - throw new OutputLengthException("output buffer too short"); - } - - if (forEncryption) - { - return encryptBlock(inBuf, inOff, length, outBuf, outOff); - } - else + /// <summary> + /// Process length bytes from inBuf, writing the output to outBuf. + /// </summary> + /// <returns>number of bytes output.</returns> + /// <param name="inBuf">input data.</param> + /// <param name="inOff">offset in input data to start at.</param> + /// <param name="length">number of bytes to process.</param> + /// <param name="outBuf">destination buffer.</param> + /// <param name="outOff">offset to start writing at in destination buffer.</param> + public virtual int ProcessBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) { - return decryptBlock(inBuf, inOff, length, outBuf, outOff); + if (fpeParameters == null) + throw new InvalidOperationException("FPE engine not initialized"); + if (length < 0) + throw new ArgumentException("cannot be negative", "length"); + if (inBuf == null) + throw new ArgumentNullException("inBuf"); + if (outBuf == null) + throw new ArgumentNullException("outBuf"); + + Check.DataLength(inBuf, inOff, length, "input buffer too short"); + Check.OutputLength(outBuf, outOff, length, "output buffer too short"); + + if (forEncryption) + { + return EncryptBlock(inBuf, inOff, length, outBuf, outOff); + } + else + { + return DecryptBlock(inBuf, inOff, length, outBuf, outOff); + } } - } - protected static ushort[] toShortArray(byte[] buf) - { - if ((buf.Length & 1) != 0) + protected static bool IsOverrideSet(string propName) { - throw new ArgumentException("data must be an even number of bytes for a wide radix"); - } + string propValue = Platform.GetEnvironmentVariable(propName); - ushort[] rv = new ushort[buf.Length / 2]; - - for (int i = 0; i != rv.Length; i++) - { - rv[i] = Pack.BE_To_UInt16(buf, i * 2); + return propValue != null && Platform.EqualsIgnoreCase("true", propValue); } - return rv; - } - - protected static bool IsOverrideSet(string propName) - { - string propValue = Platform.GetEnvironmentVariable(propName); - - return propValue == null || Platform.EqualsIgnoreCase("true", propValue); - } - - protected static byte[] toByteArray(ushort[] buf) - { - byte[] rv = new byte[buf.Length * 2]; + /// <summary> + /// Initialize the FPE engine for encryption/decryption. + /// </summary> + /// <returns>number of bytes output.</returns> + /// <param name="forEncryption">true if initialising for encryption, false otherwise.</param> + /// <param name="parameters ">the key and other parameters to use to set the engine up.</param> + public abstract void Init(bool forEncryption, ICipherParameters parameters); - for (int i = 0; i != buf.Length; i++) - { - Pack.UInt16_To_BE(buf[i], rv, i * 2); - } + protected abstract int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); - return rv; + protected abstract int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); } - - /// <summary> - /// Initialize the FPE engine for encryption/decryption. - /// </summary> - /// <returns>number of bytes output.</returns> - /// <param name="forEncryption">true if initialising for encryption, false otherwise.</param> - /// <param name="parameters ">the key and other parameters to use to set the engine up.</param> - public abstract void Init(bool forEncryption, ICipherParameters parameters); - - protected abstract int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); - - protected abstract int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); -} } diff --git a/crypto/src/crypto/fpe/FpeFf1Engine.cs b/crypto/src/crypto/fpe/FpeFf1Engine.cs index 8f34ef888..acd31b6f4 100644 --- a/crypto/src/crypto/fpe/FpeFf1Engine.cs +++ b/crypto/src/crypto/fpe/FpeFf1Engine.cs @@ -1,70 +1,83 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; namespace Org.BouncyCastle.Crypto.Fpe { -public class FpeFf1Engine - : FpeEngine -{ - public FpeFf1Engine(): this(new AesEngine()) - { - } - - public FpeFf1Engine(IBlockCipher baseCipher): base(baseCipher) + public class FpeFf1Engine + : FpeEngine { - if (IsOverrideSet(SP80038G.FPE_DISABLED) - || IsOverrideSet(SP80038G.FF1_DISABLED)) + public FpeFf1Engine() + : this(new AesEngine()) { - throw new InvalidOperationException("FF1 encryption disabled"); } - } - - public override void Init(bool forEncryption, ICipherParameters parameters) - { - this.forEncryption = forEncryption; - this.fpeParameters = (FpeParameters)parameters; - - baseCipher.Init(!fpeParameters.UseInverseFunction, fpeParameters.Key); - } - - protected override int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) - { - byte[] enc; - - if (fpeParameters.Radix > 256) + public FpeFf1Engine(IBlockCipher baseCipher) + : base(baseCipher) { - enc = toByteArray(SP80038G.EncryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2)); + if (IsOverrideSet(SP80038G.FPE_DISABLED) || + IsOverrideSet(SP80038G.FF1_DISABLED)) + { + throw new InvalidOperationException("FF1 encryption disabled"); + } } - else + + public override void Init(bool forEncryption, ICipherParameters parameters) { - enc = SP80038G.EncryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + this.forEncryption = forEncryption; + this.fpeParameters = (FpeParameters)parameters; + + baseCipher.Init(!fpeParameters.UseInverseFunction, fpeParameters.Key); } - Array.Copy(enc, 0, outBuf, outOff, length); + protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + byte[] enc; - return length; - } + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); - protected override int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) - { - byte[] dec; + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.EncryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + enc = SP80038G.EncryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } - if (fpeParameters.Radix > 256) - { - dec = toByteArray(SP80038G.DecryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2)); + Array.Copy(enc, 0, outBuf, outOff, length); + + return length; } - else + + protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) { - dec = SP80038G.DecryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); - } + byte[] dec; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); - Array.Copy(dec, 0, outBuf, outOff, length); + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.DecryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + dec = SP80038G.DecryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } - return length; + Array.Copy(dec, 0, outBuf, outOff, length); + + return length; + } } } -} diff --git a/crypto/src/crypto/fpe/FpeFf3_1Engine.cs b/crypto/src/crypto/fpe/FpeFf3_1Engine.cs index 480560bb2..aa238e46a 100644 --- a/crypto/src/crypto/fpe/FpeFf3_1Engine.cs +++ b/crypto/src/crypto/fpe/FpeFf3_1Engine.cs @@ -1,75 +1,86 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Fpe { -public class FpeFf3_1Engine - : FpeEngine -{ - public FpeFf3_1Engine(): this(new AesEngine()) - { - } - - public FpeFf3_1Engine(IBlockCipher baseCipher): base(baseCipher) + public class FpeFf3_1Engine + : FpeEngine { - if (IsOverrideSet(SP80038G.FPE_DISABLED)) + public FpeFf3_1Engine() + : this(new AesEngine()) { - throw new InvalidOperationException("FPE disabled"); } - } - - public override void Init(bool forEncryption, ICipherParameters parameters) - { - this.forEncryption = forEncryption; - this.fpeParameters = (FpeParameters)parameters; - - baseCipher.Init(!fpeParameters.UseInverseFunction, new KeyParameter(Arrays.Reverse(fpeParameters.Key.GetKey()))); - - if (fpeParameters.GetTweak().Length != 7) + public FpeFf3_1Engine(IBlockCipher baseCipher) + : base(baseCipher) { - throw new ArgumentException("tweak should be 56 bits"); + if (IsOverrideSet(SP80038G.FPE_DISABLED)) + { + throw new InvalidOperationException("FPE disabled"); + } } - } - protected override int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) - { - byte[] enc; - - if (fpeParameters.Radix > 256) + public override void Init(bool forEncryption, ICipherParameters parameters) { - enc = toByteArray(SP80038G.EncryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2)); + this.forEncryption = forEncryption; + this.fpeParameters = (FpeParameters)parameters; + + baseCipher.Init(!fpeParameters.UseInverseFunction, new KeyParameter(Arrays.Reverse(fpeParameters.Key.GetKey()))); + + if (fpeParameters.GetTweak().Length != 7) + throw new ArgumentException("tweak should be 56 bits"); } - else + + protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) { - enc = SP80038G.EncryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); - } + byte[] enc; - Array.Copy(enc, 0, outBuf, outOff, length); + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); - return length; - } + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.EncryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + enc = SP80038G.EncryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } - protected override int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) - { - byte[] dec; + Array.Copy(enc, 0, outBuf, outOff, length); - if (fpeParameters.Radix > 256) - { - dec = toByteArray(SP80038G.DecryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2)); + return length; } - else + + protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) { - dec = SP80038G.DecryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); - } + byte[] dec; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); - Array.Copy(dec, 0, outBuf, outOff, length); + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.DecryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + dec = SP80038G.DecryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } - return length; + Array.Copy(dec, 0, outBuf, outOff, length); + + return length; + } } } -} diff --git a/crypto/src/crypto/fpe/SP80038G.cs b/crypto/src/crypto/fpe/SP80038G.cs index 4ce89c9b2..53efc1499 100644 --- a/crypto/src/crypto/fpe/SP80038G.cs +++ b/crypto/src/crypto/fpe/SP80038G.cs @@ -1,8 +1,5 @@ using System; -using System.Diagnostics; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities; @@ -685,14 +682,13 @@ namespace Org.BouncyCastle.Crypto.Fpe return s; } - private static int Ceil(double v) - { - int rv = (int)v; - if ((double)rv < v) - { - return rv + 1; - } - return rv; - } + private static int Ceil(double v) + { + int rv = (int)v; + if ((double)rv < v) + return rv + 1; + + return rv; + } } } diff --git a/crypto/src/crypto/modes/GcmSivBlockCipher.cs b/crypto/src/crypto/modes/GcmSivBlockCipher.cs index e54f1c201..10e7e774b 100644 --- a/crypto/src/crypto/modes/GcmSivBlockCipher.cs +++ b/crypto/src/crypto/modes/GcmSivBlockCipher.cs @@ -1,964 +1,931 @@ using System; -using System.Diagnostics; +using System.IO; -using Org.BouncyCastle.Utilities.IO; -using Org.BouncyCastle.Crypto.Macs; using Org.BouncyCastle.Crypto.Engines; -using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Modes.Gcm; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; namespace Org.BouncyCastle.Crypto.Modes { - /** - * GCM-SIV Mode. - * <p>It should be noted that the specified limit of 2<sup>36</sup> bytes is not supported. This is because all bytes are - * cached in a <b>ByteArrayOutputStream</b> object (which has a limit of a little less than 2<sup>31</sup> bytes), - * and are output on the <b>DoFinal</b>() call (which can only process a maximum of 2<sup>31</sup> bytes).</p> - * <p>The practical limit of 2<sup>31</sup> - 24 bytes is policed, and attempts to breach the limit will be rejected</p> - * <p>In order to properly support the higher limit, an extended form of <b>ByteArrayOutputStream</b> would be needed - * which would use multiple arrays to store the data. In addition, a new <b>doOutput</b> method would be required (similar - * to that in <b>XOF</b> digests), which would allow the data to be output over multiple calls. Alternatively an extended - * form of <b>ByteArrayInputStream</b> could be used to deliver the data.</p> - */ - public class GcmSivBlockCipher - : IAeadBlockCipher - { - /** - * The buffer length. - */ - private static readonly int BUFLEN = 16; - - /** - * The halfBuffer length. - */ - private static readonly int HALFBUFLEN = BUFLEN >> 1; - - /** - * The nonce length. - */ - private static readonly int NONCELEN = 12; - - /** - * The maximum data length (AEAD/PlainText). Due to implementation constraints this is restricted to the maximum - * array length (https://programming.guide/java/array-maximum-length.html) minus the BUFLEN to allow for the MAC - */ - private static readonly int MAX_DATALEN = Int32.MaxValue - 8 - BUFLEN; - - /** - * The top bit mask. - */ - private static readonly byte MASK = (byte) 0x80; - - /** - * The addition constant. - */ - private static readonly byte ADD = (byte) 0xE1; - - /** - * The initialisation flag. - */ - private static readonly int INIT = 1; - - /** - * The aeadComplete flag. - */ - private static readonly int AEAD_COMPLETE = 2; - - /** - * The cipher. - */ - private readonly IBlockCipher theCipher; - - /** - * The multiplier. - */ - private readonly IGcmMultiplier theMultiplier; - - /** - * The gHash buffer. - */ - internal readonly byte[] theGHash = new byte[BUFLEN]; - - /** - * The reverse buffer. - */ - internal readonly byte[] theReverse = new byte[BUFLEN]; - - /** - * The aeadHasher. - */ - private readonly GCMSIVHasher theAEADHasher; - - /** - * The dataHasher. - */ - private readonly GCMSIVHasher theDataHasher; - - /** - * The plainDataStream. - */ - private GCMSIVCache thePlain; - - /** - * The encryptedDataStream (decryption only). - */ - private GCMSIVCache theEncData; - - /** - * Are we encrypting? - */ - private bool forEncryption; - - /** - * The initialAEAD. - */ - private byte[] theInitialAEAD; - - /** - * The nonce. - */ - private byte[] theNonce; - - /** - * The flags. - */ - private int theFlags; - - /** - * Constructor. - */ - public GcmSivBlockCipher(): this(new AesEngine()) - { - - } - - /** - * Constructor. - * @param pCipher the underlying cipher - */ - public GcmSivBlockCipher(IBlockCipher pCipher): this(pCipher, new Tables4kGcmMultiplier()) - { - - } - - /** - * Constructor. - * @param pCipher the underlying cipher - * @param pMultiplier the multiplier - */ - public GcmSivBlockCipher(IBlockCipher pCipher, - IGcmMultiplier pMultiplier) - { - /* Ensure that the cipher is the correct size */ - if (pCipher.GetBlockSize() != BUFLEN) - { - throw new ArgumentException("Cipher required with a block size of " + BUFLEN + "."); - } - - /* Store parameters */ - theCipher = pCipher; - theMultiplier = pMultiplier; - - /* Create the hashers */ - theAEADHasher = new GCMSIVHasher(this); - theDataHasher = new GCMSIVHasher(this); - } - - public IBlockCipher GetUnderlyingCipher() - { - return theCipher; - } + /** + * GCM-SIV Mode. + * <p>It should be noted that the specified limit of 2<sup>36</sup> bytes is not supported. This is because all bytes are + * cached in a <b>ByteArrayOutputStream</b> object (which has a limit of a little less than 2<sup>31</sup> bytes), + * and are output on the <b>DoFinal</b>() call (which can only process a maximum of 2<sup>31</sup> bytes).</p> + * <p>The practical limit of 2<sup>31</sup> - 24 bytes is policed, and attempts to breach the limit will be rejected</p> + * <p>In order to properly support the higher limit, an extended form of <b>ByteArrayOutputStream</b> would be needed + * which would use multiple arrays to store the data. In addition, a new <b>doOutput</b> method would be required (similar + * to that in <b>XOF</b> digests), which would allow the data to be output over multiple calls. Alternatively an extended + * form of <b>ByteArrayInputStream</b> could be used to deliver the data.</p> + */ + public class GcmSivBlockCipher + : IAeadBlockCipher + { + /// <summary>The buffer length.</summary> + private static readonly int BUFLEN = 16; + + /// <summary>The halfBuffer length.</summary> + private static readonly int HALFBUFLEN = BUFLEN >> 1; + + /// <summary>The nonce length.