diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj
index 1685c54d9..572a3cce5 100644
--- a/crypto/crypto.csproj
+++ b/crypto/crypto.csproj
@@ -3644,6 +3644,11 @@
BuildAction = "Compile"
/>
<File
+ RelPath = "src\crypto\engines\SerpentEngineBase.cs"
+ SubType = "Code"
+ BuildAction = "Compile"
+ />
+ <File
RelPath = "src\crypto\engines\SkipjackEngine.cs"
SubType = "Code"
BuildAction = "Compile"
@@ -3659,6 +3664,11 @@
BuildAction = "Compile"
/>
<File
+ RelPath = "src\crypto\engines\TnepresEngine.cs"
+ SubType = "Code"
+ BuildAction = "Compile"
+ />
+ <File
RelPath = "src\crypto\engines\TwofishEngine.cs"
SubType = "Code"
BuildAction = "Compile"
@@ -11760,6 +11770,11 @@
BuildAction = "Compile"
/>
<File
+ RelPath = "test\src\crypto\test\TnepresTest.cs"
+ SubType = "Code"
+ BuildAction = "Compile"
+ />
+ <File
RelPath = "test\src\crypto\test\TwofishTest.cs"
SubType = "Code"
BuildAction = "Compile"
diff --git a/crypto/src/crypto/engines/SerpentEngine.cs b/crypto/src/crypto/engines/SerpentEngine.cs
index 255c204ab..76799f045 100644
--- a/crypto/src/crypto/engines/SerpentEngine.cs
+++ b/crypto/src/crypto/engines/SerpentEngine.cs
@@ -1,117 +1,32 @@
using System;
using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
namespace Org.BouncyCastle.Crypto.Engines
{
/**
- * Serpent is a 128-bit 32-round block cipher with variable key lengths,
- * including 128, 192 and 256 bit keys conjectured to be at least as
- * secure as three-key triple-DES.
- * <p>
- * Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
- * candidate algorithm for the NIST AES Quest.>
- * </p>
- * <p>
- * For full details see the <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
- * </p>
+ * Serpent is a 128-bit 32-round block cipher with variable key lengths,
+ * including 128, 192 and 256 bit keys conjectured to be at least as
+ * secure as three-key triple-DES.
+ * <p>
+ * Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
+ * candidate algorithm for the NIST AES Quest.
+ * </p>
+ * <p>
+ * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
+ * </p>
*/
- public class SerpentEngine
- : IBlockCipher
+ public sealed class SerpentEngine
+ : SerpentEngineBase
{
- private const int BLOCK_SIZE = 16;
-
- static readonly int ROUNDS = 32;
- static readonly int PHI = unchecked((int)0x9E3779B9); // (Sqrt(5) - 1) * 2**31
-
- private bool encrypting;
- private int[] wKey;
-
- private int X0, X1, X2, X3; // registers
-
- /**
- * initialise a Serpent cipher.
- *
- * @param forEncryption whether or not we are for encryption.
- * @param parameters the parameters required to set up the cipher.
- * @exception ArgumentException if the parameters argument is
- * inappropriate.
- */
- public virtual void Init(
- bool forEncryption,
- ICipherParameters parameters)
- {
- if (!(parameters is KeyParameter))
- throw new ArgumentException("invalid parameter passed to Serpent init - " + parameters.GetType().ToString());
-
- this.encrypting = forEncryption;
- this.wKey = MakeWorkingKey(((KeyParameter)parameters).GetKey());
- }
-
- public virtual string AlgorithmName
- {
- get { return "Serpent"; }
- }
-
- public virtual bool IsPartialBlockOkay
- {
- get { return false; }
- }
-
- public virtual int GetBlockSize()
- {
- return BLOCK_SIZE;
- }
-
- /**
- * Process one block of input from the array in and write it to
- * the out array.
- *
- * @param in the array containing the input data.
- * @param inOff offset into the in array the data starts at.
- * @param out the array the output data will be copied into.
- * @param outOff the offset into the out array the output will start at.
- * @exception DataLengthException if there isn't enough data in in, or
- * space in out.
- * @exception InvalidOperationException if the cipher isn't initialised.
- * @return the number of bytes processed and produced.
- */
- public virtual int ProcessBlock(
- byte[] input,
- int inOff,
- byte[] output,
- int outOff)
- {
- if (wKey == null)
- throw new InvalidOperationException("Serpent not initialised");
-
- Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
- Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
-
- if (encrypting)
- {
- EncryptBlock(input, inOff, output, outOff);
- }
- else
- {
- DecryptBlock(input, inOff, output, outOff);
- }
-
- return BLOCK_SIZE;
- }
-
- public virtual void Reset()
- {
- }
-
/**
* Expand a user-supplied key material into a session key.
*
* @param key The user-key bytes (multiples of 4) to use.
* @exception ArgumentException
*/
- private int[] MakeWorkingKey(
- byte[] key)
+ protected override int[] MakeWorkingKey(byte[] key)
{
//
// pad key to 256 bits
@@ -120,14 +35,14 @@ namespace Org.BouncyCastle.Crypto.Engines
int off = 0;
int length = 0;
- for (off = key.Length - 4; off > 0; off -= 4)
+ for (off = 0; (off + 4) < key.Length; off += 4)
{
- kPad[length++] = BytesToWord(key, off);
+ kPad[length++] = (int)Pack.LE_To_UInt32(key, off);
}
- if (off == 0)
+ if (off % 4 == 0)
{
- kPad[length++] = BytesToWord(key, 0);
+ kPad[length++] = (int)Pack.LE_To_UInt32(key, off);
if (length < 8)
{
kPad[length] = 1;
@@ -235,57 +150,20 @@ namespace Org.BouncyCastle.Crypto.Engines
return w;
}
- private int RotateLeft(
- int x,
- int bits)
- {
- return ((x << bits) | (int) ((uint)x >> (32 - bits)));
- }
-
- private int RotateRight(
- int x,
- int bits)
- {
- return ( (int)((uint)x >> bits) | (x << (32 - bits)));
- }
-
- private int BytesToWord(
- byte[] src,
- int srcOff)
- {
- return (((src[srcOff] & 0xff) << 24) | ((src[srcOff + 1] & 0xff) << 16) |
- ((src[srcOff + 2] & 0xff) << 8) | ((src[srcOff + 3] & 0xff)));
- }
-
- private void WordToBytes(
- int word,
- byte[] dst,
- int dstOff)
- {
- dst[dstOff + 3] = (byte)(word);
- dst[dstOff + 2] = (byte)((uint)word >> 8);
- dst[dstOff + 1] = (byte)((uint)word >> 16);
- dst[dstOff] = (byte)((uint)word >> 24);
- }
-
/**
* Encrypt one block of plaintext.
*
- * @param in the array containing the input data.
+ * @param input the array containing the input data.
* @param inOff offset into the in array the data starts at.
- * @param out the array the output data will be copied into.
+ * @param output the array the output data will be copied into.
* @param outOff the offset into the out array the output will start at.
*/
- private void EncryptBlock(
- byte[] input,
- int inOff,
- byte[] outBytes,
- int outOff)
+ protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
- X3 = BytesToWord(input, inOff);
- X2 = BytesToWord(input, inOff + 4);
- X1 = BytesToWord(input, inOff + 8);
- X0 = BytesToWord(input, inOff + 12);
+ X0 = (int)Pack.LE_To_UInt32(input, inOff);
+ X1 = (int)Pack.LE_To_UInt32(input, inOff + 4);
+ X2 = (int)Pack.LE_To_UInt32(input, inOff + 8);
+ X3 = (int)Pack.LE_To_UInt32(input, inOff + 12);
Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
@@ -320,30 +198,26 @@ namespace Org.BouncyCastle.Crypto.Engines
Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
- WordToBytes(wKey[131] ^ X3, outBytes, outOff);
- WordToBytes(wKey[130] ^ X2, outBytes, outOff + 4);
- WordToBytes(wKey[129] ^ X1, outBytes, outOff + 8);
- WordToBytes(wKey[128] ^ X0, outBytes, outOff + 12);
+ Pack.UInt32_To_LE((uint)(wKey[128] ^ X0), output, outOff);
+ Pack.UInt32_To_LE((uint)(wKey[129] ^ X1), output, outOff + 4);
+ Pack.UInt32_To_LE((uint)(wKey[130] ^ X2), output, outOff + 8);
+ Pack.UInt32_To_LE((uint)(wKey[131] ^ X3), output, outOff + 12);
}
/**
* Decrypt one block of ciphertext.
*
- * @param in the array containing the input data.
+ * @param input the array containing the input data.
* @param inOff offset into the in array the data starts at.
- * @param out the array the output data will be copied into.
+ * @param output the array the output data will be copied into.
* @param outOff the offset into the out array the output will start at.
*/
- private void DecryptBlock(
- byte[] input,
- int inOff,
- byte[] outBytes,
- int outOff)
+ protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
{
- X3 = wKey[131] ^ BytesToWord(input, inOff);
- X2 = wKey[130] ^ BytesToWord(input, inOff + 4);
- X1 = wKey[129] ^ BytesToWord(input, inOff + 8);
- X0 = wKey[128] ^ BytesToWord(input, inOff + 12);
+ X0 = wKey[128] ^ (int)Pack.LE_To_UInt32(input, inOff);
+ X1 = wKey[129] ^ (int)Pack.LE_To_UInt32(input, inOff + 4);
+ X2 = wKey[130] ^ (int)Pack.LE_To_UInt32(input, inOff + 8);
+ X3 = wKey[131] ^ (int)Pack.LE_To_UInt32(input, inOff + 12);
Ib7(X0, X1, X2, X3);
X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
@@ -409,369 +283,10 @@ namespace Org.BouncyCastle.Crypto.Engines
X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
InverseLT(); Ib0(X0, X1, X2, X3);
- WordToBytes(X3 ^ wKey[3], outBytes, outOff);
- WordToBytes(X2 ^ wKey[2], outBytes, outOff + 4);
- WordToBytes(X1 ^ wKey[1], outBytes, outOff + 8);
- WordToBytes(X0 ^ wKey[0], outBytes, outOff + 12);
- }
-
- /*
- * The sboxes below are based on the work of Brian Gladman and
- * Sam Simpson, whose original notice appears below.
