From 1f899c3ca6c0a3497dd7a51bb25294ea44675691 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Tue, 10 Nov 2015 19:15:32 +0700
Subject: Fix IV check for 64-bit blockSize

---
 crypto/src/crypto/modes/SicBlockCipher.cs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'crypto/src')

diff --git a/crypto/src/crypto/modes/SicBlockCipher.cs b/crypto/src/crypto/modes/SicBlockCipher.cs
index 239f99478..0bea4a455 100644
--- a/crypto/src/crypto/modes/SicBlockCipher.cs
+++ b/crypto/src/crypto/modes/SicBlockCipher.cs
@@ -56,16 +56,18 @@ namespace Org.BouncyCastle.Crypto.Modes
 
             if (blockSize < IV.Length)
                 throw new ArgumentException("CTR/SIC mode requires IV no greater than: " + blockSize + " bytes.");
-            if (blockSize - IV.Length > 8)
-                throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - 8) + " bytes.");
 
-            Reset();
+            int maxCounterSize = System.Math.Min(8, blockSize / 2);
+            if (blockSize - IV.Length > maxCounterSize)
+                throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes.");
 
             // if null it's an IV changed only.
             if (ivParam.Parameters != null)
             {
                 cipher.Init(true, ivParam.Parameters);
             }
+
+            Reset();
         }
 
         public virtual string AlgorithmName
-- 
cgit 1.5.1