</summary> + private static readonly int NONCELEN = 12; + + /** + * The maximum data length (AEAD/PlainText). Due to implementation constraints this is restricted to the maximum + * array length (https://programming.guide/java/array-maximum-length.html) minus the BUFLEN to allow for the MAC + */ + private static readonly int MAX_DATALEN = Int32.MaxValue - 8 - BUFLEN; + + /** + * The top bit mask. + */ + private static readonly byte MASK = (byte)0x80; + + /** + * The addition constant. + */ + private static readonly byte ADD = (byte)0xE1; + + /** + * The initialisation flag. + */ + private static readonly int INIT = 1; + + /** + * The aeadComplete flag. + */ + private static readonly int AEAD_COMPLETE = 2; + + /** + * The cipher. + */ + private readonly IBlockCipher theCipher; + + /** + * The multiplier. + */ + private readonly IGcmMultiplier theMultiplier; + + /** + * The gHash buffer. + */ + internal readonly byte[] theGHash = new byte[BUFLEN]; + + /** + * The reverse buffer. + */ + internal readonly byte[] theReverse = new byte[BUFLEN]; + + /** + * The aeadHasher. + */ + private readonly GcmSivHasher theAEADHasher; + + /** + * The dataHasher. + */ + private readonly GcmSivHasher theDataHasher; + + /** + * The plainDataStream. + */ + private GcmSivCache thePlain; + + /** + * The encryptedDataStream (decryption only). + */ + private GcmSivCache theEncData; + + /** + * Are we encrypting? + */ + private bool forEncryption; + + /** + * The initialAEAD. + */ + private byte[] theInitialAEAD; + + /** + * The nonce. + */ + private byte[] theNonce; + + /** + * The flags. + */ + private int theFlags; + + /** + * Constructor. + */ + public GcmSivBlockCipher() + : this(new AesEngine()) + { + } + + /** + * Constructor. + * @param pCipher the underlying cipher + */ + public GcmSivBlockCipher(IBlockCipher pCipher) + : this(pCipher, new Tables4kGcmMultiplier()) + { + } + + /** + * Constructor. + * @param pCipher the underlying cipher + * @param pMultiplier the multiplier + */ + public GcmSivBlockCipher(IBlockCipher pCipher, IGcmMultiplier pMultiplier) + { + /* Ensure that the cipher is the correct size */ + if (pCipher.GetBlockSize() != BUFLEN) + throw new ArgumentException("Cipher required with a block size of " + BUFLEN + "."); + + /* Store parameters */ + theCipher = pCipher; + theMultiplier = pMultiplier; + + /* Create the hashers */ + theAEADHasher = new GcmSivHasher(this); + theDataHasher = new GcmSivHasher(this); + } + + public virtual IBlockCipher GetUnderlyingCipher() + { + return theCipher; + } public virtual int GetBlockSize() { return theCipher.GetBlockSize(); } - public void Init(bool pEncrypt, - ICipherParameters cipherParameters) - { - /* Set defaults */ - byte[] myInitialAEAD = null; - byte[] myNonce = null; - KeyParameter myKey = null; - - /* Access parameters */ - if (cipherParameters is AeadParameters) - { - AeadParameters myAEAD = (AeadParameters) cipherParameters; - myInitialAEAD = myAEAD.GetAssociatedText(); - myNonce = myAEAD.GetNonce(); - myKey = myAEAD.Key; - } - else if (cipherParameters is ParametersWithIV) - { - ParametersWithIV myParms = (ParametersWithIV) cipherParameters; - myNonce = myParms.GetIV(); - myKey = (KeyParameter) myParms.Parameters; - } - else - { - throw new ArgumentException("invalid parameters passed to GCM_SIV"); - } - - /* Check nonceSize */ - if (myNonce == null || myNonce.Length != NONCELEN) - { - throw new ArgumentException("Invalid nonce"); - } - - /* Check keysize */ - if (myKey == null) - { - throw new ArgumentException("Invalid key"); - } - - byte[] k = myKey.GetKey(); - - if (k.Length != BUFLEN - && k.Length != (BUFLEN << 1)) - { - throw new ArgumentException("Invalid key"); - } - - /* Reset details */ - forEncryption = pEncrypt; - theInitialAEAD = myInitialAEAD; - theNonce = myNonce; - - /* Initialise the keys */ - deriveKeys(myKey); - resetStreams(); - } - - public string AlgorithmName - { - get { return theCipher.AlgorithmName + "-GCM-SIV"; } - } - - /** - * check AEAD status. - * @param pLen the aeadLength - */ - private void checkAEADStatus(int pLen) - { - /* Check we are initialised */ - if ((theFlags & INIT) == 0) - { - throw new InvalidOperationException("Cipher is not initialised"); - } - - /* Check AAD is allowed */ - if ((theFlags & AEAD_COMPLETE) != 0) - { - throw new InvalidOperationException("AEAD data cannot be processed after ordinary data"); - } - - /* Make sure that we haven't breached AEAD data limit */ - if ((long)theAEADHasher.getBytesProcessed() + Int64.MinValue - > (MAX_DATALEN - pLen) + Int64.MinValue) - { - throw new InvalidOperationException("AEAD byte count exceeded"); - } - } - - /** - * check status. - * @param pLen the dataLength - */ - private void checkStatus(int pLen) - { - /* Check we are initialised */ - if ((theFlags & INIT) == 0) - { - throw new InvalidOperationException("Cipher is not initialised"); - } - - /* Complete the AEAD section if this is the first data */ - if ((theFlags & AEAD_COMPLETE) == 0) - { - theAEADHasher.completeHash(); - theFlags |= AEAD_COMPLETE; - } - - /* Make sure that we haven't breached data limit */ - long dataLimit = MAX_DATALEN; - long currBytes = thePlain.Length; - if (!forEncryption) - { - dataLimit += BUFLEN; - currBytes = theEncData.Length; - } - if (currBytes + System.Int64.MinValue - > (dataLimit - pLen) + System.Int64.MinValue) - { - throw new InvalidOperationException("byte count exceeded"); - } - } - - public void ProcessAadByte(byte pByte) - { - /* Check that we can supply AEAD */ - checkAEADStatus(1); - - /* Process the aead */ - theAEADHasher.updateHash(pByte); - } - - public void ProcessAadBytes(byte[] pData, - int pOffset, - int pLen) - { - /* Check that we can supply AEAD */ - checkAEADStatus(pLen); - - /* Check input buffer */ - checkBuffer(pData, pOffset, pLen, false); - - /* Process the aead */ - theAEADHasher.updateHash(pData, pOffset, pLen); - } - - public int ProcessByte(byte pByte, - byte[] pOutput, - int pOutOffset) - { - /* Check that we have initialised */ - checkStatus(1); - - /* Store the data */ - if (forEncryption) - { - thePlain.WriteByte(pByte); - theDataHasher.updateHash(pByte); - } - else - { - theEncData.WriteByte(pByte); - } - - /* No data returned */ - return 0; - } - - public int ProcessBytes(byte[] pData, - int pOffset, - int pLen, - byte[] pOutput, - int pOutOffset) - { - /* Check that we have initialised */ - checkStatus(pLen); - - /* Check input buffer */ - checkBuffer(pData, pOffset, pLen, false); - - /* Store the data */ - if (forEncryption) - { - thePlain.Write(pData, pOffset, pLen); - theDataHasher.updateHash(pData, pOffset, pLen); - } - else - { - theEncData.Write(pData, pOffset, pLen); - } - - /* No data returned */ - return 0; - } - - public int DoFinal(byte[] pOutput, - int pOffset) - { - /* Check that we have initialised */ - checkStatus(0); - - /* Check output buffer */ - checkBuffer(pOutput, pOffset, GetOutputSize(0), true); - - /* If we are encrypting */ - if (forEncryption) - { - /* Derive the tag */ - byte[] myTag = calculateTag(); - - /* encrypt the plain text */ - int myDataLen = BUFLEN + encryptPlain(myTag, pOutput, pOffset); - - /* Add the tag to the output */ - Array.Copy(myTag, 0, pOutput, pOffset + thePlain.Length, BUFLEN); - - /* Reset the streams */ - resetStreams(); - return myDataLen; - - /* else we are decrypting */ - } - else - { - /* decrypt to plain text */ - decryptPlain(); - - /* Release plain text */ - int myDataLen = (int)thePlain.Length; - byte[] mySrc = thePlain.GetBuffer(); - Array.Copy(mySrc, 0, pOutput, pOffset, myDataLen); - - /* Reset the streams */ - resetStreams(); - return myDataLen; - } - } - - public byte[] GetMac() - { - throw new InvalidOperationException(); - } - - public int GetUpdateOutputSize(int pLen) - { - return 0; - } - - public int GetOutputSize(int pLen) - { - if (forEncryption) { - return (int)(pLen + thePlain.Length + BUFLEN); - } - int myCurr = (int)(pLen + theEncData.Length); - return myCurr > BUFLEN ? myCurr - BUFLEN : 0; - } - - public void Reset() - { - resetStreams(); - } - - /** - * Reset Streams. - */ - private void resetStreams() - { - /* Clear the plainText buffer */ - if (thePlain != null) - { - thePlain.Dispose(); - thePlain = new GCMSIVCache(); - } - - /* Reset hashers */ - theAEADHasher.reset(); - theDataHasher.reset(); - - /* Recreate streams (to release memory) */ - thePlain = new GCMSIVCache(); - theEncData = forEncryption ? null : new GCMSIVCache(); - - /* Initialise AEAD if required */ - theFlags &= ~AEAD_COMPLETE; - Arrays.Fill(theGHash, (byte) 0); - if (theInitialAEAD != null) - { - theAEADHasher.updateHash(theInitialAEAD, 0, theInitialAEAD.Length); - } - } - - /** - * Obtain buffer length (allowing for null). - * @param pBuffer the buffere - * @return the length - */ - private static int bufLength(byte[] pBuffer) - { - return pBuffer == null ? 0 : pBuffer.Length; - } - - /** - * Check buffer. - * @param pBuffer the buffer - * @param pOffset the offset - * @param pLen the length - * @param pOutput is this an output buffer? - */ - private static void checkBuffer(byte[] pBuffer, - int pOffset, - int pLen, - bool pOutput) - { - /* Access lengths */ - int myBufLen = bufLength(pBuffer); - int myLast = pOffset + pLen; - - /* Check for negative values and buffer overflow */ - bool badLen = pLen < 0 || pOffset < 0 || myLast < 0; - if (badLen || myLast > myBufLen) - { - throw pOutput - ? new OutputLengthException("Output buffer too short.") - : new DataLengthException("Input buffer too short."); - } - } - - /** - * encrypt data stream. - * @param pCounter the counter - * @param pTarget the target buffer - * @param pOffset the target offset - * @return the length of data encrypted - */ - private int encryptPlain(byte[] pCounter, - byte[] pTarget, - int pOffset) - { - /* Access buffer and length */ - byte[] mySrc = thePlain.GetBuffer(); - byte[] myCounter = Arrays.Clone(pCounter); - myCounter[BUFLEN - 1] |= MASK; - byte[] myMask = new byte[BUFLEN]; - long myRemaining = thePlain.Length; - int myOff = 0; - - /* While we have data to process */ - while (myRemaining > 0) - { - /* Generate the next mask */ - theCipher.ProcessBlock(myCounter, 0, myMask, 0); - - /* Xor data into mask */ - int myLen = (int)System.Math.Min(BUFLEN, myRemaining); - xorBlock(myMask, mySrc, myOff, myLen); - - /* Copy encrypted data to output */ - Array.Copy(myMask, 0, pTarget, pOffset + myOff, myLen); - - /* Adjust counters */ - myRemaining -= myLen; - myOff += myLen; - incrementCounter(myCounter); - } - - /* Return the amount of data processed */ - return (int)thePlain.Length; - } - - /** - * decrypt data stream. - * @throws InvalidCipherTextException on data too short or mac check failed - */ - private void decryptPlain() - { - /* Access buffer and length */ - byte[] mySrc = theEncData.GetBuffer(); - int myRemaining = (int)theEncData.Length - BUFLEN; - - /* Check for insufficient data */ - if (myRemaining < 0) - { - throw new InvalidCipherTextException("Data too short"); - } - - /* Access counter */ - byte[] myExpected = Arrays.CopyOfRange(mySrc, myRemaining, myRemaining + BUFLEN); - byte[] myCounter = Arrays.Clone(myExpected); - myCounter[BUFLEN - 1] |= MASK; - byte[] myMask = new byte[BUFLEN]; - int myOff = 0; - - /* While we have data to process */ - while (myRemaining > 0) - { - /* Generate the next mask */ - theCipher.ProcessBlock(myCounter, 0, myMask, 0); - - /* Xor data into mask */ - int myLen = System.Math.Min(BUFLEN, myRemaining); - xorBlock(myMask, mySrc, myOff, myLen); - - /* Write data to plain dataStream */ - thePlain.Write(myMask, 0, myLen); - theDataHasher.updateHash(myMask, 0, myLen); - - /* Adjust counters */ - myRemaining -= myLen; - myOff += myLen; - incrementCounter(myCounter); - } - - /* Derive and check the tag */ - byte[] myTag = calculateTag(); - if (!Arrays.ConstantTimeAreEqual(myTag, myExpected)) - { - Reset(); - throw new InvalidCipherTextException("mac check failed"); - } - } - - /** - * calculate tag. - * @return the calculated tag - */ - private byte[] calculateTag() - { - /* Complete the hash */ - theDataHasher.completeHash(); - byte[] myPolyVal = completePolyVal(); - - /* calculate polyVal */ - byte[] myResult = new byte[BUFLEN]; - - /* Fold in the nonce */ - for (int i = 0; i < NONCELEN; i++) - { - myPolyVal[i] ^= theNonce[i]; - } - - /* Clear top bit */ - myPolyVal[BUFLEN - 1] &= (byte)(MASK - 1); - - /* Calculate tag and return it */ - theCipher.ProcessBlock(myPolyVal, 0, myResult, 0); - return myResult; - } - - /** - * complete polyVAL. - * @return the calculated value - */ - private byte[] completePolyVal() - { - /* Build the polyVal result */ - byte[] myResult = new byte[BUFLEN]; - gHashLengths(); - fillReverse(theGHash, 0, BUFLEN, myResult); - return myResult; - } - - /** - * process lengths. - */ - private void gHashLengths() - { - /* Create reversed bigEndian buffer to keep it simple */ - byte[] myIn = new byte[BUFLEN]; - Pack.UInt64_To_BE((ulong)Bytes.SIZE * theDataHasher.getBytesProcessed(), myIn, 0); - Pack.UInt64_To_BE((ulong)Bytes.SIZE * theAEADHasher.getBytesProcessed(), myIn, (int)Longs.BYTES); - - /* hash value */ - gHASH(myIn); - } - - /** - * perform the next GHASH step. - * @param pNext the next value - */ - private void gHASH(byte[] pNext) - { - xorBlock(theGHash, pNext); - theMultiplier.MultiplyH(theGHash); - } - - /** - * Byte reverse a buffer. - * @param pInput the input buffer - * @param pOffset the offset - * @param pLength the length of data (<= BUFLEN) - * @param pOutput the output buffer - */ - private static void fillReverse(byte[] pInput, - int pOffset, - int pLength, - byte[] pOutput) - { - /* Loop through the buffer */ - for (int i = 0, j = BUFLEN - 1; i < pLength; i++, j--) - { - /* Copy byte */ - pOutput[j] = pInput[pOffset + i]; - } - } - - /** - * xor a full block buffer. - * @param pLeft the left operand and result - * @param pRight the right operand - */ - private static void xorBlock(byte[] pLeft, - byte[] pRight) - { - /* Loop through the bytes */ - for (int i = 0; i < BUFLEN; i++) - { - pLeft[i] ^= pRight[i]; - } - } - - /** - * xor a partial block buffer. - * @param pLeft the left operand and result - * @param pRight the right operand - * @param pOffset the offset in the right operand - * @param pLength the length of data in the right operand - */ - private static void xorBlock(byte[] pLeft, - byte[] pRight, - int pOffset, - int pLength) - { - /* Loop through the bytes */ - for (int i = 0; i < pLength; i++) - { - pLeft[i] ^= pRight[i + pOffset]; - } - } - - /** - * increment the counter. - * @param pCounter the counter to increment - */ - private static void incrementCounter(byte[] pCounter) - { - /* Loop through the bytes incrementing counter */ - for (int i = 0; i < Integers.BYTES; i++) - { - if (++pCounter[i] != 0) - { - break; - } - } - } - - /** - * multiply by X. - * @param pValue the value to adjust - */ - private static void mulX(byte[] pValue) - { - /* Loop through the bytes */ - byte myMask = (byte) 0; - for (int i = 0; i < BUFLEN; i++) - { - byte myValue = pValue[i]; - pValue[i] = (byte) (((myValue >> 1) & ~MASK) | myMask); - myMask = (byte)((myValue & 1) == 0 ? 0 : MASK); - } - - /* Xor in addition if last bit was set */ - if (myMask != 0) - { - pValue[0] ^= ADD; - } - } - - /** - * Derive Keys. - * @param pKey the keyGeneration key - */ - private void deriveKeys(KeyParameter pKey) - { - /* Create the buffers */ - byte[] myIn = new byte[BUFLEN]; - byte[] myOut = new byte[BUFLEN]; - byte[] myResult = new byte[BUFLEN]; - byte[] myEncKey = new byte[pKey.GetKey().Length]; - - /* Prepare for encryption */ - Array.Copy(theNonce, 0, myIn, BUFLEN - NONCELEN, NONCELEN); - theCipher.Init(true, pKey); - - /* Derive authentication key */ - int myOff = 0; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); - myIn[0]++; - myOff += HALFBUFLEN; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); - - /* Derive encryption key */ - myIn[0]++; - myOff = 0; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); - myIn[0]++; - myOff += HALFBUFLEN; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); - - /* If we have a 32byte key */ - if (myEncKey.Length == BUFLEN << 1) - { - /* Derive remainder of encryption key */ - myIn[0]++; - myOff += HALFBUFLEN; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); - myIn[0]++; - myOff += HALFBUFLEN; - theCipher.ProcessBlock(myIn, 0, myOut, 0); - Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); - } - - /* Initialise the Cipher */ - theCipher.Init(true, new KeyParameter(myEncKey)); - - /* Initialise the multiplier */ - fillReverse(myResult, 0, BUFLEN, myOut); - mulX(myOut); - theMultiplier.Init(myOut); - theFlags |= INIT; - } - - /** - * GCMSIVCache. - */ - class GCMSIVCache - : MemoryOutputStream - { - /** - * number of bytes hashed. - */ - private int numHashed; - - /** - * Constructor. - */ - internal GCMSIVCache() - { - } - } - - /** - * Hash Control. - */ - class GCMSIVHasher - { - /** - * Cache. - */ - private readonly byte[] theBuffer = new byte[BUFLEN]; - - /** - * Single byte cache. - */ - private readonly byte[] theByte = new byte[1]; - - /** - * Count of active bytes in cache. - */ - private int numActive; - - /** - * Count of hashed bytes. - */ - private ulong numHashed; - - private readonly GcmSivBlockCipher parent; - - internal GCMSIVHasher(GcmSivBlockCipher parent) - { - this.parent = parent; - } - - /** - * Obtain the count of bytes hashed. - * @return the count - */ - internal ulong getBytesProcessed() - { - return numHashed; - } - - /** - * Reset the hasher. - */ - internal void reset() - { - numActive = 0; - numHashed = 0; - } - - /** - * update hash. - * @param pByte the byte - */ - internal void updateHash(byte pByte) - { - theByte[0] = pByte; - updateHash(theByte, 0, 1); - } - - /** - * update hash. - * @param pBuffer the buffer - * @param pOffset the offset within the buffer - * @param pLen the length of data - */ - internal void updateHash(byte[] pBuffer, - int pOffset, - int pLen) - { - /* If we should process the cache */ - int mySpace = BUFLEN - numActive; - int numProcessed = 0; - int myRemaining = pLen; - if (numActive > 0 - && pLen >= mySpace) - { - /* Copy data into the cache and hash it */ - Array.Copy(pBuffer, pOffset, theBuffer, numActive, mySpace); - fillReverse(theBuffer, 0, BUFLEN, parent.theReverse); - parent.gHASH(parent.theReverse); - - /* Adjust counters */ - numProcessed += mySpace; - myRemaining -= mySpace; - numActive = 0; - } - - /* While we have full blocks */ - while (myRemaining >= BUFLEN) - { - /* Access the next data */ - fillReverse(pBuffer, pOffset + numProcessed, BUFLEN, parent.theReverse); - parent.gHASH(parent.theReverse); - - /* Adjust counters */ - numProcessed += mySpace; - myRemaining -= mySpace; - } - - /* If we have remaining data */ - if (myRemaining > 0) - { - /* Copy data into the cache */ - Array.Copy(pBuffer, pOffset + numProcessed, theBuffer, numActive, myRemaining); - numActive += myRemaining; - } - - /* Adjust the number of bytes processed */ - numHashed += (ulong)pLen; - } - - /** - * complete hash. - */ - internal void completeHash() - { - /* If we have remaining data */ - if (numActive > 0) - { - /* Access the next data */ - Arrays.Fill(parent.theReverse, (byte) 0); - fillReverse(theBuffer, 0, numActive, parent.theReverse); - - /* hash value */ - parent.gHASH(parent.theReverse); - } - } - } - } + public virtual void Init(bool pEncrypt, ICipherParameters cipherParameters) + { + /* Set defaults */ + byte[] myInitialAEAD = null; + byte[] myNonce = null; + KeyParameter myKey = null; + + /* Access parameters */ + if (cipherParameters is AeadParameters) + { + AeadParameters myAEAD = (AeadParameters)cipherParameters; + myInitialAEAD = myAEAD.GetAssociatedText(); + myNonce = myAEAD.GetNonce(); + myKey = myAEAD.Key; + } + else if (cipherParameters is ParametersWithIV) + { + ParametersWithIV myParms = (ParametersWithIV)cipherParameters; + myNonce = myParms.GetIV(); + myKey = (KeyParameter)myParms.