- * <p>
- * For further details see:
- * http://fp.gladman.plus.com/cryptography_technology/serpent/
- * </p>
- */
-
- /* Partially optimised Serpent S Box bool functions derived */
- /* using a recursive descent analyser but without a full search */
- /* of all subtrees. This set of S boxes is the result of work */
- /* by Sam Simpson and Brian Gladman using the spare time on a */
- /* cluster of high capacity servers to search for S boxes with */
- /* this customised search engine. There are now an average of */
- /* 15.375 terms per S box. */
- /* */
- /* Copyright: Dr B. R Gladman (gladman@seven77.demon.co.uk) */
- /* and Sam Simpson (s.simpson@mia.co.uk) */
- /* 17th December 1998 */
- /* */
- /* We hereby give permission for information in this file to be */
- /* used freely subject only to acknowledgement of its origin. */
-
- /**
- * S0 - { 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12 } - 15 terms.
- */
- private void Sb0(int a, int b, int c, int d)
- {
- int t1 = a ^ d;
- int t3 = c ^ t1;
- int t4 = b ^ t3;
- X3 = (a & d) ^ t4;
- int t7 = a ^ (b & t1);
- X2 = t4 ^ (c | t7);
- int t12 = X3 & (t3 ^ t7);
- X1 = (~t3) ^ t12;
- X0 = t12 ^ (~t7);
- }
-
- /**
- * InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms.
- */
- private void Ib0(int a, int b, int c, int d)
- {
- int t1 = ~a;
- int t2 = a ^ b;
- int t4 = d ^ (t1 | t2);
- int t5 = c ^ t4;
- X2 = t2 ^ t5;
- int t8 = t1 ^ (d & t2);
- X1 = t4 ^ (X2 & t8);
- X3 = (a & t4) ^ (t5 | X1);
- X0 = X3 ^ (t5 ^ t8);
- }
-
- /**
- * S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms.
- */
- private void Sb1(int a, int b, int c, int d)
- {
- int t2 = b ^ (~a);
- int t5 = c ^ (a | t2);
- X2 = d ^ t5;
- int t7 = b ^ (d | t2);
- int t8 = t2 ^ X2;
- X3 = t8 ^ (t5 & t7);
- int t11 = t5 ^ t7;
- X1 = X3 ^ t11;
- X0 = t5 ^ (t8 & t11);
- }
-
- /**
- * InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps.
- */
- private void Ib1(int a, int b, int c, int d)
- {
- int t1 = b ^ d;
- int t3 = a ^ (b & t1);
- int t4 = t1 ^ t3;
- X3 = c ^ t4;
- int t7 = b ^ (t1 & t3);
- int t8 = X3 | t7;
- X1 = t3 ^ t8;
- int t10 = ~X1;
- int t11 = X3 ^ t7;
- X0 = t10 ^ t11;
- X2 = t4 ^ (t10 | t11);
- }
-
- /**
- * S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms.
- */
- private void Sb2(int a, int b, int c, int d)
- {
- int t1 = ~a;
- int t2 = b ^ d;
- int t3 = c & t1;
- X0 = t2 ^ t3;
- int t5 = c ^ t1;
- int t6 = c ^ X0;
- int t7 = b & t6;
- X3 = t5 ^ t7;
- X2 = a ^ ((d | t7) & (X0 | t5));
- X1 = (t2 ^ X3) ^ (X2 ^ (d | t1));
- }
-
- /**
- * InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps.
- */
- private void Ib2(int a, int b, int c, int d)
- {
- int t1 = b ^ d;
- int t2 = ~t1;
- int t3 = a ^ c;
- int t4 = c ^ t1;
- int t5 = b & t4;
- X0 = t3 ^ t5;
- int t7 = a | t2;
- int t8 = d ^ t7;
- int t9 = t3 | t8;
- X3 = t1 ^ t9;
- int t11 = ~t4;
- int t12 = X0 | X3;
- X1 = t11 ^ t12;
- X2 = (d & t11) ^ (t3 ^ t12);
- }
-
- /**
- * S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms.
- */
- private void Sb3(int a, int b, int c, int d)
- {
- int t1 = a ^ b;
- int t2 = a & c;
- int t3 = a | d;
- int t4 = c ^ d;
- int t5 = t1 & t3;
- int t6 = t2 | t5;
- X2 = t4 ^ t6;
- int t8 = b ^ t3;
- int t9 = t6 ^ t8;
- int t10 = t4 & t9;
- X0 = t1 ^ t10;
- int t12 = X2 & X0;
- X1 = t9 ^ t12;
- X3 = (b | d) ^ (t4 ^ t12);
- }
-
- /**
- * InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms
- */
- private void Ib3(int a, int b, int c, int d)
- {
- int t1 = a | b;
- int t2 = b ^ c;
- int t3 = b & t2;
- int t4 = a ^ t3;
- int t5 = c ^ t4;
- int t6 = d | t4;
- X0 = t2 ^ t6;
- int t8 = t2 | t6;
- int t9 = d ^ t8;
- X2 = t5 ^ t9;
- int t11 = t1 ^ t9;
- int t12 = X0 & t11;
- X3 = t4 ^ t12;
- X1 = X3 ^ (X0 ^ t11);
- }
-
- /**
- * S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms.
- */
- private void Sb4(int a, int b, int c, int d)
- {
- int t1 = a ^ d;
- int t2 = d & t1;
- int t3 = c ^ t2;
- int t4 = b | t3;
- X3 = t1 ^ t4;
- int t6 = ~b;
- int t7 = t1 | t6;
- X0 = t3 ^ t7;
- int t9 = a & X0;
- int t10 = t1 ^ t6;
- int t11 = t4 & t10;
- X2 = t9 ^ t11;
- X1 = (a ^ t3) ^ (t10 & X2);
- }
-
- /**
- * InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms.
- */
- private void Ib4(int a, int b, int c, int d)
- {
- int t1 = c | d;
- int t2 = a & t1;
- int t3 = b ^ t2;
- int t4 = a & t3;
- int t5 = c ^ t4;
- X1 = d ^ t5;
- int t7 = ~a;
- int t8 = t5 & X1;
- X3 = t3 ^ t8;
- int t10 = X1 | t7;
- int t11 = d ^ t10;
- X0 = X3 ^ t11;
- X2 = (t3 & t11) ^ (X1 ^ t7);
- }
-
- /**
- * S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms.
- */
- private void Sb5(int a, int b, int c, int d)
- {
- int t1 = ~a;
- int t2 = a ^ b;
- int t3 = a ^ d;
- int t4 = c ^ t1;
- int t5 = t2 | t3;
- X0 = t4 ^ t5;
- int t7 = d & X0;
- int t8 = t2 ^ X0;
- X1 = t7 ^ t8;
- int t10 = t1 | X0;
- int t11 = t2 | t7;
- int t12 = t3 ^ t10;
- X2 = t11 ^ t12;
- X3 = (b ^ t7) ^ (X1 & t12);
- }
-
- /**
- * InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms.
- */
- private void Ib5(int a, int b, int c, int d)
- {
- int t1 = ~c;
- int t2 = b & t1;
- int t3 = d ^ t2;
- int t4 = a & t3;
- int t5 = b ^ t1;
- X3 = t4 ^ t5;
- int t7 = b | X3;
- int t8 = a & t7;
- X1 = t3 ^ t8;
- int t10 = a | d;
- int t11 = t1 ^ t7;
- X0 = t10 ^ t11;
- X2 = (b & t10) ^ (t4 | (a ^ c));
- }
-
- /**
- * S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms.
- */
- private void Sb6(int a, int b, int c, int d)
- {
- int t1 = ~a;
- int t2 = a ^ d;
- int t3 = b ^ t2;
- int t4 = t1 | t2;
- int t5 = c ^ t4;
- X1 = b ^ t5;
- int t7 = t2 | X1;
- int t8 = d ^ t7;
- int t9 = t5 & t8;
- X2 = t3 ^ t9;
- int t11 = t5 ^ t8;
- X0 = X2 ^ t11;
- X3 = (~t5) ^ (t3 & t11);
- }
-
- /**
- * InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms.
- */
- private void Ib6(int a, int b, int c, int d)
- {
- int t1 = ~a;
- int t2 = a ^ b;
- int t3 = c ^ t2;
- int t4 = c | t1;
- int t5 = d ^ t4;
- X1 = t3 ^ t5;
- int t7 = t3 & t5;
- int t8 = t2 ^ t7;
- int t9 = b | t8;
- X3 = t5 ^ t9;
- int t11 = b | X3;
- X0 = t8 ^ t11;
- X2 = (d & t1) ^ (t3 ^ t11);
- }
-
- /**
- * S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms.
- */
- private void Sb7(int a, int b, int c, int d)
- {
- int t1 = b ^ c;
- int t2 = c & t1;
- int t3 = d ^ t2;
- int t4 = a ^ t3;
- int t5 = d | t1;
- int t6 = t4 & t5;
- X1 = b ^ t6;
- int t8 = t3 | X1;
- int t9 = a & t4;
- X3 = t1 ^ t9;
- int t11 = t4 ^ t8;
- int t12 = X3 & t11;
- X2 = t3 ^ t12;
- X0 = (~t11) ^ (X3 & X2);
- }
-
- /**
- * InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms.
