private void CheckTestCase(IAeadBlockCipher encCipher, IAeadBlockCipher decCipher, string testName,
int macLengthBytes, byte[] P, byte[] C)
{
byte[] tag = Arrays.CopyOfRange(C, C.Length - macLengthBytes, C.Length);
{
byte[] enc = new byte[encCipher.GetOutputSize(P.Length)];
int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0);
len += encCipher.DoFinal(enc, len);
if (enc.Length != len)
{
Fail("encryption reported incorrect length: " + testName);
}
if (!AreEqual(C, enc))
{
Fail("incorrect encrypt in: " + testName);
}
if (!AreEqual(tag, encCipher.GetMac()))
{
Fail("getMac() not the same as the appended tag: " + testName);
}
}
{
byte[] dec = new byte[decCipher.GetOutputSize(C.Length)];
int len = decCipher.ProcessBytes(C, 0, C.Length, dec, 0);
len += decCipher.DoFinal(dec, len);
if (dec.Length != len)
{
Fail("decryption reported incorrect length: " + testName);
}
if (!AreEqual(P, dec))
{
Fail("incorrect decrypt in: " + testName);
}
if (!AreEqual(tag, decCipher.GetMac()))
{
Fail("getMac() not the same as the appended tag: " + testName);
}
}
}
public byte[] Collect()
{
return(cipher.GetMac());
}
private void RandomTest(SecureRandom srng)
{
int kLength = 16 + 8 * (System.Math.Abs(srng.NextInt()) % 3);
byte[] K = new byte[kLength];
srng.NextBytes(K);
int pLength = (int)((uint)srng.NextInt() >> 16);
byte[] P = new byte[pLength];
srng.NextBytes(P);
int aLength = (int)((uint)srng.NextInt() >> 24);
byte[] A = new byte[aLength];
srng.NextBytes(A);
int saLength = (int)((uint)srng.NextInt() >> 24);
byte[] SA = new byte[saLength];
srng.NextBytes(SA);
int ivLength = 1 + NextInt(srng, 15);
byte[] IV = new byte[ivLength];
srng.NextBytes(IV);
AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A);
IAeadBlockCipher cipher = InitOcbCipher(true, parameters);
byte[] C = new byte[cipher.GetOutputSize(P.Length)];
int predicted = cipher.GetUpdateOutputSize(P.Length);
int split = NextInt(srng, SA.Length + 1);
cipher.ProcessAadBytes(SA, 0, split);
int len = cipher.ProcessBytes(P, 0, P.Length, C, 0);
cipher.ProcessAadBytes(SA, split, SA.Length - split);
if (predicted != len)
{
Fail("encryption reported incorrect update length in randomised test");
}
len += cipher.DoFinal(C, len);
if (C.Length != len)
{
Fail("encryption reported incorrect length in randomised test");
}
byte[] encT = cipher.GetMac();
byte[] tail = new byte[C.Length - P.Length];
Array.Copy(C, P.Length, tail, 0, tail.Length);
if (!AreEqual(encT, tail))
{
Fail("stream contained wrong mac in randomised test");
}
cipher.Init(false, parameters);
byte[] decP = new byte[cipher.GetOutputSize(C.Length)];
predicted = cipher.GetUpdateOutputSize(C.Length);
split = NextInt(srng, SA.Length + 1);
cipher.ProcessAadBytes(SA, 0, split);
len = cipher.ProcessBytes(C, 0, C.Length, decP, 0);
cipher.ProcessAadBytes(SA, split, SA.Length - split);
if (predicted != len)
{
Fail("decryption reported incorrect update length in randomised test");
}
len += cipher.DoFinal(decP, len);
if (!AreEqual(P, decP))
{
Fail("incorrect decrypt in randomised test");
}
byte[] decT = cipher.GetMac();
if (!AreEqual(encT, decT))
{
Fail("decryption produced different mac from encryption");
}
//
// key reuse test
//
cipher.Init(false, AeadTestUtilities.ReuseKey(parameters));
decP = new byte[cipher.GetOutputSize(C.Length)];
split = NextInt(srng, SA.Length + 1);
cipher.ProcessAadBytes(SA, 0, split);
len = cipher.ProcessBytes(C, 0, C.Length, decP, 0);
cipher.ProcessAadBytes(SA, split, SA.Length - split);
len += cipher.DoFinal(decP, len);
if (!AreEqual(P, decP))
{
Fail("incorrect decrypt in randomised test");
}
decT = cipher.GetMac();
if (!AreEqual(encT, decT))
{
Fail("decryption produced different mac from encryption");
}
}
private void CheckTestCase(IAeadBlockCipher encCipher, IAeadBlockCipher decCipher, string testName,
int macLengthBytes, byte[] P, byte[] C)
{
byte[] tag = Arrays.CopyOfRange(C, C.Length - macLengthBytes, C.Length);
{
byte[] enc = new byte[encCipher.GetOutputSize(P.Length)];
int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0);
len += encCipher.DoFinal(enc, len);
if (enc.Length != len)
{
Fail("encryption reported incorrect length: " + testName);
}
if (!AreEqual(C, enc))
{
Fail("incorrect encrypt in: " + testName);
}
if (!AreEqual(tag, encCipher.GetMac()))
{
Fail("getMac() not the same as the appended tag: " + testName);
}
}
{
byte[] dec = new byte[decCipher.GetOutputSize(C.Length)];
int len = decCipher.ProcessBytes(C, 0, C.Length, dec, 0);
len += decCipher.DoFinal(dec, len);
if (dec.Length != len)
{
Fail("decryption reported incorrect length: " + testName);
}
if (!AreEqual(P, dec))
{
Fail("incorrect decrypt in: " + testName);
}
if (!AreEqual(tag, decCipher.GetMac()))
{
Fail("getMac() not the same as the appended tag: " + testName);
}
}
}