private byte[] DecryptBlock(
byte[] in_enc,
int inOff,
int inLen,
byte[] z)
{
byte[] M = null;
KeyParameter macKey = null;
KdfParameters kParam = new KdfParameters(z, param.GetDerivationV());
int macKeySize = param.MacKeySize;
kdf.Init(kParam);
inLen -= mac.GetMacSize();
if (cipher == null) // stream mode
{
byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8));
M = new byte[inLen];
for (int i = 0; i != inLen; i++)
{
M[i] = (byte)(in_enc[inOff + i] ^ Buffer[i]);
}
macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8));
}
else
{
int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize;
byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8));
cipher.Init(false, new KeyParameter(Buffer, 0, (cipherKeySize / 8)));
M = cipher.DoFinal(in_enc, inOff, inLen);
macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8));
}
byte[] macIV = param.GetEncodingV();
mac.Init(macKey);
mac.BlockUpdate(in_enc, inOff, inLen);
mac.BlockUpdate(macIV, 0, macIV.Length);
mac.DoFinal(macBuf, 0);
inOff += inLen;
for (int t = 0; t < macBuf.Length; t++)
{
if (macBuf[t] != in_enc[inOff + t])
{
throw (new InvalidCipherTextException("IMac codes failed to equal."));
}
}
return(M);
}
private byte[] DecryptBlock(byte[] in_enc, int inOff, int inLen, byte[] z)
{
byte[] array = null;
KeyParameter keyParameter = null;
KdfParameters kdfParameters = new KdfParameters(z, param.GetDerivationV());
int macKeySize = param.MacKeySize;
kdf.Init(kdfParameters);
if (inLen < mac.GetMacSize())
{
throw new InvalidCipherTextException("Length of input must be greater than the MAC");
}
inLen -= mac.GetMacSize();
if (cipher == null)
{
byte[] array2 = GenerateKdfBytes(kdfParameters, inLen + macKeySize / 8);
array = new byte[inLen];
for (int i = 0; i != inLen; i++)
{
array[i] = (byte)(in_enc[inOff + i] ^ array2[i]);
}
keyParameter = new KeyParameter(array2, inLen, macKeySize / 8);
}
else
{
int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize;
byte[] key = GenerateKdfBytes(kdfParameters, cipherKeySize / 8 + macKeySize / 8);
cipher.Init(forEncryption: false, new KeyParameter(key, 0, cipherKeySize / 8));
array = cipher.DoFinal(in_enc, inOff, inLen);
keyParameter = new KeyParameter(key, cipherKeySize / 8, macKeySize / 8);
}
byte[] encodingV = param.GetEncodingV();
mac.Init(keyParameter);
mac.BlockUpdate(in_enc, inOff, inLen);
mac.BlockUpdate(encodingV, 0, encodingV.Length);
mac.DoFinal(macBuf, 0);
inOff += inLen;
byte[] a = Arrays.CopyOfRange(in_enc, inOff, inOff + macBuf.Length);
if (!Arrays.ConstantTimeAreEqual(a, macBuf))
{
throw new InvalidCipherTextException("Invalid MAC.");
}
return(array);
}
public byte[] ProcessBlock(
byte[] input,
int inOff,
int inLen,
byte[] macData)
{
// Compute the common value and convert to byte array.
_agreement.Init(_privParam);
BigInteger zAsInteger = _agreement.CalculateAgreement(_pubParam);
byte[] z = BigIntegers.AsUnsignedByteArray(_agreement.GetFieldSize(), zAsInteger);
// Create input to KDF.
byte[] vz;
// if (V.Length != 0)
// {
// VZ = new byte[V.Length + Z.Length];
// Array.Copy(V, 0, VZ, 0, V.Length);
// Array.Copy(Z, 0, VZ, V.Length, Z.Length);
// }
// else
{
vz = z;
}
// Initialise the KDF.
IDerivationParameters kdfParam;
if (_kdf is Mgf1BytesGenerator)
{
kdfParam = new MgfParameters(vz);
}
else
{
kdfParam = new KdfParameters(vz, _iesParameters.GetDerivationV());
}
_kdf.Init(kdfParam);
return(_forEncryption
? EncryptBlock(input, inOff, inLen, macData)
: DecryptBlock(input, inOff, inLen, macData));
}
private byte[] DecryptBlock(
byte[] in_enc,
int inOff,
int inLen,
byte[] z)
{
byte[] M = null;
KeyParameter macKey = null;
KdfParameters kParam = new KdfParameters(z, param.GetDerivationV());
int macKeySize = param.MacKeySize;
kdf.Init(kParam);
// Ensure that the length of the input is greater than the MAC in bytes
if (inLen < mac.GetMacSize())
{
throw new InvalidCipherTextException("Length of input must be greater than the MAC");
}
inLen -= mac.GetMacSize();
if (cipher == null) // stream mode
{
byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8));
M = new byte[inLen];
for (int i = 0; i != inLen; i++)
{
M[i] = (byte)(in_enc[inOff + i] ^ Buffer[i]);
}
macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8));
}
else
{
int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize;
byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8));
cipher.Init(false, new KeyParameter(Buffer, 0, (cipherKeySize / 8)));
M = cipher.DoFinal(in_enc, inOff, inLen);
macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8));
}
byte[] macIV = param.GetEncodingV();
mac.Init(macKey);
mac.BlockUpdate(in_enc, inOff, inLen);
mac.BlockUpdate(macIV, 0, macIV.Length);
mac.DoFinal(macBuf, 0);
inOff += inLen;
byte[] T1 = Arrays.CopyOfRange(in_enc, inOff, inOff + macBuf.Length);
if (!Arrays.ConstantTimeAreEqual(T1, macBuf))
{
throw (new InvalidCipherTextException("Invalid MAC."));
}
return(M);
}
public virtual byte[] ProcessBlock(
byte[] @in,
int inOff,
int inLen)
{
if (ForEncryption)
{
if (KeyPairGenerator != null)
{
EphemeralKeyPair ephKeyPair = KeyPairGenerator.Generate();
PrivParam = ephKeyPair.GetKeyPair().Private;
V = ephKeyPair.GetEncodedPublicKey();
}
}
else
{
if (KeyParser != null)
{
MemoryStream bIn = new MemoryStream(@in, inOff, inLen)
{
Position = 0
};
try
{
PubParam = KeyParser.ReadKey(bIn);
}
catch (IOException e)
{
throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.Message, e);
}
catch (ArgumentException e)
{
throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.Message, e);
}
int encLength = (inLen - (int)(bIn.Length - bIn.Position));
V = Arrays.CopyOfRange(@in, inOff, inOff + encLength);
}
}
// Compute the common value and convert to byte array.
Agree.Init(PrivParam);
BigInteger z = Agree.CalculateAgreement(PubParam);
byte[] bigZ = BigIntegers.AsUnsignedByteArray(Agree.GetFieldSize(), z);
// Create input to KDF.
if (V.Length != 0)
{
byte[] vz = Arrays.Concatenate(V, bigZ);
Arrays.Fill(bigZ, 0);
bigZ = vz;
}
try
{
// Initialise the KDF.
KdfParameters kdfParam = new KdfParameters(bigZ, _param.GetDerivationV());
Kdf.Init(kdfParam);
return(ForEncryption
? EncryptBlock(@in, inOff, inLen)
: DecryptBlock(@in, inOff, inLen));
}
finally
{
Arrays.Fill(bigZ, 0);
}
}