- */
- private void Ib7(int a, int b, int c, int d)
- {
- int t3 = c | (a & b);
- int t4 = d & (a | b);
- X3 = t3 ^ t4;
- int t6 = ~d;
- int t7 = b ^ t4;
- int t9 = t7 | (X3 ^ t6);
- X1 = a ^ t9;
- X0 = (c ^ t7) ^ (d | X1);
- X2 = (t3 ^ X1) ^ (X0 ^ (a & X3));
- }
-
- /**
- * Apply the linear transformation to the register set.
- */
- private void LT()
- {
- int x0 = RotateLeft(X0, 13);
- int x2 = RotateLeft(X2, 3);
- int x1 = X1 ^ x0 ^ x2 ;
- int x3 = X3 ^ x2 ^ x0 << 3;
-
- X1 = RotateLeft(x1, 1);
- X3 = RotateLeft(x3, 7);
- X0 = RotateLeft(x0 ^ X1 ^ X3, 5);
- X2 = RotateLeft(x2 ^ X3 ^ (X1 << 7), 22);
- }
-
- /**
- * Apply the inverse of the linear transformation to the register set.
- */
- private void InverseLT()
- {
- int x2 = RotateRight(X2, 22) ^ X3 ^ (X1 << 7);
- int x0 = RotateRight(X0, 5) ^ X1 ^ X3;
- int x3 = RotateRight(X3, 7);
- int x1 = RotateRight(X1, 1);
- X3 = x3 ^ x2 ^ x0 << 3;
- X1 = x1 ^ x0 ^ x2;
- X2 = RotateRight(x2, 3);
- X0 = RotateRight(x0, 13);
+ Pack.UInt32_To_LE((uint)(X0 ^ wKey[0]), output, outOff);
+ Pack.UInt32_To_LE((uint)(X1 ^ wKey[1]), output, outOff + 4);
+ Pack.UInt32_To_LE((uint)(X2 ^ wKey[2]), output, outOff + 8);
+ Pack.UInt32_To_LE((uint)(X3 ^ wKey[3]), output, outOff + 12);
}
}
}
diff --git a/crypto/src/crypto/engines/SerpentEngineBase.cs b/crypto/src/crypto/engines/SerpentEngineBase.cs
new file mode 100644
index 000000000..a4c686922
--- /dev/null
+++ b/crypto/src/crypto/engines/SerpentEngineBase.cs
@@ -0,0 +1,467 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+ public abstract class SerpentEngineBase
+ : IBlockCipher
+ {
+ protected static readonly int BlockSize = 16;
+
+ internal const int ROUNDS = 32;
+ internal const int PHI = unchecked((int)0x9E3779B9); // (sqrt(5) - 1) * 2**31
+
+ protected bool encrypting;
+ protected int[] wKey;
+
+ protected int X0, X1, X2, X3; // registers
+
+ protected SerpentEngineBase()
+ {
+ }
+
+ /**
+ * initialise a Serpent cipher.
+ *
+ * @param encrypting whether or not we are for encryption.
+ * @param params the parameters required to set up the cipher.
+ * @throws IllegalArgumentException if the params argument is
+ * inappropriate.
+ */
+ public virtual void Init(bool encrypting, ICipherParameters parameters)
+ {
+ if (!(parameters is KeyParameter))
+ throw new ArgumentException("invalid parameter passed to " + AlgorithmName + " init - " + parameters.GetType().ToString());
+
+ this.encrypting = encrypting;
+ this.wKey = MakeWorkingKey(((KeyParameter)parameters).GetKey());
+ }
+
+ public virtual string AlgorithmName
+ {
+ get { return "Serpent"; }
+ }
+
+ public virtual bool IsPartialBlockOkay
+ {
+ get { return false; }
+ }
+
+ public virtual int GetBlockSize()
+ {
+ return BlockSize;
+ }
+
+ /**
+ * Process one block of input from the array in and write it to
+ * the out array.
+ *
+ * @param in the array containing the input data.
+ * @param inOff offset into the in array the data starts at.
+ * @param out the array the output data will be copied into.
+ * @param outOff the offset into the out array the output will start at.
+ * @return the number of bytes processed and produced.
+ * @throws DataLengthException if there isn't enough data in in, or
+ * space in out.
+ * @throws IllegalStateException if the cipher isn't initialised.
+ */
+ public int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff)
+ {
+ if (wKey == null)
+ throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+ Check.DataLength(input, inOff, BlockSize, "input buffer too short");
+ Check.OutputLength(output, outOff, BlockSize, "output buffer too short");
+
+ if (encrypting)
+ {
+ EncryptBlock(input, inOff, output, outOff);
+ }
+ else
+ {
+ DecryptBlock(input, inOff, output, outOff);
+ }
+
+ return BlockSize;
+ }
+
+ public virtual void Reset()
+ {
+ }
+
+ protected static int RotateLeft(int x, int bits)
+ {
+ return ((x << bits) | (int) ((uint)x >> (32 - bits)));
+ }
+
+ private static int RotateRight(int x, int bits)
+ {
+ return ( (int)((uint)x >> bits) | (x << (32 - bits)));
+ }
+
+ /**
+ * The sboxes below are based on the work of Brian Gladman and
+ * Sam Simpson, whose original notice appears below.
+ * <p>
+ * For further details see:
+ * http://fp.gladman.plus.com/cryptography_technology/serpent/
+ */
+
+ /* Partially optimised Serpent S Box boolean functions derived */
+ /* using a recursive descent analyser but without a full search */
+ /* of all subtrees. This set of S boxes is the result of work */
+ /* by Sam Simpson and Brian Gladman using the spare time on a */
+ /* cluster of high capacity servers to search for S boxes with */
+ /* this customised search engine. There are now an average of */
+ /* 15.375 terms per S box. */
+ /* */
+ /* Copyright: Dr B. R Gladman (gladman@seven77.demon.co.uk) */
+ /* and Sam Simpson (s.simpson@mia.co.uk) */
+ /* 17th December 1998 */
+ /* */
+ /* We hereby give permission for information in this file to be */
+ /* used freely subject only to acknowledgement of its origin. */
+
+ /**
+ * S0 - { 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12 } - 15 terms.
+ */
+ protected void Sb0(int a, int b, int c, int d)
+ {
+ int t1 = a ^ d;
+ int t3 = c ^ t1;
+ int t4 = b ^ t3;
+ X3 = (a & d) ^ t4;
+ int t7 = a ^ (b & t1);
+ X2 = t4 ^ (c | t7);
+ int t12 = X3 & (t3 ^ t7);
+ X1 = (~t3) ^ t12;
+ X0 = t12 ^ (~t7);
+ }
+
+ /**
+ * InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms.
+ */
+ protected void Ib0(int a, int b, int c, int d)
+ {
+ int t1 = ~a;
+ int t2 = a ^ b;
+ int t4 = d ^ (t1 | t2);
+ int t5 = c ^ t4;
+ X2 = t2 ^ t5;
+ int t8 = t1 ^ (d & t2);
+ X1 = t4 ^ (X2 & t8);
+ X3 = (a & t4) ^ (t5 | X1);
+ X0 = X3 ^ (t5 ^ t8);
+ }
+
+ /**
+ * S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms.
+ */
+ protected void Sb1(int a, int b, int c, int d)
+ {
+ int t2 = b ^ (~a);
+ int t5 = c ^ (a | t2);
+ X2 = d ^ t5;
+ int t7 = b ^ (d | t2);
+ int t8 = t2 ^ X2;
+ X3 = t8 ^ (t5 & t7);
+ int t11 = t5 ^ t7;
+ X1 = X3 ^ t11;
+ X0 = t5 ^ (t8 & t11);
+ }
+
+ /**
+ * InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps.
+ */
+ protected void Ib1(int a, int b, int c, int d)
+ {
+ int t1 = b ^ d;
+ int t3 = a ^ (b & t1);
+ int t4 = t1 ^ t3;
+ X3 = c ^ t4;
+ int t7 = b ^ (t1 & t3);
+ int t8 = X3 | t7;
+ X1 = t3 ^ t8;
+ int t10 = ~X1;
+ int t11 = X3 ^ t7;
+ X0 = t10 ^ t11;
+ X2 = t4 ^ (t10 | t11);
+ }
+
+ /**
+ * S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms.
+ */
+ protected void Sb2(int a, int b, int c, int d)
+ {
+ int t1 = ~a;
+ int t2 = b ^ d;
+ int t3 = c & t1;
+ X0 = t2 ^ t3;
+ int t5 = c ^ t1;
+ int t6 = c ^ X0;
+ int t7 = b & t6;
+ X3 = t5 ^ t7;
+ X2 = a ^ ((d | t7) & (X0 | t5));
+ X1 = (t2 ^ X3) ^ (X2 ^ (d | t1));
+ }
+
+ /**
+ * InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps.
+ */
+ protected void Ib2(int a, int b, int c, int d)
+ {
+ int t1 = b ^ d;
+ int t2 = ~t1;
+ int t3 = a ^ c;
+ int t4 = c ^ t1;
+ int t5 = b & t4;
+ X0 = t3 ^ t5;
+ int t7 = a | t2;
+ int t8 = d ^ t7;
+ int t9 = t3 | t8;
+ X3 = t1 ^ t9;
+ int t11 = ~t4;
+ int t12 = X0 | X3;
+ X1 = t11 ^ t12;
+ X2 = (d & t11) ^ (t3 ^ t12);
+ }
+
+ /**
+ * S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms.
