summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/crypto/modes/CcmBlockCipher.cs12
1 files changed, 10 insertions, 2 deletions
diff --git a/crypto/src/crypto/modes/CcmBlockCipher.cs b/crypto/src/crypto/modes/CcmBlockCipher.cs

index fa97ec840..0e4bb7fc9 100644
--- a/crypto/src/crypto/modes/CcmBlockCipher.cs
+++ b/crypto/src/crypto/modes/CcmBlockCipher.cs
@@ -68,7 +68,7 @@ namespace Org.BouncyCastle.Crypto.Modes
 
                 nonce = param.GetNonce();
                 initialAssociatedText = param.GetAssociatedText();
-                macSize = param.MacSize / 8;
+                macSize = GetMacSize(param.MacSize);
                 cipherParameters = param.Key;
             }
             else if (parameters is ParametersWithIV)
@@ -77,7 +77,7 @@ namespace Org.BouncyCastle.Crypto.Modes
 
                 nonce = param.GetIV();
                 initialAssociatedText = null;
-                macSize = macBlock.Length / 2;
+                macSize = GetMacSize(64);
                 cipherParameters = param.Parameters;
             }
             else
@@ -434,6 +434,14 @@ namespace Org.BouncyCastle.Crypto.Modes
             return cMac.DoFinal(macBlock, 0);
         }
 
+        private int GetMacSize(int requestedMacBits)
+        {
+            if (requestedMacBits < 32 || requestedMacBits > 128 || 0 != (requestedMacBits & 15))
+                throw new ArgumentException("tag length in octets must be one of {4,6,8,10,12,14,16}");
+
+            return requestedMacBits >> 3;
+        }
+
         private int GetAssociatedTextLength()
         {
             return (int)associatedText.Length + ((initialAssociatedText == null) ? 0 : initialAssociatedText.Length);
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-05-04 17:35:51 +0000