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to GCM_SIV"); + } + + /* Check nonceSize */ + if (myNonce == null || myNonce.Length != NONCELEN) + { + throw new ArgumentException("Invalid nonce"); + } + + /* Check keysize */ + if (myKey == null) + { + throw new ArgumentException("Invalid key"); + } + + byte[] k = myKey.GetKey(); + + if (k.Length != BUFLEN + && k.Length != (BUFLEN << 1)) + { + throw new ArgumentException("Invalid key"); + } + + /* Reset details */ + forEncryption = pEncrypt; + theInitialAEAD = myInitialAEAD; + theNonce = myNonce; + + /* Initialise the keys */ + deriveKeys(myKey); + ResetStreams(); + } + + public virtual string AlgorithmName + { + get { return theCipher.AlgorithmName + "-GCM-SIV"; } + } + + /** + * check AEAD status. + * @param pLen the aeadLength + */ + private void CheckAeadStatus(int pLen) + { + /* Check we are initialised */ + if ((theFlags & INIT) == 0) + { + throw new InvalidOperationException("Cipher is not initialised"); + } + + /* Check AAD is allowed */ + if ((theFlags & AEAD_COMPLETE) != 0) + { + throw new InvalidOperationException("AEAD data cannot be processed after ordinary data"); + } + + /* Make sure that we haven't breached AEAD data limit */ + if ((long)theAEADHasher.getBytesProcessed() + Int64.MinValue > (MAX_DATALEN - pLen) + Int64.MinValue) + { + throw new InvalidOperationException("AEAD byte count exceeded"); + } + } + + /** + * check status. + * @param pLen the dataLength + */ + private void CheckStatus(int pLen) + { + /* Check we are initialised */ + if ((theFlags & INIT) == 0) + { + throw new InvalidOperationException("Cipher is not initialised"); + } + + /* Complete the AEAD section if this is the first data */ + if ((theFlags & AEAD_COMPLETE) == 0) + { + theAEADHasher.completeHash(); + theFlags |= AEAD_COMPLETE; + } + + /* Make sure that we haven't breached data limit */ + long dataLimit = MAX_DATALEN; + long currBytes = thePlain.Length; + if (!forEncryption) + { + dataLimit += BUFLEN; + currBytes = theEncData.Length; + } + if (currBytes + System.Int64.MinValue + > (dataLimit - pLen) + System.Int64.MinValue) + { + throw new InvalidOperationException("byte count exceeded"); + } + } + + public virtual void ProcessAadByte(byte pByte) + { + /* Check that we can supply AEAD */ + CheckAeadStatus(1); + + /* Process the aead */ + theAEADHasher.updateHash(pByte); + } + + public virtual void ProcessAadBytes(byte[] pData, int pOffset, int pLen) + { + /* Check that we can supply AEAD */ + CheckAeadStatus(pLen); + + /* Check input buffer */ + CheckBuffer(pData, pOffset, pLen, false); + + /* Process the aead */ + theAEADHasher.updateHash(pData, pOffset, pLen); + } + + public virtual int ProcessByte(byte pByte, byte[] pOutput, int pOutOffset) + { + /* Check that we have initialised */ + CheckStatus(1); + + /* Store the data */ + if (forEncryption) + { + thePlain.WriteByte(pByte); + theDataHasher.updateHash(pByte); + } + else + { + theEncData.WriteByte(pByte); + } + + /* No data returned */ + return 0; + } + + public virtual int ProcessBytes(byte[] pData, int pOffset, int pLen, byte[] pOutput, int pOutOffset) + { + /* Check that we have initialised */ + CheckStatus(pLen); + + /* Check input buffer */ + CheckBuffer(pData, pOffset, pLen, false); + + /* Store the data */ + if (forEncryption) + { + thePlain.Write(pData, pOffset, pLen); + theDataHasher.updateHash(pData, pOffset, pLen); + } + else + { + theEncData.Write(pData, pOffset, pLen); + } + + /* No data returned */ + return 0; + } + + public virtual int DoFinal(byte[] pOutput, int pOffset) + { + /* Check that we have initialised */ + CheckStatus(0); + + /* Check output buffer */ + CheckBuffer(pOutput, pOffset, GetOutputSize(0), true); + + /* If we are encrypting */ + if (forEncryption) + { + /* Derive the tag */ + byte[] myTag = calculateTag(); + + /* encrypt the plain text */ + int myDataLen = BUFLEN + encryptPlain(myTag, pOutput, pOffset); + + /* Add the tag to the output */ + Array.Copy(myTag, 0, pOutput, pOffset + thePlain.Length, BUFLEN); + + /* Reset the streams */ + ResetStreams(); + return myDataLen; + + /* else we are decrypting */ + } + else + { + /* decrypt to plain text */ + decryptPlain(); + + /* Release plain text */ + int myDataLen = Streams.WriteBufTo(thePlain, pOutput, pOffset); + + /* Reset the streams */ + ResetStreams(); + return myDataLen; + } + } + + public virtual byte[] GetMac() + { + throw new InvalidOperationException(); + } + + public virtual int GetUpdateOutputSize(int pLen) + { + return 0; + } + + public virtual int GetOutputSize(int pLen) + { + if (forEncryption) + { + return (int)(pLen + thePlain.Length + BUFLEN); + } + int myCurr = (int)(pLen + theEncData.Length); + return myCurr > BUFLEN ? myCurr - BUFLEN : 0; + } + + public virtual void Reset() + { + ResetStreams(); + } + + /** + * Reset Streams. + */ + private void ResetStreams() + { + /* Clear the plainText buffer */ + if (thePlain != null) + { + thePlain.Position = 0L; + Streams.WriteZeroes(thePlain, thePlain.Capacity); + } + + /* Reset hashers */ + theAEADHasher.Reset(); + theDataHasher.Reset(); + + /* Recreate streams (to release memory) */ + thePlain = new GcmSivCache(); + theEncData = forEncryption ? null : new GcmSivCache(); + + /* Initialise AEAD if required */ + theFlags &= ~AEAD_COMPLETE; + Arrays.Fill(theGHash, (byte)0); + if (theInitialAEAD != null) + { + theAEADHasher.updateHash(theInitialAEAD, 0, theInitialAEAD.Length); + } + } + + /** + * Obtain buffer length (allowing for null). + * @param pBuffer the buffere + * @return the length + */ + private static int bufLength(byte[] pBuffer) + { + return pBuffer == null ? 0 : pBuffer.Length; + } + + /** + * Check buffer. + * @param pBuffer the buffer + * @param pOffset the offset + * @param pLen the length + * @param pOutput is this an output buffer? + */ + private static void CheckBuffer(byte[] pBuffer, int pOffset, int pLen, bool pOutput) + { + /* Access lengths */ + int myBufLen = bufLength(pBuffer); + int myLast = pOffset + pLen; + + /* Check for negative values and buffer overflow */ + bool badLen = pLen < 0 || pOffset < 0 || myLast < 0; + if (badLen || myLast > myBufLen) + { + throw pOutput + ? new OutputLengthException("Output buffer too short.") + : new DataLengthException("Input buffer too short."); + } + } + + /** + * encrypt data stream. + * @param pCounter the counter + * @param pTarget the target buffer + * @param pOffset the target offset + * @return the length of data encrypted + */ + private int encryptPlain(byte[] pCounter, byte[] pTarget, int pOffset) + { + /* Access buffer and length */ +#if PORTABLE + byte[] thePlainBuf = thePlain.ToArray(); + int thePlainLen = thePlainBuf.Length; +#else + byte[] thePlainBuf = thePlain.GetBuffer(); + int thePlainLen = (int)thePlain.Length; +#endif + + byte[] mySrc = thePlainBuf; + byte[] myCounter = Arrays.Clone(pCounter); + myCounter[BUFLEN - 1] |= MASK; + byte[] myMask = new byte[BUFLEN]; + long myRemaining = thePlainLen; + int myOff = 0; + + /* While we have data to process */ + while (myRemaining > 0) + { + /* Generate the next mask */ + theCipher.ProcessBlock(myCounter, 0, myMask, 0); + + /* Xor data into mask */ + int myLen = (int)System.Math.Min(BUFLEN, myRemaining); + xorBlock(myMask, mySrc, myOff, myLen); + + /* Copy encrypted data to output */ + Array.Copy(myMask, 0, pTarget, pOffset + myOff, myLen); + + /* Adjust counters */ + myRemaining -= myLen; + myOff += myLen; + incrementCounter(myCounter); + } + + /* Return the amount of data processed */ + return thePlainLen; + } + + /** + * decrypt data stream. + * @throws InvalidCipherTextException on data too short or mac check failed + */ + private void decryptPlain() + { + /* Access buffer and length */ +#if PORTABLE + byte[] theEncDataBuf = theEncData.ToArray(); + int theEncDataLen = theEncDataBuf.Length; +#else + byte[] theEncDataBuf = theEncData.GetBuffer(); + int theEncDataLen = (int)theEncData.Length; +#endif + + byte[] mySrc = theEncDataBuf; + int myRemaining = theEncDataLen - BUFLEN; + + /* Check for insufficient data */ + if (myRemaining < 0) + { + throw new InvalidCipherTextException("Data too short"); + } + + /* Access counter */ + byte[] myExpected = Arrays.CopyOfRange(mySrc, myRemaining, myRemaining + BUFLEN); + byte[] myCounter = Arrays.Clone(myExpected); + myCounter[BUFLEN - 1] |= MASK; + byte[] myMask = new byte[BUFLEN]; + int myOff = 0; + + /* While we have data to process */ + while (myRemaining > 0) + { + /* Generate the next mask */ + theCipher.ProcessBlock(myCounter, 0, myMask, 0); + + /* Xor data into mask */ + int myLen = System.Math.Min(BUFLEN, myRemaining); + xorBlock(myMask, mySrc, myOff, myLen); + + /* Write data to plain dataStream */ + thePlain.Write(myMask, 0, myLen); + theDataHasher.updateHash(myMask, 0, myLen); + + /* Adjust counters */ + myRemaining -= myLen; + myOff += myLen; + incrementCounter(myCounter); + } + + /* Derive and check the tag */ + byte[] myTag = calculateTag(); + if (!Arrays.ConstantTimeAreEqual(myTag, myExpected)) + { + Reset(); + throw new InvalidCipherTextException("mac check failed"); + } + } + + /** + * calculate tag. + * @return the calculated tag + */ + private byte[] calculateTag() + { + /* Complete the hash */ + theDataHasher.completeHash(); + byte[] myPolyVal = completePolyVal(); + + /* calculate polyVal */ + byte[] myResult = new byte[BUFLEN]; + + /* Fold in the nonce */ + for (int i = 0; i < NONCELEN; i++) + { + myPolyVal[i] ^= theNonce[i]; + } + + /* Clear top bit */ + myPolyVal[BUFLEN - 1] &= (byte)(MASK - 1); + + /* Calculate tag and return it */ + theCipher.ProcessBlock(myPolyVal, 0, myResult, 0); + return myResult; + } + + /** + * complete polyVAL. + * @return the calculated value + */ + private byte[] completePolyVal() + { + /* Build the polyVal result */ + byte[] myResult = new byte[BUFLEN]; + gHashLengths(); + fillReverse(theGHash, 0, BUFLEN, myResult); + return myResult; + } + + /** + * process lengths. + */ + private void gHashLengths() + { + /* Create reversed bigEndian buffer to keep it simple */ + byte[] myIn = new byte[BUFLEN]; + Pack.UInt64_To_BE((ulong)Bytes.NumBits * theDataHasher.getBytesProcessed(), myIn, 0); + Pack.UInt64_To_BE((ulong)Bytes.NumBits * theAEADHasher.getBytesProcessed(), myIn, Longs.NumBytes); + + /* hash value */ + gHASH(myIn); + } + + /** + * perform the next GHASH step. + * @param pNext the next value + */ + private void gHASH(byte[] pNext) + { + xorBlock(theGHash, pNext); + theMultiplier.MultiplyH(theGHash); + } + + /** + * Byte reverse a buffer. + * @param pInput the input buffer + * @param pOffset the offset + * @param pLength the length of data (<= BUFLEN) + * @param pOutput the output buffer + */ + private static void fillReverse(byte[] pInput, int pOffset, int pLength, byte[] pOutput) + { + /* Loop through the buffer */ + for (int i = 0, j = BUFLEN - 1; i < pLength; i++, j--) + { + /* Copy byte */ + pOutput[j] = pInput[pOffset + i]; + } + } + + /** + * xor a full block buffer. + * @param pLeft the left operand and result + * @param pRight the right operand + */ + private static void xorBlock(byte[] pLeft, byte[] pRight) + { + /* Loop through the bytes */ + for (int i = 0; i < BUFLEN; i++) + { + pLeft[i] ^= pRight[i]; + } + } + + /** + * xor a partial block buffer. + * @param pLeft the left operand and result + * @param pRight the right operand + * @param pOffset the offset in the right operand + * @param pLength the length of data in the right operand + */ + private static void xorBlock(byte[] pLeft, byte[] pRight, int pOffset, int pLength) + { + /* Loop through the bytes */ + for (int i = 0; i < pLength; i++) + { + pLeft[i] ^= pRight[i + pOffset]; + } + } + + /** + * increment the counter. + * @param pCounter the counter to increment + */ + private static void incrementCounter(byte[] pCounter) + { + /* Loop through the bytes incrementing counter */ + for (int i = 0; i < Integers.NumBytes; i++) + { + if (++pCounter[i] != 0) + { + break; + } + } + } + + /** + * multiply by X. + * @param pValue the value to adjust + */ + private static void mulX(byte[] pValue) + { + /* Loop through the bytes */ + byte myMask = (byte)0; + for (int i = 0; i < BUFLEN; i++) + { + byte myValue = pValue[i]; + pValue[i] = (byte)(((myValue >> 1) & ~MASK) | myMask); + myMask = (byte)((myValue & 1) == 0 ? 0 : MASK); + } + + /* Xor in addition if last bit was set */ + if (myMask != 0) + { + pValue[0] ^= ADD; + } + } + + /** + * Derive Keys. + * @param pKey the keyGeneration key + */ + private void deriveKeys(KeyParameter pKey) + { + /* Create the buffers */ + byte[] myIn = new byte[BUFLEN]; + byte[] myOut = new byte[BUFLEN]; + byte[] myResult = new byte[BUFLEN]; + byte[] myEncKey = new byte[pKey.GetKey().Length]; + + /* Prepare for encryption */ + Array.Copy(theNonce, 0, myIn, BUFLEN - NONCELEN, NONCELEN); + theCipher.Init(true, pKey); + + /* Derive authentication key */ + int myOff = 0; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); + + /* Derive encryption key */ + myIn[0]++; + myOff = 0; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + + /* If we have a 32byte key */ + if (myEncKey.Length == BUFLEN << 1) + { + /* Derive remainder of encryption key */ + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + } + + /* Initialise the Cipher */ + theCipher.Init(true, new KeyParameter(myEncKey)); + + /* Initialise the multiplier */ + fillReverse(myResult, 0, BUFLEN, myOut); + mulX(myOut); + theMultiplier.Init(myOut); + theFlags |= INIT; + } + + private class GcmSivCache + : MemoryStream + { + internal GcmSivCache() + { + } + } + + /** + * Hash Control. + */ + private class GcmSivHasher + { + /** + * Cache. + */ + private readonly byte[] theBuffer = new byte[BUFLEN]; + + /** + * Single byte cache. + */ + private readonly byte[] theByte = new byte[1]; + + /** + * Count of active bytes in cache. + */ + private int numActive; + + /** + * Count of hashed bytes. + */ + private ulong numHashed; + + private readonly GcmSivBlockCipher parent; + + internal GcmSivHasher(GcmSivBlockCipher parent) + { + this.parent = parent; + } + + /** + * Obtain the count of bytes hashed. + * @return the count + */ + internal ulong getBytesProcessed() + { + return numHashed; + } + + /** + * Reset the hasher. + */ + internal void Reset() + { + numActive = 0; + numHashed = 0; + } + + /** + * update hash. + * @param pByte the byte + */ + internal void updateHash(byte pByte) + { + theByte[0] = pByte; + updateHash(theByte, 0, 1); + } + + /** + * update hash. + * @param pBuffer the buffer + * @param pOffset the offset within the buffer + * @param pLen the length of data + */ + internal void updateHash(byte[] pBuffer, int pOffset, int pLen) + { + /* If we should process the cache */ + int mySpace = BUFLEN - numActive; + int numProcessed = 0; + int myRemaining = pLen; + if (numActive > 0 && pLen >= mySpace) + { + /* Copy data into the cache and hash it */ + Array.Copy(pBuffer, pOffset, theBuffer, numActive, mySpace); + fillReverse(theBuffer, 0, BUFLEN, parent.theReverse); + parent.gHASH(parent.theReverse); + + /* Adjust counters */ + numProcessed += mySpace; + myRemaining -= mySpace; + numActive = 0; + } + + /* While we have full blocks */ + while (myRemaining >= BUFLEN) + { + /* Access the next data */ + fillReverse(pBuffer, pOffset + numProcessed, BUFLEN, parent.theReverse); + parent.gHASH(parent.theReverse); + + /* Adjust counters */ + numProcessed += mySpace; + myRemaining -= mySpace; + } + + /* If we have remaining data */ + if (myRemaining > 0) + { + /* Copy data into the cache */ + Array.Copy(pBuffer, pOffset + numProcessed, theBuffer, numActive, myRemaining); + numActive += myRemaining; + } + + /* Adjust the number of bytes processed */ + numHashed += (ulong)pLen; + } + + /** + * complete hash. + */ + internal void completeHash() + { + /* If we have remaining data */ + if (numActive > 0) + { + /* Access the next data */ + Arrays.Fill(parent.theReverse, (byte)0); + fillReverse(theBuffer, 0, numActive, parent.theReverse); + + /* hash value */ + parent.gHASH(parent.theReverse); + } + } + } + } } diff --git a/crypto/src/crypto/util/BasicAlphabetMapper.cs b/crypto/src/crypto/util/BasicAlphabetMapper.cs index ac4011a94..b60733fc0 100644 --- a/crypto/src/crypto/util/BasicAlphabetMapper.cs +++ b/crypto/src/crypto/util/BasicAlphabetMapper.cs @@ -1,104 +1,106 @@ using System; using System.Collections; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Crypto.Utilities { -/** - * A basic alphabet mapper that just creates a mapper based on the - * passed in array of characters. - */ - public class BasicAlphabetMapper - : IAlphabetMapper -{ - private Hashtable indexMap = new Hashtable(); - private Hashtable charMap = new Hashtable(); - /** - * Base constructor. - * - * @param alphabet a string of characters making up the alphabet. - */ - public BasicAlphabetMapper(string alphabet) : - this(alphabet.ToCharArray()) - { - } - - /** - * Base constructor. - * - * @param alphabet an array of characters making up the alphabet. + * A basic alphabet mapper that just creates a mapper based on the + * passed in array of characters. */ - public BasicAlphabetMapper(char[] alphabet) + public class BasicAlphabetMapper + : IAlphabetMapper { - for (int i = 0; i != alphabet.Length; i++) + private readonly IDictionary indexMap = Platform.CreateHashtable(); + private readonly IDictionary charMap = Platform.CreateHashtable(); + + /** + * Base constructor. + * + * @param alphabet a string of characters making up the alphabet. + */ + public BasicAlphabetMapper(string alphabet) : + this(alphabet.ToCharArray()) { - if (indexMap.ContainsKey(alphabet[i])) - { - throw new ArgumentException("duplicate key detected in alphabet: " + alphabet[i]); - } - indexMap.Add(alphabet[i], i); - charMap.Add(i, alphabet[i]); } - } - - public int Radix - { - get { return indexMap.Count; } - } - - public byte[] ConvertToIndexes(char[] input) - { - byte[] outBuf; - if (indexMap.Count <= 256) + /** + * Base constructor. + * + * @param alphabet an array of characters making up the alphabet. + */ + public BasicAlphabetMapper(char[] alphabet) { - outBuf = new byte[input.Length]; - for (int i = 0; i != input.Length; i++) + for (int i = 0; i != alphabet.Length; i++) { - outBuf[i] = (byte)(int)indexMap[input[i]]; + if (indexMap.Contains(alphabet[i])) + { + throw new ArgumentException("duplicate key detected in alphabet: " + alphabet[i]); + } + indexMap.Add(alphabet[i], i); + charMap.Add(i, alphabet[i]); } } - else + + public int Radix { - outBuf = new byte[input.Length * 2]; - for (int i = 0; i != input.Length; i++) - { - int idx = (int)indexMap[input[i]]; - outBuf[i * 2] = (byte)((idx >> 8) & 0xff); - outBuf[i * 2 + 1] = (byte)(idx & 0xff); - } + get { return indexMap.Count; } } - return outBuf; - } - - public char[] ConvertToChars(byte[] input) - { - char[] outBuf; - - if (charMap.Count <= 256) + public byte[] ConvertToIndexes(char[] input) { - outBuf = new char[input.Length]; - for (int i = 0; i != input.Length; i++) + byte[] outBuf; + + if (indexMap.Count <= 256) + { + outBuf = new byte[input.Length]; + for (int i = 0; i != input.Length; i++) + { + outBuf[i] = (byte)(int)indexMap[input[i]]; + } + } + else { - outBuf[i] = (char)charMap[input[i] & 0xff]; + outBuf = new byte[input.Length * 2]; + for (int i = 0; i != input.Length; i++) + { + int idx = (int)indexMap[input[i]]; + outBuf[i * 2] = (byte)((idx >> 8) & 0xff); + outBuf[i * 2 + 1] = (byte)(idx & 0xff); + } } + + return outBuf; } - else + + public char[] ConvertToChars(byte[] input) { - if ((input.Length & 0x1) != 0) + char[] outBuf; + + if (charMap.Count <= 256) { - throw new ArgumentException("two byte radix and input string odd.Length"); + outBuf = new char[input.Length]; + for (int i = 0; i != input.Length; i++) + { + outBuf[i] = (char)charMap[input[i] & 0xff]; + } } - - outBuf = new char[input.Length / 2]; - for (int i = 0; i != input.Length; i += 2) + else { - outBuf[i / 2] = (char)charMap[((input[i] << 8) & 0xff00) | (input[i + 1] & 0xff)]; + if ((input.Length & 0x1) != 0) + { + throw new ArgumentException("two byte radix and input string odd.Length"); + } + + outBuf = new char[input.Length / 2]; + for (int i = 0; i != input.Length; i += 2) + { + outBuf[i / 2] = (char)charMap[((input[i] << 8) & 0xff00) | (input[i + 1] & 0xff)]; + } } - } - return outBuf; + return outBuf; + } } } -} diff --git a/crypto/src/crypto/util/Pack.cs b/crypto/src/crypto/util/Pack.cs index 30b4ec8ae..8ba738d4f 100644 --- a/crypto/src/crypto/util/Pack.cs +++ b/crypto/src/crypto/util/Pack.cs @@ -20,11 +20,41 @@ namespace Org.BouncyCastle.Crypto.Utilities bs[off + 1] = (byte)(n); } - internal static ushort BE_To_UInt16(byte[] bs) + internal static void UInt16_To_BE(ushort[] ns, byte[] bs, int off) { - uint n = (uint)bs[0] << 8 - | (uint)bs[1]; - return (ushort)n; + for (int i = 0; i < ns.Length; ++i) + { + UInt16_To_BE(ns[i], bs, off); + off += 2; + } + } + + internal static void UInt16_To_BE(ushort[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt16_To_BE(ns[nsOff + i], bs, bsOff); + bsOff += 2; + } + } + + internal static byte[] UInt16_To_BE(ushort n) + { + byte[] bs = new byte[2]; + UInt16_To_BE(n, bs, 0); + return bs; + } + + internal static byte[] UInt16_To_BE(ushort[] ns) + { + return UInt16_To_BE(ns, 0, ns.Length); + } + + internal static byte[] UInt16_To_BE(ushort[] ns, int nsOff, int nsLen) + { + byte[] bs = new byte[2 * nsLen]; + UInt16_To_BE(ns, nsOff, nsLen, bs, 0); + return bs; } internal static ushort BE_To_UInt16(byte[] bs, int off) @@ -34,11 +64,27 @@ namespace Org.BouncyCastle.Crypto.Utilities return (ushort)n; } - internal static byte[] UInt32_To_BE(uint n) + internal static void BE_To_UInt16(byte[] bs, int bsOff, ushort[] ns, int nsOff) { - byte[] bs = new byte[4]; - UInt32_To_BE(n, bs, 0); - return bs; + ns[nsOff] = BE_To_UInt16(bs, bsOff); + } + + internal static ushort[] BE_To_UInt16(byte[] bs) + { + return BE_To_UInt16(bs, 0, bs.Length); + } + + internal static ushort[] BE_To_UInt16(byte[] bs, int off, int len) + { + if ((len & 1) != 0) + throw new ArgumentException("must be a multiple of 2", "len"); + + ushort[] ns = new ushort[len / 2]; + for (int i = 0; i < len; i += 2) + { + BE_To_UInt16(bs, off + i, ns, i >> 1); + } + return ns; } internal static void UInt32_To_BE(uint n, byte[] bs) @@ -57,13 +103,6 @@ namespace Org.BouncyCastle.Crypto.Utilities bs[off + 3] = (byte)(n); } - internal static byte[] UInt32_To_BE(uint[] ns) - { - byte[] bs = new byte[4 * ns.Length]; - UInt32_To_BE(ns, bs, 0); - return bs; - } - internal static void UInt32_To_BE(uint[] ns, byte[] bs, int off) { for (int i = 0; i < ns.Length; ++i) @@ -73,7 +112,7 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - public static void UInt32_To_BE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + internal static void UInt32_To_BE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) { for (int i = 0; i < nsLen; ++i) { @@ -82,6 +121,20 @@ namespace Org.BouncyCastle.Crypto.Utilities } } + internal static byte[] UInt32_To_BE(uint n) + { + byte[] bs = new byte[4]; + UInt32_To_BE(n, bs, 0); + return bs; + } + + internal static byte[] UInt32_To_BE(uint[] ns) + { + byte[] bs = new byte[4 * ns.Length]; + UInt32_To_BE(ns, bs, 0); + return bs; + } + internal static uint BE_To_UInt32(byte[] bs) { return (uint)bs[0] << 24 @@ -107,7 +160,7 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - public static void BE_To_UInt32(byte[] bs, int bsOff, uint[] ns, int nsOff, int nsLen) + internal static void BE_To_UInt32(byte[] bs, int bsOff, uint[] ns, int nsOff, int nsLen) { for (int i = 0; i < nsLen; ++i) { @@ -151,7 +204,7 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - public static void UInt64_To_BE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + internal static void UInt64_To_BE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) { for (int i = 0; i < nsLen; ++i) { @@ -160,13 +213,6 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - internal static ulong BE_To_UInt64(byte[] bs) - { - uint hi = BE_To_UInt32(bs); - uint lo = BE_To_UInt32(bs, 4); - return ((ulong)hi << 32) | (ulong)lo; - } - internal static ulong BE_To_UInt64(byte[] bs, int off) { uint hi = BE_To_UInt32(bs, off); @@ -183,7 +229,7 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - public static void BE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen) + internal static void BE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen) { for (int i = 0; i < nsLen; ++i) { diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs index 8c6b74d5b..982fbf3a0 100644 --- a/crypto/src/security/SecureRandom.cs +++ b/crypto/src/security/SecureRandom.cs @@ -246,14 +246,14 @@ namespace Org.BouncyCastle.Security { byte[] bytes = new byte[4]; NextBytes(bytes); - return (int)Pack.BE_To_UInt32(bytes); + return (int)Pack.BE_To_UInt32(bytes, 0); } public virtual long NextLong() { byte[] bytes = new byte[8]; NextBytes(bytes); - return (long)Pack.BE_To_UInt64(bytes); + return (long)Pack.BE_To_UInt64(bytes, 0); } } } diff --git a/crypto/src/util/Arrays.cs b/crypto/src/util/Arrays.cs index 78c4e8ffc..fdf08a90c 100644 --- a/crypto/src/util/Arrays.cs +++ b/crypto/src/util/Arrays.cs @@ -705,6 +705,7 @@ namespace Org.BouncyCastle.Utilities return rv; } + [CLSCompliantAttribute(false)] public static ushort[] Concatenate(ushort[] a, ushort[] b) { if (a == null) diff --git a/crypto/src/util/Bytes.cs b/crypto/src/util/Bytes.cs index 0d73d67ae..ecde85dde 100644 --- a/crypto/src/util/Bytes.cs +++ b/crypto/src/util/Bytes.cs @@ -4,7 +4,7 @@ namespace Org.BouncyCastle.Utilities { public abstract class Bytes { - public static readonly uint BYTES = 1; - public static readonly uint SIZE = 8; + public const int NumBits = 8; + public const int NumBytes = 1; } } diff --git a/crypto/src/util/Integers.cs b/crypto/src/util/Integers.cs index b7bd25ce6..11045d9e3 100644 --- a/crypto/src/util/Integers.cs +++ b/crypto/src/util/Integers.cs @@ -6,8 +6,8 @@ namespace Org.BouncyCastle.Utilities { public abstract class Integers { - public static readonly uint BYTES = 4; - public static readonly uint SIZE = 32; + public const int NumBits = 32; + public const int NumBytes = 4; private static readonly byte[] DeBruijnTZ = { 0x00, 0x01, 0x02, 0x18, 0x03, 0x13, 0x06, 0x19, 0x16, 0x04, 0x14, 0x0A, diff --git a/crypto/src/util/Longs.cs b/crypto/src/util/Longs.cs index 892e57137..91dee2b50 100644 --- a/crypto/src/util/Longs.cs +++ b/crypto/src/util/Longs.cs @@ -6,8 +6,8 @@ namespace Org.BouncyCastle.Utilities { public abstract class Longs { - public static readonly uint BYTES = 8; - public static readonly uint SIZE = 64; + public const int NumBits = 64; + public const int NumBytes = 8; public static long Reverse(long i) { diff --git a/crypto/src/util/io/Streams.cs b/crypto/src/util/io/Streams.cs index 503a1b4f1..506b2489f 100644 --- a/crypto/src/util/io/Streams.cs +++ b/crypto/src/util/io/Streams.cs @@ -100,15 +100,9 @@ namespace Org.BouncyCastle.Utilities.IO /// <exception cref="IOException"></exception> public static int WriteBufTo(MemoryStream buf, byte[] output, int offset) { -#if PORTABLE - byte[] bytes = buf.ToArray(); - bytes.CopyTo(output, offset); - return bytes.Length; -#else int size = (int)buf.Length; - buf.WriteTo(new MemoryStream(output, offset, size, true)); + WriteBufTo(buf, new MemoryStream(output, offset, size)); return size; -#endif } public static void WriteZeroes(Stream outStr, long count) diff --git a/crypto/test/UnitTests.csproj b/crypto/test/UnitTests.csproj index b70d94a6b..2164d2949 100644 --- a/crypto/test/UnitTests.csproj +++ b/crypto/test/UnitTests.csproj @@ -201,6 +201,8 @@ <Compile Include="src\crypto\test\Ed448Test.cs" /> <Compile Include="src\crypto\test\ElGamalTest.cs" /> <Compile Include="src\crypto\test\EqualsHashCodeTest.cs" /> + <Compile Include="src\crypto\test\GcmReorderTest.cs" /> + <Compile Include="src\crypto\test\GcmSivTest.cs" /> <Compile Include="src\crypto\test\GCMTest.cs" /> <Compile Include="src\crypto\test\GMacTest.cs" /> <Compile Include="src\crypto\test\GOST28147MacTest.cs" /> @@ -209,7 +211,6 @@ <Compile Include="src\crypto\test\GOST3411DigestTest.cs" /> <Compile Include="src\crypto\test\GOST3411_2012_256DigestTest.cs" /> <Compile Include="src\crypto\test\GOST3411_2012_512DigestTest.cs" /> - <Compile Include="src\crypto\test\GcmReorderTest.cs" /> <Compile Include="src\crypto\test\HCFamilyTest.cs" /> <Compile Include="src\crypto\test\HCFamilyVecTest.cs" /> <Compile Include="src\crypto\test\HKDFGeneratorTest.cs" /> @@ -236,6 +237,7 @@ <Compile Include="src\crypto\test\OAEPTest.cs" /> <Compile Include="src\crypto\test\OCBTest.cs" /> <Compile Include="src\crypto\test\OpenBsdBCryptTest.cs" /> + <Compile Include="src\crypto\test\ParallelHashTest.cs" /> <Compile Include="src\crypto\test\PSSBlindTest.cs" /> <Compile Include="src\crypto\test\PSSTest.cs" /> <Compile Include="src\crypto\test\PaddingTest.cs" /> @@ -280,6 +282,7 @@ <Compile Include="src\crypto\test\SM4Test.cs" /> <Compile Include="src\crypto\test\SkeinDigestTest.cs" /> <Compile Include="src\crypto\test\SkeinMacTest.cs" /> + <Compile Include="src\crypto\test\SP80038GTest.cs" /> <Compile Include="src\crypto\test\StreamCipherResetTest.cs" /> <Compile Include="src\crypto\test\Threefish1024Test.cs" /> <Compile Include="src\crypto\test\Threefish256Test.cs" /> @@ -295,6 +298,7 @@ <Compile Include="src\crypto\test\TEATest.cs" /> <Compile Include="src\crypto\test\TigerDigestTest.cs" /> <Compile Include="src\crypto\test\TnepresTest.cs" /> + <Compile Include="src\crypto\test\TupleHashTest.cs" /> <Compile Include="src\crypto\test\TwofishTest.cs" /> <Compile Include="src\crypto\test\VMPCKSA3Test.cs" /> <Compile Include="src\crypto\test\VMPCMacTest.cs" /> @@ -383,6 +387,7 @@ <Compile Include="src\openpgp\test\PGPCompressionTest.cs" /> <Compile Include="src\openpgp\test\PGPDSAElGamalTest.cs" /> <Compile Include="src\openpgp\test\PGPDSATest.cs" /> + <Compile Include="src\openpgp\test\PgpFeaturesTest.cs" /> <Compile Include="src\openpgp\test\PGPNoPrivateKeyTest.cs" /> <Compile Include="src\openpgp\test\PGPPBETest.cs" /> <Compile Include="src\openpgp\test\PGPPacketTest.cs" /> diff --git a/crypto/test/src/crypto/test/GcmSivTest.cs b/crypto/test/src/crypto/test/GcmSivTest.cs index 8446911bb..0921912cd 100644 --- a/crypto/test/src/crypto/test/GcmSivTest.cs +++ b/crypto/test/src/crypto/test/GcmSivTest.cs @@ -1,10 +1,7 @@ +using System; using NUnit.Framework; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Digests; -using Org.BouncyCastle.Crypto.Engines; -using Org.BouncyCastle.Crypto.Encodings; using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Utilities; @@ -13,447 +10,449 @@ using Org.BouncyCastle.Utilities.Test; namespace Org.BouncyCastle.Crypto.Tests { - - /** - * ISO vector test for Whirlpool - * - */ - [TestFixture] -public class GcmSivTest + [TestFixture] + public class GcmSivTest : SimpleTest -{ - public override string Name { - get { return "GCM-SIV"; } - } + public override string Name + { + get { return "GCM-SIV"; } + } - [Test] public override void PerformTest() - { - new AESGcmSiv128Test1().testTheCipher(this); - new AESGcmSiv128Test2().testTheCipher(this); - new AESGcmSiv128Test3().testTheCipher(this); - new AESGcmSiv256Test1().testTheCipher(this); - new AESGcmSiv256Test2().testTheCipher(this); - new AESGcmSiv256Test3().testTheCipher(this); - new AESGcmSiv256Test4().testTheCipher(this); - } + { + new AesGcmSiv128Test1().TestTheCipher(this); + new AesGcmSiv128Test2().TestTheCipher(this); + new AesGcmSiv128Test3().TestTheCipher(this); + new AesGcmSiv256Test1().TestTheCipher(this); + new AesGcmSiv256Test2().TestTheCipher(this); + new AesGcmSiv256Test3().TestTheCipher(this); + new AesGcmSiv256Test4().TestTheCipher(this); + } - /** - * Test the GcmSivCipher against the results. - * @param pCipher the cipher to test. - * @param pKey the key to test - * @param pNonce the nonce - * @param pAEAD the AEAD - * @param pData the data to test - * @param pExpected the expected results - */ - void testSIVCipher(GcmSivBlockCipher pCipher, - string pKey, - string pNonce, - string pAEAD, - string pData, - string pExpected) - { - /* protect against exceptions */ - try + /** + * Test the GcmSivCipher against the results. + * @param pCipher the cipher to test. + * @param pKey the key to test + * @param pNonce the nonce + * @param pAEAD the AEAD + * @param pData the data to test + * @param pExpected the expected results + */ + private void TestSivCipher(GcmSivBlockCipher pCipher, string pKey, string pNonce, string pAEAD, string pData, + string pExpected) { - /* Access the key and the data */ - KeyParameter myKey = new KeyParameter(Hex.Decode(pKey)); - byte[] myNonce = Hex.Decode(pNonce); - byte[] myAEAD = Hex.Decode(pAEAD); - byte[] myData = Hex.Decode(pData); + try + { + /* Access the key and the data */ + KeyParameter myKey = new KeyParameter(Hex.Decode(pKey)); + byte[] myNonce = Hex.Decode(pNonce); + byte[] myAEAD = Hex.Decode(pAEAD); + byte[] myData = Hex.Decode(pData); - /* Initialise the cipher */ - AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD); - pCipher.Init(true, myParams); + /* Initialise the cipher */ + AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD); + pCipher.Init(true, myParams); - /* Create the output buffers */ - byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)]; - byte[] myFinal = new byte[myData.Length]; + /* Create the output buffers */ + byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)]; + byte[] myFinal = new byte[myData.Length]; - /* Process the data */ - pCipher.ProcessBytes(myData, 0, myData.Length, null, 0); - pCipher.DoFinal(myOutput, 0); + /* Process the data */ + pCipher.ProcessBytes(myData, 0, myData.Length, null, 0); + pCipher.DoFinal(myOutput, 0); - /* Check the encryption */ - byte[] myExpected = Hex.Decode(pExpected); - IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + /* Check the encryption */ + byte[] myExpected = Hex.Decode(pExpected); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); - /* Repeat processing byte at a time */ - for (int i = 0; i != myData.Length; i++) + /* Repeat processing byte at a time */ + for (int i = 0; i != myData.Length; i++) + { + pCipher.ProcessByte(myData[i], null, 0); + } + pCipher.DoFinal(myOutput, 0); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + + /* Re-initialise the cipher */ + pCipher.Init(false, myParams); + pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0); + pCipher.DoFinal(myFinal, 0); + IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal)); + } + catch (InvalidCipherTextException e) { - pCipher.ProcessByte(myData[i], null, 0); + Fail("Bad Text", e); } - pCipher.DoFinal(myOutput, 0); - IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); - - /* Re-initialise the cipher */ - pCipher.Init(false, myParams); - pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0); - pCipher.DoFinal(myFinal, 0); - IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal)); } - catch (InvalidCipherTextException e) + + /** + * AES-GCM-SIV-128 Set 1. + */ + private class AesGcmSiv128Test1 { - Fail("Bad Text", e); - } - } + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "dc20e2d83f25705bb49e439eca56de25"; + private readonly string EXPECTED_2 = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c"; + private readonly string EXPECTED_3 = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639"; + private readonly string EXPECTED_4 = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4"; + private readonly string EXPECTED_5 = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445" + + "1a8e45dcd4578c667cd86847bf6155ff"; + private readonly string EXPECTED_6 = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d" + + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8"; + private readonly string EXPECTED_7 = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0" + + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f" + + "8a263dd317aa88d56bdf3936dba75bb8"; - /** - * AES-GCM-SIV-128 Set 1. - */ - class AESGcmSiv128Test1 - { - private readonly string EMPTY = ""; - private readonly string KEY_1 = "01000000000000000000000000000000"; - private readonly string NONCE_1 = "030000000000000000000000"; - private readonly string DATA_8 = "0100000000000000"; - private readonly string DATA_12 = "010000000000000000000000"; - private readonly string DATA_16 = "01000000000000000000000000000000"; - private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; - private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" - + "03000000000000000000000000000000"; - private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" - + "03000000000000000000000000000000" + "04000000000000000000000000000000"; - private readonly string EXPECTED_1 = "dc20e2d83f25705bb49e439eca56de25"; - private readonly string EXPECTED_2 = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c"; - private readonly string EXPECTED_3 = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639"; - private readonly string EXPECTED_4 = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4"; - private readonly string EXPECTED_5 = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445" - + "1a8e45dcd4578c667cd86847bf6155ff"; - private readonly string EXPECTED_6 = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d" - + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8"; - private readonly string EXPECTED_7 = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0" - + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f" - + "8a263dd317aa88d56bdf3936dba75bb8"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-128 Set 2. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv128Test2 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); - } - } + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508"; + private readonly string EXPECTED_2 = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a"; + private readonly string EXPECTED_3 = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f"; + private readonly string EXPECTED_4 = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71" + + "e6af6a7f87287da059a71684ed3498e1"; + private readonly string EXPECTED_5 = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005" + + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2"; + private readonly string EXPECTED_6 = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe" + + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80" + + "cdc46ae475563de037001ef84ae21744"; + private readonly string EXPECTED_7 = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14"; + private readonly string EXPECTED_8 = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6" + + "fe106514"; + private readonly string EXPECTED_9 = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13" + + "b9fd"; - /** - * AES-GCM-SIV-128 Set 2. - */ - class AESGcmSiv128Test2 - { - private readonly string KEY_1 = "01000000000000000000000000000000"; - private readonly string NONCE_1 = "030000000000000000000000"; - private readonly string AEAD_1 = "01"; - private readonly string AEAD_12 = "010000000000000000000000"; - private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; - private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; - private readonly string DATA_4 = "02000000"; - private readonly string DATA_8 = "0200000000000000"; - private readonly string DATA_12 = "020000000000000000000000"; - private readonly string DATA_16 = "02000000000000000000000000000000"; - private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; - private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; - private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; - private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" - + "04000000000000000000000000000000"; - private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" - + "04000000000000000000000000000000" + "05000000000000000000000000000000"; - private readonly string EXPECTED_1 = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508"; - private readonly string EXPECTED_2 = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a"; - private readonly string EXPECTED_3 = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f"; - private readonly string EXPECTED_4 = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71" - + "e6af6a7f87287da059a71684ed3498e1"; - private readonly string EXPECTED_5 = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005" - + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2"; - private readonly string EXPECTED_6 = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe" - + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80" - + "cdc46ae475563de037001ef84ae21744"; - private readonly string EXPECTED_7 = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14"; - private readonly string EXPECTED_8 = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6" - + "fe106514"; - private readonly string EXPECTED_9 = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13" - + "b9fd"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-128 Set 3. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv128Test3 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); - } - } + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4"; + private readonly string KEY_2 = "36864200e0eaf5284d884a0e77d31646"; + private readonly string KEY_3 = "aedb64a6c590bc84d1a5e269e4b47801"; + private readonly string KEY_4 = "d5cc1fd161320b6920ce07787f86743b"; + private readonly string KEY_5 = "b3fed1473c528b8426a582995929a149"; + private readonly string KEY_6 = "2d4ed87da44102952ef94b02b805249b"; + private readonly string KEY_7 = "bde3b2f204d1e9f8b06bc47f9745b3d1"; + private readonly string KEY_8 = "f901cfe8a69615a93fdf7a98cad48179"; + private readonly string NONCE_1 = "f46e44bb3da0015c94f70887"; + private readonly string NONCE_2 = "bae8e37fc83441b16034566b"; + private readonly string NONCE_3 = "afc0577e34699b9e671fdd4f"; + private readonly string NONCE_4 = "275d1ab32f6d1f0434d8848c"; + private readonly string NONCE_5 = "9e9ad8780c8d63d0ab4149c0"; + private readonly string NONCE_6 = "ac80e6f61455bfac8308a2d4"; + private readonly string NONCE_7 = "ae06556fb6aa7890bebc18fe"; + private readonly string NONCE_8 = "6245709fb18853f68d833640"; + private readonly string AEAD_2 = "46bb91c3c5"; + private readonly string AEAD_3 = "fc880c94a95198874296"; + private readonly string AEAD_4 = "046787f3ea22c127aaf195d1894728"; + private readonly string AEAD_5 = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93"; + private readonly string AEAD_6 = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a"; + private readonly string AEAD_7 = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f"; + private readonly string AEAD_8 = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa" + + "859c21"; + private readonly string DATA_2 = "7a806c"; + private readonly string DATA_3 = "bdc66f146545"; + private readonly string DATA_4 = "1177441f195495860f"; + private readonly string DATA_5 = "9f572c614b4745914474e7c7"; + private readonly string DATA_6 = "0d8c8451178082355c9e940fea2f58"; + private readonly string DATA_7 = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7"; + private readonly string DATA_8 = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d"; + private readonly string EXPECTED_1 = "a4194b79071b01a87d65f706e3949578"; + private readonly string EXPECTED_2 = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8"; + private readonly string EXPECTED_3 = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966"; + private readonly string EXPECTED_4 = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b"; + private readonly string EXPECTED_5 = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0"; + private readonly string EXPECTED_6 = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b"; + private readonly string EXPECTED_7 = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4" + + "db84"; + private readonly string EXPECTED_8 = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9" + + "d24a2a6e70"; - /** - * AES-GCM-SIV-128 Set 3. - */ - class AESGcmSiv128Test3 - { - private readonly string EMPTY = ""; - private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4"; - private readonly string KEY_2 = "36864200e0eaf5284d884a0e77d31646"; - private readonly string KEY_3 = "aedb64a6c590bc84d1a5e269e4b47801"; - private readonly string KEY_4 = "d5cc1fd161320b6920ce07787f86743b"; - private readonly string KEY_5 = "b3fed1473c528b8426a582995929a149"; - private readonly string KEY_6 = "2d4ed87da44102952ef94b02b805249b"; - private readonly string KEY_7 = "bde3b2f204d1e9f8b06bc47f9745b3d1"; - private readonly string KEY_8 = "f901cfe8a69615a93fdf7a98cad48179"; - private readonly string NONCE_1 = "f46e44bb3da0015c94f70887"; - private readonly string NONCE_2 = "bae8e37fc83441b16034566b"; - private readonly string NONCE_3 = "afc0577e34699b9e671fdd4f"; - private readonly string NONCE_4 = "275d1ab32f6d1f0434d8848c"; - private readonly string NONCE_5 = "9e9ad8780c8d63d0ab4149c0"; - private readonly string NONCE_6 = "ac80e6f61455bfac8308a2d4"; - private readonly string NONCE_7 = "ae06556fb6aa7890bebc18fe"; - private readonly string NONCE_8 = "6245709fb18853f68d833640"; - private readonly string AEAD_2 = "46bb91c3c5"; - private readonly string AEAD_3 = "fc880c94a95198874296"; - private readonly string AEAD_4 = "046787f3ea22c127aaf195d1894728"; - private readonly string AEAD_5 = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93"; - private readonly string AEAD_6 = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a"; - private readonly string AEAD_7 = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f"; - private readonly string AEAD_8 = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa" - + "859c21"; - private readonly string DATA_2 = "7a806c"; - private readonly string DATA_3 = "bdc66f146545"; - private readonly string DATA_4 = "1177441f195495860f"; - private readonly string DATA_5 = "9f572c614b4745914474e7c7"; - private readonly string DATA_6 = "0d8c8451178082355c9e940fea2f58"; - private readonly string DATA_7 = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7"; - private readonly string DATA_8 = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d"; - private readonly string EXPECTED_1 = "a4194b79071b01a87d65f706e3949578"; - private readonly string EXPECTED_2 = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8"; - private readonly string EXPECTED_3 = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966"; - private readonly string EXPECTED_4 = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b"; - private readonly string EXPECTED_5 = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0"; - private readonly string EXPECTED_6 = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b"; - private readonly string EXPECTED_7 = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4" - + "db84"; - private readonly string EXPECTED_8 = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9" - + "d24a2a6e70"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-256 Set 1. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv256Test1 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); - } - } + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "07f5f4169bbf55a8400cd47ea6fd400f"; + private readonly string EXPECTED_2 = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28"; + private readonly string EXPECTED_3 = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e"; + private readonly string EXPECTED_4 = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366"; + private readonly string EXPECTED_5 = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f" + + "e819e63abcd020b006a976397632eb5d"; + private readonly string EXPECTED_6 = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3" + + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4"; + private readonly string EXPECTED_7 = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7" + + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce" + + "112864c269fc0d9d88c61fa47e39aa08"; - /** - * AES-GCM-SIV-256 Set 1. - */ - class AESGcmSiv256Test1 - { - private readonly string EMPTY = ""; - private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; - private readonly string NONCE_1 = "030000000000000000000000"; - private readonly string DATA_8 = "0100000000000000"; - private readonly string DATA_12 = "010000000000000000000000"; - private readonly string DATA_16 = "01000000000000000000000000000000"; - private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; - private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" - + "03000000000000000000000000000000"; - private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" - + "03000000000000000000000000000000" + "04000000000000000000000000000000"; - private readonly string EXPECTED_1 = "07f5f4169bbf55a8400cd47ea6fd400f"; - private readonly string EXPECTED_2 = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28"; - private readonly string EXPECTED_3 = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e"; - private readonly string EXPECTED_4 = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366"; - private readonly string EXPECTED_5 = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f" - + "e819e63abcd020b006a976397632eb5d"; - private readonly string EXPECTED_6 = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3" - + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4"; - private readonly string EXPECTED_7 = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7" - + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce" - + "112864c269fc0d9d88c61fa47e39aa08"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-256 Set 2. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv256Test2 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); - } - } + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854"; + private readonly string EXPECTED_2 = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f"; + private readonly string EXPECTED_3 = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7"; + private readonly string EXPECTED_4 = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365" + + "aea1bad12702e1965604374aab96dbbc"; + private readonly string EXPECTED_5 = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47" + + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb"; + private readonly string EXPECTED_6 = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9" + + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89" + + "5bde0285037c5de81e5b570a049b62a0"; + private readonly string EXPECTED_7 = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf"; + private readonly string EXPECTED_8 = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59" + + "cabfe307"; + private readonly string EXPECTED_9 = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205" + + "6543"; - /** - * AES-GCM-SIV-256 Set 2. - */ - class AESGcmSiv256Test2 - { - private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; - private readonly string NONCE_1 = "030000000000000000000000"; - private readonly string AEAD_1 = "01"; - private readonly string AEAD_12 = "010000000000000000000000"; - private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; - private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; - private readonly string DATA_4 = "02000000"; - private readonly string DATA_8 = "0200000000000000"; - private readonly string DATA_12 = "020000000000000000000000"; - private readonly string DATA_16 = "02000000000000000000000000000000"; - private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; - private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; - private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; - private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" - + "04000000000000000000000000000000"; - private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" - + "04000000000000000000000000000000" + "05000000000000000000000000000000"; - private readonly string EXPECTED_1 = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854"; - private readonly string EXPECTED_2 = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f"; - private readonly string EXPECTED_3 = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7"; - private readonly string EXPECTED_4 = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365" - + "aea1bad12702e1965604374aab96dbbc"; - private readonly string EXPECTED_5 = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47" - + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb"; - private readonly string EXPECTED_6 = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9" - + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89" - + "5bde0285037c5de81e5b570a049b62a0"; - private readonly string EXPECTED_7 = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf"; - private readonly string EXPECTED_8 = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59" - + "cabfe307"; - private readonly string EXPECTED_9 = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205" - + "6543"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-256 Set 3. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv256Test3 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); - } - } + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200"; + private readonly string KEY_2 = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269"; + private readonly string KEY_3 = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3"; + private readonly string KEY_4 = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0"; + private readonly string KEY_5 = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235"; + private readonly string KEY_6 = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb"; + private readonly string KEY_7 = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7"; + private readonly string KEY_8 = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23"; + private readonly string NONCE_1 = "e0eaf5284d884a0e77d31646"; + private readonly string NONCE_2 = "e4b47801afc0577e34699b9e"; + private readonly string NONCE_3 = "2f6d1f0434d8848c1177441f"; + private readonly string NONCE_4 = "9f572c614b4745914474e7c7"; + private readonly string NONCE_5 = "5c9e940fea2f582950a70d5a"; + private readonly string NONCE_6 = "6de71860f762ebfbd08284e4"; + private readonly string NONCE_7 = "028ec6eb5ea7e298342a94d4"; + private readonly string NONCE_8 = "688089e55540db1872504e1c"; + private readonly string AEAD_2 = "4fbdc66f14"; + private readonly string AEAD_3 = "6787f3ea22c127aaf195"; + private readonly string AEAD_4 = "489c8fde2be2cf97e74e932d4ed87d"; + private readonly string AEAD_5 = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f"; + private readonly string AEAD_6 = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f"; + private readonly string AEAD_7 = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7"; + private readonly string AEAD_8 = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f" + + "167541"; + private readonly string DATA_2 = "671fdd"; + private readonly string DATA_3 = "195495860f04"; + private readonly string DATA_4 = "c9882e5386fd9f92ec"; + private readonly string DATA_5 = "1db2316fd568378da107b52b"; + private readonly string DATA_6 = "21702de0de18baa9c9596291b08466"; + private readonly string DATA_7 = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85"; + private readonly string DATA_8 = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec"; + private readonly string EXPECTED_1 = "169fbb2fbf389a995f6390af22228a62"; + private readonly string EXPECTED_2 = "0eaccb93da9bb81333aee0c785b240d3" + "19719d"; + private readonly string EXPECTED_3 = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c"; + private readonly string EXPECTED_4 = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2"; + private readonly string EXPECTED_5 = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5"; + private readonly string EXPECTED_6 = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd"; + private readonly string EXPECTED_7 = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d" + + "0a49"; + private readonly string EXPECTED_8 = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d" + + "ed1a286594"; - /** - * AES-GCM-SIV-256 Set 3. - */ - class AESGcmSiv256Test3 - { - private readonly string EMPTY = ""; - private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200"; - private readonly string KEY_2 = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269"; - private readonly string KEY_3 = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3"; - private readonly string KEY_4 = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0"; - private readonly string KEY_5 = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235"; - private readonly string KEY_6 = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb"; - private readonly string KEY_7 = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7"; - private readonly string KEY_8 = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23"; - private readonly string NONCE_1 = "e0eaf5284d884a0e77d31646"; - private readonly string NONCE_2 = "e4b47801afc0577e34699b9e"; - private readonly string NONCE_3 = "2f6d1f0434d8848c1177441f"; - private readonly string NONCE_4 = "9f572c614b4745914474e7c7"; - private readonly string NONCE_5 = "5c9e940fea2f582950a70d5a"; - private readonly string NONCE_6 = "6de71860f762ebfbd08284e4"; - private readonly string NONCE_7 = "028ec6eb5ea7e298342a94d4"; - private readonly string NONCE_8 = "688089e55540db1872504e1c"; - private readonly string AEAD_2 = "4fbdc66f14"; - private readonly string AEAD_3 = "6787f3ea22c127aaf195"; - private readonly string AEAD_4 = "489c8fde2be2cf97e74e932d4ed87d"; - private readonly string AEAD_5 = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f"; - private readonly string AEAD_6 = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f"; - private readonly string AEAD_7 = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7"; - private readonly string AEAD_8 = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f" - + "167541"; - private readonly string DATA_2 = "671fdd"; - private readonly string DATA_3 = "195495860f04"; - private readonly string DATA_4 = "c9882e5386fd9f92ec"; - private readonly string DATA_5 = "1db2316fd568378da107b52b"; - private readonly string DATA_6 = "21702de0de18baa9c9596291b08466"; - private readonly string DATA_7 = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85"; - private readonly string DATA_8 = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec"; - private readonly string EXPECTED_1 = "169fbb2fbf389a995f6390af22228a62"; - private readonly string EXPECTED_2 = "0eaccb93da9bb81333aee0c785b240d3" + "19719d"; - private readonly string EXPECTED_3 = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c"; - private readonly string EXPECTED_4 = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2"; - private readonly string EXPECTED_5 = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5"; - private readonly string EXPECTED_6 = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd"; - private readonly string EXPECTED_7 = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d" - + "0a49"; - private readonly string EXPECTED_8 = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d" - + "ed1a286594"; + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } /** - * Test cipher. - * @param pTest the test engine + * AES-GCM-SIV-256 Set 4. */ - internal void testTheCipher(GcmSivTest pTest) + private class AesGcmSiv256Test4 { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + private readonly string EMPTY = ""; + private readonly string KEY_1 = "00000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "000000000000000000000000"; + private readonly string DATA_1 = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108"; + private readonly string DATA_2 = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000"; + private readonly string EXPECTED_1 = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea" + + "ffffffff000000000000000000000000"; + private readonly string EXPECTED_2 = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000" + + "0000000000000000"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2); + } } - } - /** - * AES-GCM-SIV-256 Set 4. - */ - class AESGcmSiv256Test4 - { - private readonly string EMPTY = ""; - private readonly string KEY_1 = "00000000000000000000000000000000" + "00000000000000000000000000000000"; - private readonly string NONCE_1 = "000000000000000000000000"; - private readonly string DATA_1 = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108"; - private readonly string DATA_2 = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000"; - private readonly string EXPECTED_1 = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea" - + "ffffffff000000000000000000000000"; - private readonly string EXPECTED_2 = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000" - + "0000000000000000"; + public static void Main(string[] args) + { + RunTest(new GcmSivTest()); + } - /** - * Test cipher. - * @param pTest the test engine - */ - internal void testTheCipher(GcmSivTest pTest) + [Test] + public void TestFunction() { - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1); - pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2); + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); } } } -} diff --git a/crypto/test/src/crypto/test/ParallelHashTest.cs b/crypto/test/src/crypto/test/ParallelHashTest.cs index 2c3bb5613..3e80b4d5e 100644 --- a/crypto/test/src/crypto/test/ParallelHashTest.cs +++ b/crypto/test/src/crypto/test/ParallelHashTest.cs @@ -2,7 +2,6 @@ using System; using NUnit.Framework; -using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; @@ -10,132 +9,144 @@ using Org.BouncyCastle.Utilities.Test; namespace Org.BouncyCastle.Crypto.Tests { + /** + * ParallelHash test vectors from: + * <p> + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ [TestFixture] - -/** - * ParallelHash test vectors from: - * <p> - * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf - */ -public class ParallelHashTest - : SimpleTest -{ - public override string Name + public class ParallelHashTest + : SimpleTest { - get { return "ParallelHash"; } - } - [Test] + public override string Name + { + get { return "ParallelHash"; } + } + public override void PerformTest() - { - ParallelHash pHash = new ParallelHash(128, new byte[0], 8); + { + ParallelHash pHash = new ParallelHash(128, new byte[0], 8); - byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); - pHash.BlockUpdate(data, 0, data.Length); + byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + pHash.BlockUpdate(data, 0, data.Length); - byte[] res = new byte[pHash.GetDigestSize()]; + byte[] res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res)); - pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8); + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8); - pHash.BlockUpdate(data, 0, data.Length); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[pHash.GetDigestSize()]; + res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res)); - pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); - data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); - pHash.BlockUpdate(data, 0, data.Length); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[pHash.GetDigestSize()]; + res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); - pHash = new ParallelHash(256, new byte[0], 8); + pHash = new ParallelHash(256, new byte[0], 8); - data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); - pHash.BlockUpdate(data, 0, data.Length); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[pHash.GetDigestSize()]; + res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res)); - pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8); + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8); - data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); - pHash.BlockUpdate(data, 0, data.Length); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[pHash.GetDigestSize()]; + res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res)); - pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); - data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); - pHash.BlockUpdate(data, 0, data.Length); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[pHash.GetDigestSize()]; + res = new byte[pHash.GetDigestSize()]; - pHash.DoFinal(res, 0); + pHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); - pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); - data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); - pHash.BlockUpdate(data, 0, data.Length); + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[32]; + res = new byte[32]; - pHash.DoOutput(res, 0, res.Length); + pHash.DoOutput(res, 0, res.Length); - IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res)); + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res)); - pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); - data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); - pHash.BlockUpdate(data, 0, data.Length); + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); - res = new byte[64]; + res = new byte[64]; - pHash.DoOutput(res, 0, res.Length); + pHash.DoOutput(res, 0, res.Length); - IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res)); + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res)); - testEmpty(); - } + testEmpty(); + } - private void testEmpty() - { - //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16}, - //{"tcId":90,"md":"13C4","outLen":16} - ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62); + private void testEmpty() + { + //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16}, + //{"tcId":90,"md":"13C4","outLen":16} + ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62); + + pHash.BlockUpdate(new byte[0], 0, 0); + + byte[] res = new byte[16 / 8]; - pHash.BlockUpdate(new byte[0], 0, 0); + pHash.DoOutput(res, 0, res.Length); - byte[] res = new byte[16 / 8]; + IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res)); + } - pHash.DoOutput(res, 0, res.Length); + public static void Main(string[] args) + { + RunTest(new ParallelHashTest()); + } - IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res)); + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } } } -} diff --git a/crypto/test/src/crypto/test/RegressionTest.cs b/crypto/test/src/crypto/test/RegressionTest.cs index 2b863d8bb..edb50da40 100644 --- a/crypto/test/src/crypto/test/RegressionTest.cs +++ b/crypto/test/src/crypto/test/RegressionTest.cs @@ -146,7 +146,11 @@ namespace Org.BouncyCastle.Crypto.Tests new KdfDoublePipelineTests(), new KdfFeedbackCounterTests(), new CShakeTest(), - new KMacTest() + new KMacTest(), + new GcmSivTest(), + new ParallelHashTest(), + new SP80038GTest(), + new TupleHashTest(), }; public static void Main(string[] args) diff --git a/crypto/test/src/crypto/test/SP80038GTest.cs b/crypto/test/src/crypto/test/SP80038GTest.cs index d9a16fd9a..2c8d5615f 100644 --- a/crypto/test/src/crypto/test/SP80038GTest.cs +++ b/crypto/test/src/crypto/test/SP80038GTest.cs @@ -17,95 +17,95 @@ namespace Org.BouncyCastle.Crypto.Tests [TestFixture] public class SP80038GTest : SimpleTest -{ - private class FFSample { - private readonly int radix; - private readonly byte[] key; - private readonly byte[] plaintext; - private readonly byte[] ciphertext; - private readonly byte[] tweak; - - public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak) + private class FFSample { - return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak)); - } + private readonly int radix; + private readonly byte[] key; + private readonly byte[] plaintext; + private readonly byte[] ciphertext; + private readonly byte[] tweak; - private static byte fromAlphaNumeric(char c) - { - if (c >= '0' && c <= '9') - { - return (byte)(c - '0'); - } - else if (c >= 'a' && c <= 'z') - { - return (byte)(10 + (c - 'a')); - } - else if (c >= 'A' && c <= 'Z') + public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak) { - return (byte)(36 + (c - 'A')); + return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak)); } - else + + private static byte fromAlphaNumeric(char c) { - throw new ArgumentException(); + if (c >= '0' && c <= '9') + { + return (byte)(c - '0'); + } + else if (c >= 'a' && c <= 'z') + { + return (byte)(10 + (c - 'a')); + } + else if (c >= 'A' && c <= 'Z') + { + return (byte)(36 + (c - 'A')); + } + else + { + throw new ArgumentException(); + } } - } - private static byte[] fromAscii(int radix, string ascii) - { - byte[] result = new byte[ascii.Length]; - for (int i = 0; i < result.Length; ++i) + private static byte[] fromAscii(int radix, string ascii) { - result[i] = fromAlphaNumeric(ascii[i]); - if (result[i] < 0 || result[i] >= radix) + byte[] result = new byte[ascii.Length]; + for (int i = 0; i < result.Length; ++i) { - throw new ArgumentException(); + result[i] = fromAlphaNumeric(ascii[i]); + if (result[i] < 0 || result[i] >= radix) + { + throw new ArgumentException(); + } } + return result; } - return result; - } - private static byte[] fromHex(string hex) - { - return Hex.Decode(hex); - } + private static byte[] fromHex(string hex) + { + return Hex.Decode(hex); + } - private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak) - { - this.radix = radix; - this.key = key; - this.plaintext = plaintext; - this.ciphertext = ciphertext; - this.tweak = tweak; - } + private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak) + { + this.radix = radix; + this.key = key; + this.plaintext = plaintext; + this.ciphertext = ciphertext; + this.tweak = tweak; + } - public byte[] getCiphertext() - { - return ciphertext; - } + public byte[] getCiphertext() + { + return ciphertext; + } - public byte[] getKey() - { - return key; - } + public byte[] getKey() + { + return key; + } - public byte[] getPlaintext() - { - return plaintext; - } + public byte[] getPlaintext() + { + return plaintext; + } - public int getRadix() - { - return radix; - } + public int getRadix() + { + return radix; + } - public byte[] getTweak() - { - return tweak; + public byte[] getTweak() + { + return tweak; + } } - } - private static FFSample[] ff1Samples = new FFSample[] + private static FFSample[] ff1Samples = new FFSample[] { // FF1-AES128 FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "2433477484", ""), @@ -123,460 +123,473 @@ namespace Org.BouncyCastle.Crypto.Tests FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789abcdefghi", "xs8a0azh2avyalyzuwd", "3737373770717273373737"), }; - private static FFSample[] ff3_1Samples = new FFSample[] + private static FFSample[] ff3_1Samples = new FFSample[] { // FF3-AES128 FFSample.from(62, "7793833CE891B496381BD5B882F77EA1", "YbpT3hDo0J9xwCQ5qUWt93iv", "dDEYxViK56lGbV1WdZTPTe4w", "C58797C2580174"), }; - private void testFF1() - { - for (int i = 0; i < ff1Samples.Length; ++i) + private void testFF1() { - testFF1Sample(ff1Samples[i]); - } + for (int i = 0; i < ff1Samples.Length; ++i) + { + testFF1Sample(ff1Samples[i]); + } - byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); - byte[] plainText = Hex.Decode("0327035100210215"); - byte[] tweak = Hex.Decode("39383736353433323130"); + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433323130"); - FpeEngine fpeEngine = new FpeFf1Engine(); + FpeEngine fpeEngine = new FpeFf1Engine(); - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); - try - { - fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("input data outside of radix", e.Message); - } + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } - try - { - fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("input too short", e.Message); + try + { + fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } } - } - public void testFF1w() - { - byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); - byte[] plainText = Hex.Decode("0327035100210215"); - byte[] cipherText = Hex.Decode("022701f80217020a"); - byte[] tweak = Hex.Decode("39383736353433323130"); + public void testFF1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("022701f80217020a"); + byte[] tweak = Hex.Decode("39383736353433323130"); - FpeEngine fpeEngine = new FpeFf1Engine(); + FpeEngine fpeEngine = new FpeFf1Engine(); - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); - byte[] enc = new byte[plainText.Length]; + byte[] enc = new byte[plainText.Length]; - fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); - AreEqual(cipherText, enc); + AreEqual(cipherText, enc); - fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); - fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); - AreEqual(plainText, enc); + AreEqual(plainText, enc); - byte[] outPt = Hex.Decode("03270F5100210215"); + byte[] outPt = Hex.Decode("03270F5100210215"); - try - { - fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); - } - catch (ArgumentException e) - { - IsEquals("input data outside of radix", e.Message); + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } } - } - public void testFF3_1() - { - for (int i = 0; i < ff3_1Samples.Length; ++i) + public void testFF3_1() { - testFF3_1Sample(ff3_1Samples[i]); - } + for (int i = 0; i < ff3_1Samples.Length; ++i) + { + testFF3_1Sample(ff3_1Samples[i]); + } - byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); - byte[] plainText = Hex.Decode("0327035100210215"); - byte[] tweak = Hex.Decode("39383736353433"); + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433"); - FpeEngine fpeEngine = new FpeFf3_1Engine(); + FpeEngine fpeEngine = new FpeFf3_1Engine(); - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); - try - { - fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("input data outside of radix", e.Message); - } + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } - try - { - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef"))); + try + { + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef"))); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("tweak should be 56 bits", e.Message); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("tweak should be 56 bits", e.Message); + } } - } - private void testFF3_1w() - { - byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); - byte[] plainText = Hex.Decode("0327035100210215"); - byte[] cipherText = Hex.Decode("02fb024900310220"); - byte[] tweak = Hex.Decode("39383736353433"); + private void testFF3_1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("02fb024900310220"); + byte[] tweak = Hex.Decode("39383736353433"); - FpeEngine fpeEngine = new FpeFf3_1Engine(); + FpeEngine fpeEngine = new FpeFf3_1Engine(); - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); - byte[] enc = new byte[plainText.Length]; + byte[] enc = new byte[plainText.Length]; - fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); - IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc)); + IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc)); - fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); - fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); - IsTrue(AreEqual(plainText, enc)); + IsTrue(AreEqual(plainText, enc)); - byte[] outPt = Hex.Decode("03270F5100210215"); + byte[] outPt = Hex.Decode("03270F5100210215"); - try - { - fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); - } - catch (ArgumentException e) - { - IsEquals("input data outside of radix", e.Message); + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } } - } - private void testDisable() - { - Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true"); - try - { - testFF1(); - Fail("no exception"); - } - catch (InvalidOperationException e) + private void testDisable() { - IsEquals("FF1 encryption disabled", e.Message); - } + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } + + try + { + testFF3_1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FPE disabled", e.Message); + } + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false"); + + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } - try - { testFF3_1(); - Fail("no exception"); - } - catch (InvalidOperationException e) - { - IsEquals("FPE disabled", e.Message); + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false"); } - Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false"); - Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true"); - try - { - testFF1(); - Fail("no exception"); - } - catch (InvalidOperationException e) + private void testFF3_1_255() { - IsEquals("FF1 encryption disabled", e.Message); - } + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); + int radix = 256; - testFF3_1(); - Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false"); - } + FpeEngine fpeEngine = new FpeFf3_1Engine(); - private void testFF3_1_255() - { - byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); - byte[] tweak = Hex.Decode("3F096DE35BFA31"); - int radix = 256; + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); - FpeEngine fpeEngine = new FpeFf3_1Engine(); + ulong valueToEncrypt = 0x31009155FFL; - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + byte[] bytes = Hex.Decode("00000031009155FF"); + byte[] enc = new byte[bytes.Length]; + //Encrypt - ulong valueToEncrypt = 0x31009155FFL; + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0); - byte[] bytes = Hex.Decode("00000031009155FF"); - byte[] enc = new byte[bytes.Length]; - //Encrypt + IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc)); - fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0); + //Decrypt + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); - IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc)); + fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0); - //Decrypt - fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + IsTrue(Arrays.AreEqual(bytes, enc)); + } - fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0); + private void testFF1Sample(FFSample ff1) + { + FpeEngine fpeEngine = new FpeFf1Engine(); - IsTrue(Arrays.AreEqual(bytes, enc)); - } + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); - private void testFF1Sample(FFSample ff1) - { - FpeEngine fpeEngine = new FpeFf1Engine(); + byte[] plain = ff1.getPlaintext(); + byte[] enc = new byte[plain.Length]; - fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); - byte[] plain = ff1.getPlaintext(); - byte[] enc = new byte[plain.Length]; + IsTrue(AreEqual(ff1.getCiphertext(), enc)); - fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); - IsTrue(AreEqual(ff1.getCiphertext(), enc)); + fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0); - fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + IsTrue(AreEqual(ff1.getPlaintext(), enc)); + } - fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0); + private void testFF3_1Sample(FFSample ff3_1) + { + FpeEngine fpeEngine = new FpeFf3_1Engine(); - IsTrue(AreEqual(ff1.getPlaintext(), enc)); - } + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); - private void testFF3_1Sample(FFSample ff3_1) - { - FpeEngine fpeEngine = new FpeFf3_1Engine(); + byte[] plain = ff3_1.getPlaintext(); + byte[] enc = new byte[plain.Length]; - fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); - byte[] plain = ff3_1.getPlaintext(); - byte[] enc = new byte[plain.Length]; + IsTrue(AreEqual(ff3_1.getCiphertext(), enc)); - fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); - IsTrue(AreEqual(ff3_1.getCiphertext(), enc)); + fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0); - fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + IsTrue(AreEqual(ff3_1.getPlaintext(), enc)); + } - fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0); + public void testFF1Bounds() + { + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); - IsTrue(AreEqual(ff3_1.getPlaintext(), enc)); - } + FpeEngine fpeEngine = new FpeFf1Engine(); - public void testFF1Bounds() - { - byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); - byte[] tweak = Hex.Decode("3F096DE35BFA31"); + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); - FpeEngine fpeEngine = new FpeFf1Engine(); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); - try - { - IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD"); - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), - alphabetMapper.Radix, tweak)); + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); - process(fpeEngine, new byte[] { 1, 2, 3 }); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("input too short", e.Message); + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } } - try + private void testFF3_1Bounds() { - IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD"); + String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), - alphabetMapper.Radix, tweak)); + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha); - process(fpeEngine, new byte[] { 1, 2, 3 }); - Fail("no exception"); - } - catch (ArgumentException e) - { - IsEquals("input too short", e.Message); - } - } + ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u"); + ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z"); + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD"); + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk"); + Fail("no exception 1"); + } + catch (ArgumentException e) + { + IsEquals("maximum input length is 32", e.Message); + } - private void testFF3_1Bounds() - { - String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L"); + Fail("no exception 2"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } - IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha); + try + { + alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); - ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u"); - ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z"); - ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD"); - try - { - ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk"); - Fail("no exception 1"); - } - catch (ArgumentException e) - { - IsEquals("maximum input length is 32", e.Message); + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ"); + Fail("no exception 3"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } } - try + private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output) { - ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L"); - Fail("no exception 2"); - } - catch (ArgumentException e) - { - IsEquals("input too short", e.Message); - } + FpeEngine fpeEncEngine = new FpeFf3_1Engine(); + FpeEngine fpeDecEngine = new FpeFf3_1Engine(); - try - { - alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + byte[] key = Hex.Decode(skey); + byte[] tweak = Hex.Decode(stweak); + int radix = alphabetMapper.Radix; - ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ"); - Fail("no exception 3"); - } - catch (ArgumentException e) - { - IsEquals("input too short", e.Message); - } - } + fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); - private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output) - { - FpeEngine fpeEncEngine = new FpeFf3_1Engine(); - FpeEngine fpeDecEngine = new FpeFf3_1Engine(); + byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray()); - byte[] key = Hex.Decode(skey); - byte[] tweak = Hex.Decode(stweak); - int radix = alphabetMapper.Radix; + byte[] encryptedBytes = process(fpeEncEngine, bytes); + IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes))); - fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); - fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes); + IsTrue(Arrays.AreEqual(bytes, decryptedBytes)); + char[] chars = alphabetMapper.ConvertToChars(decryptedBytes); + IsEquals(input, new String(chars)); + } - byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray()); + private byte[] process(FpeEngine fpeEngine, byte[] bytes) + { + byte[] rv = new byte[bytes.Length]; - byte[] encryptedBytes = process(fpeEncEngine, bytes); - IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes))); + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0); - byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes); - IsTrue(Arrays.AreEqual(bytes, decryptedBytes)); - char[] chars = alphabetMapper.ConvertToChars(decryptedBytes); - IsEquals(input, new String(chars)); - } + return rv; + } - private byte[] process(FpeEngine fpeEngine, byte[] bytes) - { - byte[] rv = new byte[bytes.Length]; + public void testUtility() + { + FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); - fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0); + char[] input = "01234567890123456".ToCharArray(); + char[] encrypted = fpeEnc.Process(input); - return rv; - } + FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + char[] decrypted = fpeDec.Process(encrypted); - public void testUtility() - { - FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + IsTrue("no match", Arrays.AreEqual(input, decrypted)); + } - char[] input = "01234567890123456".ToCharArray(); - char[] encrypted = fpeEnc.Process(input); + public override void PerformTest() + { + testFF1(); + testFF1w(); + testFF1Bounds(); + testFF3_1(); + testFF3_1w(); + testFF3_1_255(); + testFF3_1Bounds(); + testDisable(); + testUtility(); + } - FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); - char[] decrypted = fpeDec.Process(encrypted); + public override string Name + { + get { return "SP80038GTest"; } + } - IsTrue("no match", Arrays.AreEqual(input, decrypted)); - } + public static void Main(string[] args) + { + RunTest(new SP80038GTest()); + } - public override string Name - { - get { return "SP80038GTest"; } - } [Test] - public override void PerformTest() - { - testFF1(); - testFF1w(); - testFF1Bounds(); - testFF3_1(); - testFF3_1w(); - testFF3_1_255(); - testFF3_1Bounds(); - testDisable(); - testUtility(); - } - - public class FpeCharEncryptor - { - private readonly FpeEngine fpeEngine; - private IAlphabetMapper alphabetMapper; - - public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + public void TestFunction() { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); } - public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + public class FpeCharEncryptor { - this.fpeEngine = fpeEngine; + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; - alphabetMapper = new BasicAlphabetMapper(alphabet); + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { - fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); - } + } - public char[] Process(char[] input) - { - byte[] bytes = alphabetMapper.ConvertToIndexes(input); + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; - fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + alphabetMapper = new BasicAlphabetMapper(alphabet); - return alphabetMapper.ConvertToChars(bytes); - } - } + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } - public class FpeCharDecryptor - { - private readonly FpeEngine fpeEngine; - private IAlphabetMapper alphabetMapper; + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); - public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) - { + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } } - public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + public class FpeCharDecryptor { - this.fpeEngine = fpeEngine; + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; - alphabetMapper = new BasicAlphabetMapper(alphabet); + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { + } - fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); - } + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; - public char[] Process(char[] input) - { - byte[] bytes = alphabetMapper.ConvertToIndexes(input); + alphabetMapper = new BasicAlphabetMapper(alphabet); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } - fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); - return alphabetMapper.ConvertToChars(bytes); + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } } } } -} diff --git a/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx b/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx deleted file mode 100644 index 770956d0b..000000000 --- a/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx +++ /dev/null Binary files differdiff --git a/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx b/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx deleted file mode 100644 index d8c3cd534..000000000 --- a/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx +++ /dev/null Binary files differdiff --git a/crypto/test/src/crypto/test/TupleHashTest.cs b/crypto/test/src/crypto/test/TupleHashTest.cs index dc2062577..2195bb27f 100644 --- a/crypto/test/src/crypto/test/TupleHashTest.cs +++ b/crypto/test/src/crypto/test/TupleHashTest.cs @@ -9,101 +9,113 @@ using Org.BouncyCastle.Utilities.Test; namespace Org.BouncyCastle.Crypto.Tests { + /** + * TupleHash test vectors from: + * <p> + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ [TestFixture] -/** - * TupleHash test vectors from: - * <p> - * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf - */ -public class TupleHashTest - : SimpleTest -{ - public override string Name + public class TupleHashTest + : SimpleTest { - get { return "TupleHash"; } - } + public override string Name + { + get { return "TupleHash"; } + } - [Test] public override void PerformTest() - { - TupleHash tHash = new TupleHash(128, new byte[0]); + { + TupleHash tHash = new TupleHash(128, new byte[0]); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + byte[] res = new byte[tHash.GetDigestSize()]; - byte[] res = new byte[tHash.GetDigestSize()]; + tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res)); - tHash.DoFinal(res, 0); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res)); + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); - tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.DoFinal(res, 0); - tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res)); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + tHash.DoFinal(res, 0); - tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + tHash = new TupleHash(256, new byte[0]); - tHash = new TupleHash(256, new byte[0]); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + res = new byte[tHash.GetDigestSize()]; - res = new byte[tHash.GetDigestSize()]; + tHash.DoFinal(res, 0); - tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res)); + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); - tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.DoFinal(res, 0); - tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res)); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + tHash.DoFinal(res, 0); - tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); - tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + res = new byte[32]; + tHash.DoOutput(res, 0, res.Length); - res = new byte[32]; - tHash.DoOutput(res, 0, res.Length); + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res)); - IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res)); + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); - tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); - tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); - tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); - tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + res = new byte[64]; + tHash.DoOutput(res, 0, res.Length); - res = new byte[64]; - tHash.DoOutput(res, 0, res.Length); + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res)); + } - IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); - IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res)); + public static void Main(string[] args) + { + RunTest(new TupleHashTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } } } -} diff --git a/crypto/test/src/openpgp/test/PGPArmoredTest.cs b/crypto/test/src/openpgp/test/PGPArmoredTest.cs index f78165d5a..1f1cbf3c3 100644 --- a/crypto/test/src/openpgp/test/PGPArmoredTest.cs +++ b/crypto/test/src/openpgp/test/PGPArmoredTest.cs @@ -292,11 +292,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests public override string Name { - get { return "PGPArmoredTest"; } + get { return "PgpArmoredTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpArmoredTest()); } diff --git a/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs index 668f8cce2..6ed632a00 100644 --- a/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs +++ b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs @@ -160,7 +160,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests public override string Name { - get { return "PGPClearSignedSignature"; } + get { return "PgpClearSignedSignatureTest"; } } private void messageTest( @@ -428,8 +428,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests generateTest(crNlMessage, "\\r\\n"); } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpClearSignedSignatureTest()); } diff --git a/crypto/test/src/openpgp/test/PGPCompressionTest.cs b/crypto/test/src/openpgp/test/PGPCompressionTest.cs index fdcf7222c..c8bca7470 100644 --- a/crypto/test/src/openpgp/test/PGPCompressionTest.cs +++ b/crypto/test/src/openpgp/test/PGPCompressionTest.cs @@ -4,8 +4,6 @@ using System.Text; using NUnit.Framework; -using Org.BouncyCastle.Asn1.Utilities; -using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; using Org.BouncyCastle.Utilities.Test; @@ -105,11 +103,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests public override string Name { - get { return "PGPCompressionTest"; } + get { return "PgpCompressionTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpCompressionTest()); } diff --git a/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs index b86324954..cd10a3ffe 100644 --- a/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs +++ b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs @@ -1,5 +1,4 @@ using System; -using System.Collections; using System.IO; using System.Text; @@ -472,7 +471,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests public override string Name { - get { return "PGPDSAElGamalTest"; } + get { return "PgpDsaElGamalTest"; } } public static void Main( diff --git a/crypto/test/src/openpgp/test/PGPDSATest.cs b/crypto/test/src/openpgp/test/PGPDSATest.cs index e1dc384db..b99fe2354 100644 --- a/crypto/test/src/openpgp/test/PGPDSATest.cs +++ b/crypto/test/src/openpgp/test/PGPDSATest.cs @@ -580,8 +580,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpDsaTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpDsaTest()); } diff --git a/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs b/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs index 222b50a4b..3006aeb3e 100644 --- a/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs +++ b/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs @@ -1,5 +1,4 @@ using System; -using System.IO; using NUnit.Framework; @@ -152,8 +151,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpNoPrivateKeyTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpNoPrivateKeyTest()); } diff --git a/crypto/test/src/openpgp/test/PGPPBETest.cs b/crypto/test/src/openpgp/test/PGPPBETest.cs index eee3aaa63..43016465e 100644 --- a/crypto/test/src/openpgp/test/PGPPBETest.cs +++ b/crypto/test/src/openpgp/test/PGPPBETest.cs @@ -367,8 +367,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpPbeTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpPbeTest()); } diff --git a/crypto/test/src/openpgp/test/PGPPacketTest.cs b/crypto/test/src/openpgp/test/PGPPacketTest.cs index b3dbbc2ed..9c5e8239f 100644 --- a/crypto/test/src/openpgp/test/PGPPacketTest.cs +++ b/crypto/test/src/openpgp/test/PGPPacketTest.cs @@ -63,8 +63,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpPacketTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpPacketTest()); } diff --git a/crypto/test/src/openpgp/test/PGPRSATest.cs b/crypto/test/src/openpgp/test/PGPRSATest.cs index be111c958..250fe6143 100644 --- a/crypto/test/src/openpgp/test/PGPRSATest.cs +++ b/crypto/test/src/openpgp/test/PGPRSATest.cs @@ -7,7 +7,6 @@ using NUnit.Framework; using Org.BouncyCastle.Bcpg.Attr; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -1216,8 +1215,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpRsaTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpRsaTest()); } diff --git a/crypto/test/src/openpgp/test/PGPSignatureTest.cs b/crypto/test/src/openpgp/test/PGPSignatureTest.cs index d2f4a8a31..b836fe236 100644 --- a/crypto/test/src/openpgp/test/PGPSignatureTest.cs +++ b/crypto/test/src/openpgp/test/PGPSignatureTest.cs @@ -1069,8 +1069,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpSignatureTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpSignatureTest()); } diff --git a/crypto/test/src/openpgp/test/PgpECDHTest.cs b/crypto/test/src/openpgp/test/PgpECDHTest.cs index b7c500bd0..94ab2a755 100644 --- a/crypto/test/src/openpgp/test/PgpECDHTest.cs +++ b/crypto/test/src/openpgp/test/PgpECDHTest.cs @@ -6,9 +6,7 @@ using System.Text; using NUnit.Framework; using Org.BouncyCastle.Asn1.Sec; -using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; @@ -263,8 +261,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpECDHTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpECDHTest()); } diff --git a/crypto/test/src/openpgp/test/PgpECDsaTest.cs b/crypto/test/src/openpgp/test/PgpECDsaTest.cs index 6259ef627..c06532080 100644 --- a/crypto/test/src/openpgp/test/PgpECDsaTest.cs +++ b/crypto/test/src/openpgp/test/PgpECDsaTest.cs @@ -188,8 +188,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpECDsaTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpECDsaTest()); } diff --git a/crypto/test/src/openpgp/test/PgpECMessageTest.cs b/crypto/test/src/openpgp/test/PgpECMessageTest.cs index ac8283721..8f6111c9b 100644 --- a/crypto/test/src/openpgp/test/PgpECMessageTest.cs +++ b/crypto/test/src/openpgp/test/PgpECMessageTest.cs @@ -179,8 +179,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpECMessageTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpECMessageTest()); } diff --git a/crypto/test/src/openpgp/test/PgpFeaturesTest.cs b/crypto/test/src/openpgp/test/PgpFeaturesTest.cs index 2969d8982..162c3f093 100644 --- a/crypto/test/src/openpgp/test/PgpFeaturesTest.cs +++ b/crypto/test/src/openpgp/test/PgpFeaturesTest.cs @@ -1,15 +1,17 @@ - -using NUnit.Core; +using System; + using NUnit.Framework; + using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities.Test; namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests { [TestFixture] public class PgpFeaturesTest + : SimpleTest { - [Test] - public void PerformTest() + public override void PerformTest() { Features f = new Features(true, Features.FEATURE_MODIFICATION_DETECTION); Assert.IsTrue(f.SupportsFeature(Features.FEATURE_MODIFICATION_DETECTION)); @@ -36,20 +38,22 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests Assert.IsTrue(f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); } + public override string Name + { + get { return "PgpFeaturesTest"; } + } + public static void Main(string[] args) { - Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + RunTest(new PgpFeaturesTest()); } - [Suite] - public static TestSuite Suite + [Test] + public void TestFunction() { - get - { - TestSuite suite = new TestSuite("PGP Features Tests"); - suite.Add(new PgpFeaturesTest()); - return suite; - } + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); } } } diff --git a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs index aed750318..f8eaa648d 100644 --- a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs +++ b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs @@ -2654,8 +2654,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpKeyRingTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpKeyRingTest()); } diff --git a/crypto/test/src/openpgp/test/PgpMarkerTest.cs b/crypto/test/src/openpgp/test/PgpMarkerTest.cs index 89be7cd52..929be6d73 100644 --- a/crypto/test/src/openpgp/test/PgpMarkerTest.cs +++ b/crypto/test/src/openpgp/test/PgpMarkerTest.cs @@ -1,5 +1,4 @@ using System; -using System.IO; using NUnit.Framework; @@ -85,8 +84,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpMarkerTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpMarkerTest()); } diff --git a/crypto/test/src/openpgp/test/PgpParsingTest.cs b/crypto/test/src/openpgp/test/PgpParsingTest.cs index 78fca7570..6a5688484 100644 --- a/crypto/test/src/openpgp/test/PgpParsingTest.cs +++ b/crypto/test/src/openpgp/test/PgpParsingTest.cs @@ -23,8 +23,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests get { return "PgpParsingTest"; } } - public static void Main( - string[] args) + public static void Main(string[] args) { RunTest(new PgpParsingTest()); } diff --git a/crypto/test/src/openpgp/test/PgpUnicodeTest.cs b/crypto/test/src/openpgp/test/PgpUnicodeTest.cs index 534e8a471..d73e3d7a6 100644 --- a/crypto/test/src/openpgp/test/PgpUnicodeTest.cs +++ b/crypto/test/src/openpgp/test/PgpUnicodeTest.cs @@ -2,7 +2,6 @@ using System.IO; using System.Text; -using NUnit.Core; using NUnit.Framework; using Org.BouncyCastle.Math; @@ -12,6 +11,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests { [TestFixture] public class PgpUnicodeTest + : SimpleTest { private void DoTestKey(BigInteger keyId, string passphrase, bool utf8) { @@ -123,20 +123,21 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests return new PgpSecretKeyRingBundle(SimpleTest.GetTestDataAsStream("openpgp.unicode." + keyName)); } - public static void Main(string[] args) + public override string Name { - Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + get { return "PgpUnicodeTest"; } } - [Suite] - public static TestSuite Suite + public override void PerformTest() { - get - { - TestSuite suite = new TestSuite("Unicode Password Tests"); - suite.Add(new PgpUnicodeTest()); - return suite; - } + TestAsciiPassphrase(); + TestCyrillicPassphrase(); + TestUmlautPassphrase(); + } + + public static void Main(string[] args) + { + RunTest(new PgpUnicodeTest()); } } } diff --git a/crypto/test/src/openpgp/test/RegressionTest.cs b/crypto/test/src/openpgp/test/RegressionTest.cs index 329960bd8..5e978f0ea 100644 --- a/crypto/test/src/openpgp/test/RegressionTest.cs +++ b/crypto/test/src/openpgp/test/RegressionTest.cs @@ -24,15 +24,14 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests new PgpECDsaTest(), new PgpECMessageTest(), new PgpParsingTest(), + new PgpFeaturesTest(), }; - public static void Main( - string[] args) + public static void Main(string[] args) { foreach (ITest test in tests) { - ITestResult result = test.Perform(); - Console.WriteLine(result); + SimpleTest.RunTest(test); } } } |