+ */
+ protected void Sb3(int a, int b, int c, int d)
+ {
+ int t1 = a ^ b;
+ int t2 = a & c;
+ int t3 = a | d;
+ int t4 = c ^ d;
+ int t5 = t1 & t3;
+ int t6 = t2 | t5;
+ X2 = t4 ^ t6;
+ int t8 = b ^ t3;
+ int t9 = t6 ^ t8;
+ int t10 = t4 & t9;
+ X0 = t1 ^ t10;
+ int t12 = X2 & X0;
+ X1 = t9 ^ t12;
+ X3 = (b | d) ^ (t4 ^ t12);
+ }
+
+ /**
+ * InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms
+ */
+ protected void Ib3(int a, int b, int c, int d)
+ {
+ int t1 = a | b;
+ int t2 = b ^ c;
+ int t3 = b & t2;
+ int t4 = a ^ t3;
+ int t5 = c ^ t4;
+ int t6 = d | t4;
+ X0 = t2 ^ t6;
+ int t8 = t2 | t6;
+ int t9 = d ^ t8;
+ X2 = t5 ^ t9;
+ int t11 = t1 ^ t9;
+ int t12 = X0 & t11;
+ X3 = t4 ^ t12;
+ X1 = X3 ^ (X0 ^ t11);
+ }
+
+ /**
+ * S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms.
+ */
+ protected void Sb4(int a, int b, int c, int d)
+ {
+ int t1 = a ^ d;
+ int t2 = d & t1;
+ int t3 = c ^ t2;
+ int t4 = b | t3;
+ X3 = t1 ^ t4;
+ int t6 = ~b;
+ int t7 = t1 | t6;
+ X0 = t3 ^ t7;
+ int t9 = a & X0;
+ int t10 = t1 ^ t6;
+ int t11 = t4 & t10;
+ X2 = t9 ^ t11;
+ X1 = (a ^ t3) ^ (t10 & X2);
+ }
+
+ /**
+ * InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms.
+ */
+ protected void Ib4(int a, int b, int c, int d)
+ {
+ int t1 = c | d;
+ int t2 = a & t1;
+ int t3 = b ^ t2;
+ int t4 = a & t3;
+ int t5 = c ^ t4;
+ X1 = d ^ t5;
+ int t7 = ~a;
+ int t8 = t5 & X1;
+ X3 = t3 ^ t8;
+ int t10 = X1 | t7;
+ int t11 = d ^ t10;
+ X0 = X3 ^ t11;
+ X2 = (t3 & t11) ^ (X1 ^ t7);
+ }
+
+ /**
+ * S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms.
+ */
+ protected void Sb5(int a, int b, int c, int d)
+ {
+ int t1 = ~a;
+ int t2 = a ^ b;
+ int t3 = a ^ d;
+ int t4 = c ^ t1;
+ int t5 = t2 | t3;
+ X0 = t4 ^ t5;
+ int t7 = d & X0;
+ int t8 = t2 ^ X0;
+ X1 = t7 ^ t8;
+ int t10 = t1 | X0;
+ int t11 = t2 | t7;
+ int t12 = t3 ^ t10;
+ X2 = t11 ^ t12;
+ X3 = (b ^ t7) ^ (X1 & t12);
+ }
+
+ /**
+ * InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms.
+ */
+ protected void Ib5(int a, int b, int c, int d)
+ {
+ int t1 = ~c;
+ int t2 = b & t1;
+ int t3 = d ^ t2;
+ int t4 = a & t3;
+ int t5 = b ^ t1;
+ X3 = t4 ^ t5;
+ int t7 = b | X3;
+ int t8 = a & t7;
+ X1 = t3 ^ t8;
+ int t10 = a | d;
+ int t11 = t1 ^ t7;
+ X0 = t10 ^ t11;
+ X2 = (b & t10) ^ (t4 | (a ^ c));
+ }
+
+ /**
+ * S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms.
+ */
+ protected void Sb6(int a, int b, int c, int d)
+ {
+ int t1 = ~a;
+ int t2 = a ^ d;
+ int t3 = b ^ t2;
+ int t4 = t1 | t2;
+ int t5 = c ^ t4;
+ X1 = b ^ t5;
+ int t7 = t2 | X1;
+ int t8 = d ^ t7;
+ int t9 = t5 & t8;
+ X2 = t3 ^ t9;
+ int t11 = t5 ^ t8;
+ X0 = X2 ^ t11;
+ X3 = (~t5) ^ (t3 & t11);
+ }
+
+ /**
+ * InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms.
+ */
+ protected void Ib6(int a, int b, int c, int d)
+ {
+ int t1 = ~a;
+ int t2 = a ^ b;
+ int t3 = c ^ t2;
+ int t4 = c | t1;
+ int t5 = d ^ t4;
+ X1 = t3 ^ t5;
+ int t7 = t3 & t5;
+ int t8 = t2 ^ t7;
+ int t9 = b | t8;
+ X3 = t5 ^ t9;
+ int t11 = b | X3;
+ X0 = t8 ^ t11;
+ X2 = (d & t1) ^ (t3 ^ t11);
+ }
+
+ /**
+ * S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms.
+ */
+ protected void Sb7(int a, int b, int c, int d)
+ {
+ int t1 = b ^ c;
+ int t2 = c & t1;
+ int t3 = d ^ t2;
+ int t4 = a ^ t3;
+ int t5 = d | t1;
+ int t6 = t4 & t5;
+ X1 = b ^ t6;
+ int t8 = t3 | X1;
+ int t9 = a & t4;
+ X3 = t1 ^ t9;
+ int t11 = t4 ^ t8;
+ int t12 = X3 & t11;
+ X2 = t3 ^ t12;
+ X0 = (~t11) ^ (X3 & X2);
+ }
+
+ /**
+ * InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms.
+ */
+ protected void Ib7(int a, int b, int c, int d)
+ {
+ int t3 = c | (a & b);
+ int t4 = d & (a | b);
+ X3 = t3 ^ t4;
+ int t6 = ~d;
+ int t7 = b ^ t4;
+ int t9 = t7 | (X3 ^ t6);
+ X1 = a ^ t9;
+ X0 = (c ^ t7) ^ (d | X1);
+ X2 = (t3 ^ X1) ^ (X0 ^ (a & X3));
+ }
+
+ /**
+ * Apply the linear transformation to the register set.
+ */
+ protected void LT()
+ {
+ int x0 = RotateLeft(X0, 13);
+ int x2 = RotateLeft(X2, 3);
+ int x1 = X1 ^ x0 ^ x2;
+ int x3 = X3 ^ x2 ^ x0 << 3;
+
+ X1 = RotateLeft(x1, 1);
+ X3 = RotateLeft(x3, 7);
+ X0 = RotateLeft(x0 ^ X1 ^ X3, 5);
+ X2 = RotateLeft(x2 ^ X3 ^ (X1 << 7), 22);
+ }
+
+ /**
+ * Apply the inverse of the linear transformation to the register set.
+ */
+ protected void InverseLT()
+ {
+ int x2 = RotateRight(X2, 22) ^ X3 ^ (X1 << 7);
+ int x0 = RotateRight(X0, 5) ^ X1 ^ X3;
+ int x3 = RotateRight(X3, 7);
+ int x1 = RotateRight(X1, 1);
+ X3 = x3 ^ x2 ^ x0 << 3;
+ X1 = x1 ^ x0 ^ x2;
+ X2 = RotateRight(x2, 3);
+ X0 = RotateRight(x0, 13);
+ }
+
+ protected abstract int[] MakeWorkingKey(byte[] key);
+
+ protected abstract void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff);
+
+ protected abstract void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff);
+ }
+}
diff --git a/crypto/src/crypto/engines/TnepresEngine.cs b/crypto/src/crypto/engines/TnepresEngine.cs
new file mode 100644
index 000000000..ce687d1e5
--- /dev/null
+++ b/crypto/src/crypto/engines/TnepresEngine.cs
@@ -0,0 +1,299 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+ /**
+ * Tnepres is a 128-bit 32-round block cipher with variable key lengths,
+ * including 128, 192 and 256 bit keys conjectured to be at least as
+ * secure as three-key triple-DES.
+ * <p>
+ * Tnepres is based on Serpent which was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
+ * candidate algorithm for the NIST AES Quest. Unfortunately there was an endianness issue
+ * with test vectors in the AES submission and the resulting confusion lead to the Tnepres cipher
+ * as well, which is a byte swapped version of Serpent.
+ * </p>
+ * <p>
+ * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
+ * </p>
+ */
+ public sealed class TnepresEngine
+ : SerpentEngineBase
+ {
+ public override string AlgorithmName
+ {
+ get { return "Tnepres"; }
+ }
+
+ /**
+ * Expand a user-supplied key material into a session key.
+ *
+ * @param key The user-key bytes (multiples of 4) to use.
+ * @exception ArgumentException
+ */
+ protected override int[] MakeWorkingKey(byte[] key)
+ {
+ //
+ // pad key to 256 bits
+ //
+ int[] kPad = new int[16];
+ int off = 0;
+ int length = 0;
+
+ for (off = key.Length - 4; off > 0; off -= 4)
+ {
+ kPad[length++] = (int)Pack.BE_To_UInt32(key, off);
+ }
+
+ if (off == 0)
+ {
+ kPad[length++] = (int)Pack.BE_To_UInt32(key, 0);
+ if (length < 8)
+ {
+ kPad[length] = 1;
+ }
+ }
+ else
+ {
+ throw new ArgumentException("key must be a multiple of 4 bytes");
+ }
+
+ //
+ // expand the padded key up to 33 x 128 bits of key material
+ //
+ int amount = (ROUNDS + 1) * 4;
+ int[] w = new int[amount];
+
+ //
+ // compute w0 to w7 from w-8 to w-1
+ //
+ for (int i = 8; i < 16; i++)
+ {
+ kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
+ }
+
+ Array.Copy(kPad, 8, w, 0, 8);
+
+ //
+ // compute w8 to w136
+ //
+ for (int i = 8; i < amount; i++)
+ {
+ w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
+ }
+
+ //
+ // create the working keys by processing w with the Sbox and IP
+ //
+ Sb3(w[0], w[1], w[2], w[3]);
+ w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3;
+ Sb2(w[4], w[5], w[6], w[7]);
+ w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3;
+ Sb1(w[8], w[9], w[10], w[11]);
+ w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3;
+ Sb0(w[12], w[13], w[14], w[15]);
+ w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3;
+ Sb7(w[16], w[17], w[18], w[19]);
+ w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3;
+ Sb6(w[20], w[21], w[22], w[23]);
+ w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3;
+ Sb5(w[24], w[25], w[26], w[27]);
+ w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3;
+ Sb4(w[28], w[29], w[30], w[31]);
+ w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3;
+ Sb3(w[32], w[33], w[34], w[35]);
+ w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3;
+ Sb2(w[36], w[37], w[38], w[39]);
+ w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3;
+ Sb1(w[40], w[41], w[42], w[43]);
+ w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3;
+ Sb0(w[44], w[45], w[46], w[47]);
+ w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3;
+ Sb7(w[48], w[49], w[50], w[51]);
+ w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3;
+ Sb6(w[52], w[53], w[54], w[55]);
+ w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3;
+ Sb5(w[56], w[57], w[58], w[59]);
+ w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3;
+ Sb4(w[60], w[61], w[62], w[63]);
+ w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3;
+ Sb3(w[64], w[65], w[66], w[67]);
+ w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3;
+ Sb2(w[68], w[69], w[70], w[71]);
+ w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3;
+ Sb1(w[72], w[73], w[74], w[75]);
+ w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3;
+ Sb0(w[76], w[77], w[78], w[79]);
+ w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3;
+ Sb7(w[80], w[81], w[82], w[83]);
+ w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3;
+ Sb6(w[84], w[85], w[86], w[87]);
+ w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3;
+ Sb5(w[88], w[89], w[90], w[91]);
+ w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3;
+ Sb4(w[92], w[93], w[94], w[95]);
+ w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3;
+ Sb3(w[96], w[97], w[98], w[99]);
+ w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3;
+ Sb2(w[100], w[101], w[102], w[103]);
+ w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3;
+ Sb1(w[104], w[105], w[106], w[107]);
+ w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3;
+ Sb0(w[108], w[109], w[110], w[111]);
+ w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3;
+ Sb7(w[112], w[113], w[114], w[115]);
+ w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3;
+ Sb6(w[116], w[117], w[118], w[119]);
+ w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3;
+ Sb5(w[120], w[121], w[122], w[123]);
+ w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3;
+ Sb4(w[124], w[125], w[126], w[127]);
+ w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3;
+ Sb3(w[128], w[129], w[130], w[131]);
+ w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3;
+
+ return w;
+ }
+
+ /**
+ * Encrypt one block of plaintext.
+ *
+ * @param input the array containing the input data.
+ * @param inOff offset into the in array the data starts at.
+ * @param output the array the output data will be copied into.
+ * @param outOff the offset into the out array the output will start at.
+ */
+ protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+ {
+ X3 = (int)Pack.BE_To_UInt32(input, inOff);
+ X2 = (int)Pack.BE_To_UInt32(input, inOff + 4);
+ X1 = (int)Pack.BE_To_UInt32(input, inOff + 8);
+ X0 = (int)Pack.BE_To_UInt32(input, inOff + 12);
+
+ Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
+ Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
+ Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT();
+ Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT();
+ Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT();
+ Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT();
+ Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT();
+ Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT();
+ Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT();
+ Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT();
+ Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT();
+ Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT();
+ Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT();
+ Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT();
+ Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT();
+ Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT();
+ Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT();
+ Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT();
+ Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT();
+ Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT();
+ Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT();
+ Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT();
+ Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT();
+ Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT();
+ Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT();
+ Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT();
+ Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT();
+ Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT();
+ Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT();
+ Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT();
+ Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
+ Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
+
+ Pack.UInt32_To_BE((uint)(wKey[131] ^ X3), output, outOff);
+ Pack.UInt32_To_BE((uint)(wKey[130] ^ X2), output, outOff + 4);
+ Pack.UInt32_To_BE((uint)(wKey[129] ^ X1), output, outOff + 8);
+ Pack.UInt32_To_BE((uint)(wKey[128] ^ X0), output, outOff + 12);
+ }
+
+ /**
+ * Decrypt one block of ciphertext.
+ *
+ * @param input the array containing the input data.
+ * @param inOff offset into the in array the data starts at.
+ * @param output the array the output data will be copied into.
+ * @param outOff the offset into the out array the output will start at.
+ */
+ protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+ {
+ X3 = wKey[131] ^ (int)Pack.BE_To_UInt32(input, inOff);
+ X2 = wKey[130] ^ (int)Pack.BE_To_UInt32(input, inOff + 4);
+ X1 = wKey[129] ^ (int)Pack.BE_To_UInt32(input, inOff + 8);
+ X0 = wKey[128] ^ (int)Pack.BE_To_UInt32(input, inOff + 12);
+
+ Ib7(X0, X1, X2, X3);
+ X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
+ InverseLT(); Ib6(X0, X1, X2, X3);
+ X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
+ InverseLT(); Ib5(X0, X1, X2, X3);
+ X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
+ InverseLT(); Ib4(X0, X1, X2, X3);
+ X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
+ InverseLT(); Ib3(X0, X1, X2, X3);
+ X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
+ InverseLT(); Ib2(X0, X1, X2, X3);
+ X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
+ InverseLT(); Ib1(X0, X1, X2, X3);
+ X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
+ InverseLT(); Ib0(X0, X1, X2, X3);
+ X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
+ InverseLT(); Ib7(X0, X1, X2, X3);
+ X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
+ InverseLT(); Ib6(X0, X1, X2, X3);
+ X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
+ InverseLT(); Ib5(X0, X1, X2, X3);
+ X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
+ InverseLT(); Ib4(X0, X1, X2, X3);
+ X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
+ InverseLT(); Ib3(X0, X1, X2, X3);
+ X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
+ InverseLT(); Ib2(X0, X1, X2, X3);
+ X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
+ InverseLT(); Ib1(X0, X1, X2, X3);
+ X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
+ InverseLT(); Ib0(X0, X1, X2, X3);
+ X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
+ InverseLT(); Ib7(X0, X1, X2, X3);
+ X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
+ InverseLT(); Ib6(X0, X1, X2, X3);
+ X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
+ InverseLT(); Ib5(X0, X1, X2, X3);
+ X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
+ InverseLT(); Ib4(X0, X1, X2, X3);
+ X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
+ InverseLT(); Ib3(X0, X1, X2, X3);
+ X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
+ InverseLT(); Ib2(X0, X1, X2, X3);
+ X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
+ InverseLT(); Ib1(X0, X1, X2, X3);
+ X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
+ InverseLT(); Ib0(X0, X1, X2, X3);
+ X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
+ InverseLT(); Ib7(X0, X1, X2, X3);
+ X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
+ InverseLT(); Ib6(X0, X1, X2, X3);
+ X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
+ InverseLT(); Ib5(X0, X1, X2, X3);
+ X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
+ InverseLT(); Ib4(X0, X1, X2, X3);
+ X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
+ InverseLT(); Ib3(X0, X1, X2, X3);
+ X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
+ InverseLT(); Ib2(X0, X1, X2, X3);
+ X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
+ InverseLT(); Ib1(X0, X1, X2, X3);
+ X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
+ InverseLT(); Ib0(X0, X1, X2, X3);
+
+ Pack.UInt32_To_BE((uint)(X3 ^ wKey[3]), output, outOff);
+ Pack.UInt32_To_BE((uint)(X2 ^ wKey[2]), output, outOff + 4);
+ Pack.UInt32_To_BE((uint)(X1 ^ wKey[1]), output, outOff + 8);
+ Pack.UInt32_To_BE((uint)(X0 ^ wKey[0]), output, outOff + 12);
+ }
+ }
+}
diff --git a/crypto/src/security/CipherUtilities.cs b/crypto/src/security/CipherUtilities.cs
index 9ad4228ac..e09eff8d6 100644
--- a/crypto/src/security/CipherUtilities.cs
+++ b/crypto/src/security/CipherUtilities.cs
@@ -54,6 +54,7 @@ namespace Org.BouncyCastle.Security
SERPENT,
SKIPJACK,
TEA,
+ TNEPRES,
TWOFISH,
VMPC,
VMPC_KSA3,
@@ -432,6 +433,9 @@ namespace Org.BouncyCastle.Security
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
+ case CipherAlgorithm.TNEPRES:
+ blockCipher = new TnepresEngine();
+ break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
@@ -725,6 +729,7 @@ namespace Org.BouncyCastle.Security
case CipherAlgorithm.SERPENT: return new SerpentEngine();
case CipherAlgorithm.SKIPJACK: return new SkipjackEngine();
case CipherAlgorithm.TEA: return new TeaEngine();
+ case CipherAlgorithm.TNEPRES: return new TnepresEngine();
case CipherAlgorithm.TWOFISH: return new TwofishEngine();
case CipherAlgorithm.XTEA: return new XteaEngine();
default:
diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs
index 7562a76be..2104a67ba 100644
--- a/crypto/src/security/GeneratorUtilities.cs
+++ b/crypto/src/security/GeneratorUtilities.cs
@@ -109,6 +109,7 @@ namespace Org.BouncyCastle.Security
AddKgAlgorithm("SERPENT");
AddKgAlgorithm("SKIPJACK");
AddKgAlgorithm("TEA");
+ AddKgAlgorithm("TNEPRES");
AddKgAlgorithm("TWOFISH");
AddKgAlgorithm("VMPC");
AddKgAlgorithm("VMPC-KSA3");
@@ -178,7 +179,7 @@ namespace Org.BouncyCastle.Security
"RC2", "RC4", "RC5", "SALSA20", "SEED", "TEA", "XTEA", "VMPC", "VMPC-KSA3");
AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1");
AddDefaultKeySizeEntries(192, "AES", "AES192", "CAMELLIA192", "DESEDE3", "HMACTIGER",
- "RIJNDAEL", "SERPENT");
+ "RIJNDAEL", "SERPENT", "TNEPRES");
AddDefaultKeySizeEntries(224, "HMACSHA224");
AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "GOST28147",
"HC256", "HMACSHA256", "RC5-64", "RC6", "TWOFISH");
diff --git a/crypto/src/security/ParameterUtilities.cs b/crypto/src/security/ParameterUtilities.cs
index b2d7c0dff..8fc3732f5 100644
--- a/crypto/src/security/ParameterUtilities.cs
+++ b/crypto/src/security/ParameterUtilities.cs
@@ -104,6 +104,7 @@ namespace Org.BouncyCastle.Security
AddAlgorithm("SERPENT");
AddAlgorithm("SKIPJACK");
AddAlgorithm("TEA");
+ AddAlgorithm("TNEPRES");
AddAlgorithm("TWOFISH");
AddAlgorithm("VMPC");
AddAlgorithm("VMPC-KSA3");
diff --git a/crypto/test/src/crypto/test/RegressionTest.cs b/crypto/test/src/crypto/test/RegressionTest.cs
index ab6394571..ad74cce31 100644
--- a/crypto/test/src/crypto/test/RegressionTest.cs
+++ b/crypto/test/src/crypto/test/RegressionTest.cs
@@ -34,6 +34,7 @@ namespace Org.BouncyCastle.Crypto.Tests
new RC6Test(),
new RijndaelTest(),
new SerpentTest(),
+ new TnepresTest(),
new CamelliaTest(),
new CamelliaLightTest(),
new DigestRandomNumberTest(),
diff --git a/crypto/test/src/crypto/test/SerpentTest.cs b/crypto/test/src/crypto/test/SerpentTest.cs
index 2467797e9..08dbda591 100644
--- a/crypto/test/src/crypto/test/SerpentTest.cs
+++ b/crypto/test/src/crypto/test/SerpentTest.cs
@@ -4,111 +4,142 @@ using NUnit.Framework;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Engines;
-using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
namespace Org.BouncyCastle.Crypto.Tests
{
+ /**
+ * Test vectors based on the NESSIE submission
+ */
[TestFixture]
- public class SerpentTest: CipherTest
+ public class SerpentTest
+ : CipherTest
{
- static SimpleTest[] tests =
+ static SimpleTest[] tests =
{
new BlockCipherVectorTest(0, new SerpentEngine(),
- new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
- "00000000000000000000000000000000", "8910494504181950f98dd998a82b6749"),
- new BlockCipherVectorTest(1, new SerpentEngine(),
new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
- "80000000000000000000000000000000", "10b5ffb720b8cb9002a1142b0ba2e94a"),
+ "00000000000000000000000000000000", "3620b17ae6a993d09618b8768266bae9"),
+ new BlockCipherVectorTest(1, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+ "00000000000000000000000000000000", "264E5481EFF42A4606ABDA06C0BFDA3D"),
new BlockCipherVectorTest(2, new SerpentEngine(),
- new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
- "00000000008000000000000000000000", "4f057a42d8d5bd9746e434680ddcd5e5"),
+ new KeyParameter(Hex.Decode("D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9")),
+ "D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9", "20EA07F19C8E93FDA30F6B822AD5D486"),
new BlockCipherVectorTest(3, new SerpentEngine(),
- new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
- "00000000000000000000400000000000", "99407bf8582ef12550886ef5b6f169b9"),
+ new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000008000")),
+ "00000000000000000000000000000000", "40520018C4AC2BBA285AEEB9BCB58755"),
new BlockCipherVectorTest(4, new SerpentEngine(),
- new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
- "40000000000000000000000000000000", "d522a3b8d6d89d4d2a124fdd88f36896"),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000000001", "AD86DE83231C3203A86AE33B721EAA9F"),
new BlockCipherVectorTest(5, new SerpentEngine(),
- new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
- "00000000000200000000000000000000", "189b8ec3470085b3da97e82ca8964e32"),
+ new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")),
+ "3DA46FFA6F4D6F30CD258333E5A61369", "00112233445566778899AABBCCDDEEFF"),
new BlockCipherVectorTest(6, new SerpentEngine(),
- new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
- "00000000000000000000008000000000", "f77d868cf760b9143a89809510ccb099"),
+ new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300952C49104881FF48")),
+ "677C8DFAA08071743FD2B415D1B28AF2", "EA024714AD5C4D84EA024714AD5C4D84"),
new BlockCipherVectorTest(7, new SerpentEngine(),
- new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
- "08000000000000000000000000000000", "d43b7b981b829342fce0e3ec6f5f4c82"),
+ new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F1011121314151617")),
+ "4528CACCB954D450655E8CFD71CBFAC7", "00112233445566778899AABBCCDDEEFF"),
new BlockCipherVectorTest(8, new SerpentEngine(),
- new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
- "00000000000000000100000000000000", "0bf30e1a0c33ccf6d5293177886912a7"),
+ new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300")),
+ "E0208BE278E21420C4B1B9747788A954", "EA024714AD5C4D84EA024714AD5C4D84"),
new BlockCipherVectorTest(9, new SerpentEngine(),
- new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
- "00000000000000000000000000000001", "6a7f3b805d2ddcba49b89770ade5e507"),
+ new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")),
+ "33B3DC87EDDD9B0F6A1F407D14919365", "00112233445566778899AABBCCDDEEFF"),
new BlockCipherVectorTest(10, new SerpentEngine(),
- new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
- "00000000000000000000000000000000", "49afbfad9d5a34052cd8ffa5986bd2dd"),
- new BlockCipherVectorTest(11, new SerpentEngine(),
- new KeyParameter(Hex.Decode("000000000000000000000000004000000000000000000000")),
- "00000000000000000000000000000000", "ba8829b1de058c4b48615d851fc74f17"),
- new BlockCipherVectorTest(12, new SerpentEngine(),
- new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000100000000")),
- "00000000000000000000000000000000", "89f64377bf1e8a46c8247044e8056a98"),
-/*
- new BlockCipherMonteCarloTest(13, 10000, new SerpentEngine(),
- new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
- "7a4f7db38c52a8b711b778a38d203b6b", "003380e19f10065740394f48e2fe80b7"),
-*/
- new BlockCipherMonteCarloTest(13, 100, new SerpentEngine(),
- new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
- "7a4f7db38c52a8b711b778a38d203b6b", "4db75303d815c2f7cc6ca935d1c5a046"),
-/*
- new BlockCipherMonteCarloTest(14, 10000, new SerpentEngine(),
- new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
- "70a05e12f74589009692a337f53ff614", "afb5425426906db26b70bdf842ac5400"),
-*/
- new BlockCipherMonteCarloTest(14, 100, new SerpentEngine(),
- new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
- "70a05e12f74589009692a337f53ff614", "fc53a50f4d3bc9836001893d2f41742d"),
-/*
- new BlockCipherMonteCarloTest(15, 10000, new SerpentEngine(),
- new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
- "9cc523d034a93740a0aa4e2054bb34d8", "1949d506ada7de1f1344986e8ea049b2"),
-*/
- new BlockCipherMonteCarloTest(15, 100, new SerpentEngine(),
- new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
- "9cc523d034a93740a0aa4e2054bb34d8", "77117e6a9e80f40b2a36b7d755573c2d"),
-/*
- new BlockCipherMonteCarloTest(16, 10000, new SerpentEngine(),
- new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
- "ee1a61106fae2d381d686cbf854bab65", "e57f45559027cb1f2ed9603d814e1c34"),
-*/
- new BlockCipherMonteCarloTest(16, 100, new SerpentEngine(),
- new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
- "ee1a61106fae2d381d686cbf854bab65", "dcd7f13ea0dcdfd0139d1a42e2ffb84b")
+ new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF48")),
+ "BEB6C069393822D3BE73FF30525EC43E", "EA024714AD5C4D84EA024714AD5C4D84"),
+ new BlockCipherMonteCarloTest(20, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3")),
+ "F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3", "8FD0E58DB7A54B929FCA6A12F96F20AF"),
+ new BlockCipherMonteCarloTest(21, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("0004000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000000000", "E7B681E8871FD05FEAE5FB64DA891EA2"),
+ new BlockCipherMonteCarloTest(22, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("0000000020000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000000000", "C5545D516EEC73BFA3622A8194F95620"),
+ new BlockCipherMonteCarloTest(23, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000002000000")),
+ "00000000000000000000000000000000", "11FF5C9BE006F82C98BD4FAC1A19920E"),
+ new BlockCipherMonteCarloTest(24, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000010000", "47CA1CA404B6481CAD4C21C8A0415A0E"),
+ new BlockCipherMonteCarloTest(25, 100, new SerpentEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000008000000000000000", "A0A2D5B07E27D539CA5BEE9DE1EAB3E6")
};
- public SerpentTest()
- : base(tests, new SerpentEngine(), new KeyParameter(new byte[32]))
- {
- }
+ public SerpentTest()
+ : base(tests, new SerpentEngine(), new KeyParameter(new byte[32]))
+ {
+ }
- public override string Name
+ public override void PerformTest()
{
- get { return "Serpent"; }
+ base.PerformTest();
+
+ //DoCbcMonte(new byte[16], new byte[16], new byte[16], Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"));
+ //DoCbcMonte(Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("b4813d8a66244188b9e92c75913fa2f4"), Hex.Decode("f86b2c265b9c75869f31e2c684c13e9f"));
+
+ DoCbc(Hex.Decode("BE4295539F6BD1752FD0A80229EF8847"), Hex.Decode("00963F59224794D5AD4252094358FBC3"), Strings.ToByteArray("CBC Mode Test"), Hex.Decode("CF2CF2547E02F6D34D97246E8042ED89"));
+
+
+ DoEax(Hex.Decode("7494A57648FB420043BFBFC5639EB82D"), Hex.Decode("6DF94638B83E01458F3E30C9A1D6AF1C"), Strings.ToByteArray("EAX Mode Test"), new byte[0], 128, Hex.Decode("96C521F32DC5E9BBC369DDE4914CB13B710EEBBAB7D706D3ABE06A99DC"));
}
- public static void Main(
- string[] args)
+ private void DoEax(byte[] key, byte[] iv, byte[] pt, byte[] aad, int tagLength, byte[] expected)
{
- ITest test = new SerpentTest();
- ITestResult result = test.Perform();
+ EaxBlockCipher c = new EaxBlockCipher(new SerpentEngine());
- Console.WriteLine(result);
+ c.Init(true, new AeadParameters(new KeyParameter(key), tagLength, iv, aad));
+
+ byte[] output = new byte[expected.Length];
+
+ int len = c.ProcessBytes(pt, 0, pt.Length, output, 0);
+
+ c.DoFinal(output, len);
+
+ if (!Arrays.AreEqual(expected, output))
+ {
+ Fail("EAX test failed");
+ }
+ }
+
+ private void DoCbc(byte[] key, byte[] iv, byte[] pt, byte[] expected)
+ {
+ PaddedBufferedBlockCipher c = new PaddedBufferedBlockCipher(new CbcBlockCipher(new SerpentEngine()), new Pkcs7Padding());
+
+ byte[] ct = new byte[expected.Length];
+
+ c.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
+
+ int l = c.ProcessBytes(pt, 0, pt.Length, ct, 0);
+
+ c.DoFinal(ct, l);
+
+ if (!Arrays.AreEqual(expected, ct))
+ {
+ Fail("CBC test failed");
+ }
+ }
+
+ public override string Name
+ {
+ get { return "Serpent"; }
+ }
+
+ public static void Main(string[] args)
+ {
+ RunTest(new SerpentTest());
}
- [Test]
+ [Test]
public void TestFunction()
{
string resultText = Perform().ToString();
diff --git a/crypto/test/src/crypto/test/TnepresTest.cs b/crypto/test/src/crypto/test/TnepresTest.cs
new file mode 100644
index 000000000..07308dbff
--- /dev/null
+++ b/crypto/test/src/crypto/test/TnepresTest.cs
@@ -0,0 +1,155 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+ /**
+ * Test vectors based on Floppy 4 of the Serpent AES submission.
+ */
+ [TestFixture]
+ public class TnepresTest
+ : CipherTest
+ {
+ static SimpleTest[] tests =
+ {
+ new BlockCipherVectorTest(0, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000000000", "8910494504181950f98dd998a82b6749"),
+ new BlockCipherVectorTest(1, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+ "80000000000000000000000000000000", "10b5ffb720b8cb9002a1142b0ba2e94a"),
+ new BlockCipherVectorTest(2, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+ "00000000008000000000000000000000", "4f057a42d8d5bd9746e434680ddcd5e5"),
+ new BlockCipherVectorTest(3, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+ "00000000000000000000400000000000", "99407bf8582ef12550886ef5b6f169b9"),
+ new BlockCipherVectorTest(4, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+ "40000000000000000000000000000000", "d522a3b8d6d89d4d2a124fdd88f36896"),
+ new BlockCipherVectorTest(5, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+ "00000000000200000000000000000000", "189b8ec3470085b3da97e82ca8964e32"),
+ new BlockCipherVectorTest(6, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+ "00000000000000000000008000000000", "f77d868cf760b9143a89809510ccb099"),
+ new BlockCipherVectorTest(7, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "08000000000000000000000000000000", "d43b7b981b829342fce0e3ec6f5f4c82"),
+ new BlockCipherVectorTest(8, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000100000000000000", "0bf30e1a0c33ccf6d5293177886912a7"),
+ new BlockCipherVectorTest(9, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+ "00000000000000000000000000000001", "6a7f3b805d2ddcba49b89770ade5e507"),
+ new BlockCipherVectorTest(10, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+ "00000000000000000000000000000000", "49afbfad9d5a34052cd8ffa5986bd2dd"),
+ new BlockCipherVectorTest(11, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("000000000000000000000000004000000000000000000000")),
+ "00000000000000000000000000000000", "ba8829b1de058c4b48615d851fc74f17"),
+ new BlockCipherVectorTest(12, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000100000000")),
+ "00000000000000000000000000000000", "89f64377bf1e8a46c8247044e8056a98"),
+/*
+ new BlockCipherMonteCarloTest(13, 10000, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
+ "7a4f7db38c52a8b711b778a38d203b6b", "003380e19f10065740394f48e2fe80b7"),
+*/
+ new BlockCipherMonteCarloTest(13, 100, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
+ "7a4f7db38c52a8b711b778a38d203b6b", "4db75303d815c2f7cc6ca935d1c5a046"),
+/*
+ new BlockCipherMonteCarloTest(14, 10000, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
+ "70a05e12f74589009692a337f53ff614", "afb5425426906db26b70bdf842ac5400"),
+*/
+ new BlockCipherMonteCarloTest(14, 100, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
+ "70a05e12f74589009692a337f53ff614", "fc53a50f4d3bc9836001893d2f41742d"),
+/*
+ new BlockCipherMonteCarloTest(15, 10000, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
+ "9cc523d034a93740a0aa4e2054bb34d8", "1949d506ada7de1f1344986e8ea049b2"),
+*/
+ new BlockCipherMonteCarloTest(15, 100, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
+ "9cc523d034a93740a0aa4e2054bb34d8", "77117e6a9e80f40b2a36b7d755573c2d"),
+/*
+ new BlockCipherMonteCarloTest(16, 10000, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
+ "ee1a61106fae2d381d686cbf854bab65", "e57f45559027cb1f2ed9603d814e1c34"),
+*/
+ new BlockCipherMonteCarloTest(16, 100, new TnepresEngine(),
+ new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
+ "ee1a61106fae2d381d686cbf854bab65", "dcd7f13ea0dcdfd0139d1a42e2ffb84b")
+ };
+
+ public TnepresTest()
+ : base(tests, new TnepresEngine(), new KeyParameter(new byte[32]))
+ {
+ }
+
+ public override void PerformTest()
+ {
+ base.PerformTest();
+
+ DoCbcMonte(new byte[16], new byte[16], new byte[16], Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"));
+ DoCbcMonte(Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("b4813d8a66244188b9e92c75913fa2f4"), Hex.Decode("f86b2c265b9c75869f31e2c684c13e9f"));
+ }
+
+ private void DoCbcMonte(byte[] key, byte[] iv, byte[] pt, byte[] expected)
+ {
+ IBlockCipher c = new TnepresEngine();
+
+ byte[] ct = new byte[16];
+
+ Array.Copy(iv, 0, ct, 0, 16);
+
+ for (int i = 0; i < 10000; i++)
+ {
+ for (int k = 0; k != iv.Length; k++)
+ {
+ iv[k] ^= pt[k];
+ }
+ Array.Copy(ct, 0, pt, 0, 16);
+
+ c.Init(true, new KeyParameter(key));
+
+ c.ProcessBlock(iv, 0, ct, 0);
+
+ Array.Copy(ct, 0, iv, 0, 16);
+ }
+
+ if (!Arrays.AreEqual(expected, ct))
+ {
+ Fail("CBC monte test failed");
+ }
+ }
+
+ public override string Name
+ {
+ get { return "Tnepres"; }
+ }
+
+ public static void Main(string[] args)
+ {
+ RunTest(new TnepresTest());
+ }
+
+ [Test]
+ public void TestFunction()
+ {
+ string resultText = Perform().ToString();
+
+ Assert.AreEqual(Name + ": Okay", resultText);
+ }
+ }
+}
diff --git a/crypto/test/src/test/BlockCipherTest.cs b/crypto/test/src/test/BlockCipherTest.cs
index fc3a99f4e..9a7c6a944 100644
--- a/crypto/test/src/test/BlockCipherTest.cs
+++ b/crypto/test/src/test/BlockCipherTest.cs
@@ -114,6 +114,8 @@ namespace Org.BouncyCastle.Tests
"Rijndael/CBC/PKCS7Padding",
"cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7",
"Serpent/CBC/PKCS7Padding",
+ "d8b971931de211cb2d31721773a5b1f9dc4e263efe0465f97c024daa26dd7d03473e9beb82ba809cf36071d4807e4706",
+ "Tnepres/CBC/PKCS7Padding",
"f8940ca31aba8ce1e0693b1ae0b1e08daef6de03c80f019774280052f824ac44540bb8dd74dfad47f83f9c7ec268ca68",
"CAST5/CBC/PKCS7Padding",
"87b6dc0c5a1d23d42fa740b0548be0b298112000544610d889d6361994cf8e670a19d6af72d7289f",
@@ -138,6 +140,8 @@ namespace Org.BouncyCastle.Tests
"Rijndael/CTS/NoPadding",
"6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
"Serpent/CTS/NoPadding",
+ "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9",
+ "Tnepres/CTS/NoPadding",
"aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
"CAST5/CTS/NoPadding",
"87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
@@ -166,6 +170,8 @@ namespace Org.BouncyCastle.Tests
"Rijndael/CBC/WithCTS",
"6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
"Serpent/CBC/WithCTS",
+ "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9",
+ "Tnepres/CBC/WithCTS",
"aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
"CAST5/CBC/WithCTS",
"87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
@@ -251,7 +257,111 @@ namespace Org.BouncyCastle.Tests
"Twofish/ECB/TBCPadding",
"70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c019d7daa58d02b89aab6e8c0d17202439",
"RC2/ECB/TBCPadding",
- "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179"
+ "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179",
+ "DES/CTR/NoPadding",
+ "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6cece1f6d",
+ "DESede/CTR/NoPadding",
+ "481e9872acea7fcfa93b7d4e34ec7bab340c10faba2e43b879d40d38e07c422d",
+ "SKIPJACK/CTR/NoPadding",
+ "71143a124e3a0cdeee98a7b843baa05bd1d59faee8ec9b89880e070314a04cc2",
+ "Blowfish/CTR/NoPadding",
+ "6cd6f7c5d2c65555d2b31f8614f54ec654f5e7888d515008d59302c3edfcc6cb",
+ "Twofish/CTR/NoPadding",
+ "821c54b1b54ae113cf74595eefe10c83d09e95d4599190b9bbd5bc71dd703730",
+ //"Threefish-256/CTR/NoPadding",
+ //"546ea995dd302f1efcb1f27d14bad468280a3a7994c2af75dfdf1e9fc5ef2373",
+ //"Threefish-512/CTR/NoPadding",
+ //"152df966484ecc2e9ddfc386559732f7f632e4008920804a1bde4efcf2e6e2f2",
+ //"Threefish-1024/CTR/NoPadding",
+ //"03953ac751a7377812c6e3e4d14b36c6953f9b390acaa892811c10001c9be454",
+ "RC2/CTR/NoPadding",
+ "0a07cb78537cb04c8c5a0a39a15977a7eb19f3c48a42759c234868c391a99c63",
+ "RC5/CTR/NoPadding",
+ "c62b233df296283b97f17364d5f69a1ff91f46659cf9856caefd322a936203a7",
+ "IDEA/CTR/NoPadding",
+ "dd447da3cbdcf81f4694ab7715d79e3f90af5682e8c318b8f7dadbed6b5c9714",
+ "Blowfish/EAX/NoPadding",
+ "bee85ae6512b8a2346d46f7bac31526238091ccc5de75760c9a39628fb45d44a653bfac0",
+ "CAST5/EAX/NoPadding",
+ "85e0dbd3402f2179f96d231315ec73f04f64f1b7ab1347423b9aec51a07a7222e2bc65a3",
+ "DES/EAX/NoPadding",
+ "07d12249945e77607086f7463f316966466e6a0c0789b3307b8b51a7cc807e3c1fb91f98",
+ "DESede/EAX/NoPadding",
+ "278b28f13537dc13bb688c95391754bd6d39c79a7361b407f8dee0b111b264f20391cb0e",
+ "GOST28147/EAX/NoPadding",
+ "1416713d52affb595b880be996e838edd377e67dfe822fbb0ff235f1b706e6ce34d68dc5",
+ "IDEA/EAX/NoPadding",
+ "b2e9f3e40954c140ac60423466dee0138f84e879fbde003780202bd83c91571b64df7bb7",
+ "RC2/EAX/NoPadding",
+ "5d1c095de75bd5eef6a5146f7d6c44545807a8b452f7a38e2719a14f1a269709d2eda2d3",
+ "SEED/EAX/NoPadding",
+ "6780f18b2dd1f75a934b5a3e45e8fd44877fd3498a9b919b417b3d8a7c67c6021d74bbaef71841ef",
+ "Serpent/EAX/NoPadding",
+ "13c2b1fec2bda74f5ccc8ca31b36a2e91ee024a215387219808640b2fc7a6a41e017aacee3ed893a",
+ "Tnepres/EAX/NoPadding",
+ "8d5ac312ca0d436a0154d56568d39811ccf6bb970012398014fc8a49ed669b117443c0249b07ead8",
+ //"SM4/EAX/NoPadding",
+ //"e072a95da8e529b41199859482142b3fdfa6b7af27348e5ebf35445a099583dae882affde90ea4a4",
+ "Twofish/EAX/NoPadding",
+ "9a90dffe1233a04733fc8869e8ec4cba2fa53d9543f0206825293b1ff102e63f81a60b12204e1fd8",
+ "IDEA/OFB/NoPadding",
+ "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad",
+ "RC2/OFB/NoPadding",
+ "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74",
+ "SEED/OFB/NoPadding",
+ "9fd249435dc66d3d5d41abad270df5e3c6b972692fadfcb6c311b047f96fb114",
+ "SEED/OCB/NoPadding",
+ "eb04b3612769e1ad681f975af1a6f401d94dc88276dd50fc3ebce791c28825c652b7351acbad8c63d4d66191de94c970",
+ "SEED/CCM/NoPadding",
+ "8bb16b37e7f1d4eb97bb1fa3b9bfd411aca64a3581bb3c5b2a91346983aa334984d73ad629a847f7",
+ "SEED/GCM/NoPadding",
+ "ed5f6293c9a4f280af6695750bfb3bb3b60c214565a049494df955152757812ebfb93705895606c4378498a93f2541b5",
+ //"SM4/GCM/NoPadding",
+ //"323b601a951da693f87e53c6832380719b4d4bd306c94248202b7e337c81e2d9de0044b77a4c556f15f6fd19f828236b",
+ "DES/ECB/TBCPadding",
+ "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e22525698575eb3998481b",
+ "GOST28147/ECB/TBCPadding",
+ "0a77f4114451b37d44c5192619b723dd49093d1047c2373544c5192619b723dde7b0810d205c07ab",
+ "IDEA/ECB/TBCPadding",
+ "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61747a7c95a57b9eaf4",
+ "RC2/ECB/TBCPadding",
+ "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179",
+ "SEED/ECB/TBCPadding",
+ "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c509f6e111845db39b4cce1dd155aa592b",
+ "DES/CBC/TBCPadding",
+ "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd",
+ "GOST28147/CBC/TBCPadding",
+ "ba87be9c465cbb30e1bf0148daa9639c2e4cbc1b6777cfcda860760686596159aa564fd65e66c125",
+ "IDEA/CBC/TBCPadding",
+ "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d922f14e12faecaa0b",
+ "RC2/CBC/TBCPadding",
+ "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9997b47d2f64a37e2f",
+ "SEED/CBC/TBCPadding",
+ "fc34f03ddf4d2a4d9934addc82011af1d5f76ee015b691a6524d7ad5464422d7989825d19e23a60ba759407e13d1ea02",
+ "DES/CFB8/NoPadding",
+ "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4",
+ "GOST28147/CFB8/NoPadding",
+ "29f6ca1ca7ae9670413183932a28cdd4a09f2ba630c3c3fbf6f071d3774d7577",
+ "IDEA/CFB8/NoPadding",
+ "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af",
+ "RC2/CFB8/NoPadding",
+ "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5",
+ "SEED/CFB8/NoPadding",
+ "9f1622c3785a034ee4c595df05fb11e69e4d52036e238d2d451e190e87ee876e",
+ "DES/CTS/NoPadding",
+ "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
+ "GOST28147/CTS/NoPadding",
+ "ba87be9c465cbb30e1bf0148daa9639ca8607606865961592e4cbc1b6777cfcd",
+ "IDEA/CTS/NoPadding",
+ "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
+ "RC2/CTS/NoPadding",
+ "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
+ "SEED/CTS/NoPadding",
+ "d5f76ee015b691a6524d7ad5464422d7fc34f03ddf4d2a4d9934addc82011af1",
+ //"SHACAL-2/CBC/PKCS7Padding",
+ //"3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669b6a81cdec475ed4d2394d7ad771404a52eb52d245a39f0d7d3e8062d3b0f0e54",
+ //"SHACAL-2/CBC/TBCPadding",
+ //"3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa80876693f17fbe9a5baa88ed21b2e1a863dc449061f40cafadfc3cf73486208f87b9352",
};
private static readonly string[] cipherTests2 =
@@ -329,8 +439,12 @@ namespace Org.BouncyCastle.Tests
if (!validModes.Contains(baseMode))
throw new Exception("Unhandled mode: " + mode);
+ if (baseMode == "CCM")
+ return 13;
if (baseMode == "ECB")
return 0;
+ if (baseMode == "OCB")
+ return 15;
string baseAlgorithm = parts[0];
IBufferedCipher baseCipher = CipherUtilities.GetCipher(baseAlgorithm);
@@ -437,11 +551,16 @@ namespace Org.BouncyCastle.Tests
if (iv != null)
{
// TODO Examine short IV handling for these FIPS-compliant modes in Java build
- if (mode.StartsWith("CFB")
+ if (mode.StartsWith("CCM")
+ || mode.StartsWith("CFB")
|| mode.StartsWith("CTR")
+ || mode.StartsWith("EAX")
+ || mode.StartsWith("GCM")
|| mode.StartsWith("GOFB")
+ || mode.StartsWith("OCB")
|| mode.StartsWith("OFB")
- || mode.StartsWith("OPENPGPCFB"))
+ || mode.StartsWith("OPENPGPCFB")
+ || mode.StartsWith("SIC"))
{
// These modes automatically pad out the IV if it is short
}
|
