public void Ones_ShouldReturnExpectedBitstring()
{
var bitString = BitString.Ones(5);
Assert.AreEqual(5, bitString.Length);
Assert.AreEqual("11111", bitString.ToBinString());
}
public SubtractiveCounter(IBlockCipherEngine engine, BitString initialIV)
{
_blockSize = engine.BlockSizeBits;
_iv = BitString.Ones(_blockSize);
// If the IV is too short to actually be an IV, pad some 0s to the MSB side.
if (initialIV.BitLength < _blockSize)
{
initialIV = BitString.Ones(_blockSize - initialIV.BitLength).ConcatenateBits(initialIV);
}
_iv = initialIV;
}
public void ShouldWrapTheCounterWhenAtMaxValue()
{
var initialValue = BitString.Ones(128);
var subject = new AdditiveCounter(_aesEngine, initialValue);
var firstResult = subject.GetNextIV();
var secondResult = subject.GetNextIV();
var thirdResult = subject.GetNextIV();
Assert.AreEqual(initialValue, firstResult);
Assert.AreEqual(BitString.Zeroes(128), secondResult);
Assert.AreEqual(BitString.ConcatenateBits(BitString.Zeroes(127), BitString.One()), thirdResult);
}
/// <summary>
/// External Keccak function. This is the method to call.
/// </summary>
/// <param name="message">Message to hash</param>
/// <param name="digestSize">Size of the digest to return</param>
/// <param name="capacity">Capacity of the function</param>
/// <param name="outputType">XOF for SHAKE, CONSTANT for SHA3, cXOF for cSHAKE</param>
/// <param name="cSHAKEPrePad">True if cSHAKE had customization parameters other than empty string</param>
/// <returns>Message digest as BitString</returns>
public static BitString Keccak(BitString message, int digestSize, int capacity, bool XOF, bool cSHAKEPrePad = false)
{
message = ConvertEndianness(message);
if (!cSHAKEPrePad && XOF)
{
message = BitString.ConcatenateBits(message, BitString.Ones(4));
}
else if (!XOF)
{
message = BitString.ConcatenateBits(message, BitString.Zero());
message = BitString.ConcatenateBits(message, BitString.One());
}
return(Sponge(message, digestSize, capacity));
}
private BitString EmsaPkcsEncoding(BitString message, int nlen)
{
var H = Sha.HashMessage(message).Digest;
var T = BitString.ConcatenateBits(GetHashAlgId(), H);
var psLen = nlen - (GetHashAlgId().BitLength + Sha.HashFunction.OutputLen) - 24;
var PS = BitString.Ones(psLen);
var EM = new BitString("00");
EM = BitString.ConcatenateBits(EM, new BitString("01"));
EM = BitString.ConcatenateBits(EM, PS);
EM = BitString.ConcatenateBits(EM, new BitString("00"));
EM = BitString.ConcatenateBits(EM, T);
return(EM);
}
public BitString GetNextIV()
{
if (_iv.BitLength < _blockSize)
{
_iv = BitString.Zeroes(_blockSize - _iv.BitLength).ConcatenateBits(_iv);
}
var currentIV = _iv.GetLeastSignificantBits(_blockSize).GetDeepCopy();
// Avoid throwing an exception by subtracting from 000...0
if (currentIV.Equals(BitString.Zeroes(_blockSize)))
{
_iv = BitString.Ones(_blockSize);
}
else
{
_iv = _iv.BitStringSubtraction(BitString.One());
}
return(currentIV);
}
public override PaddingResult Pad(int nlen, BitString message)
{
if (message.BitLength < GetHashAlgId().BitLength + 11 * 8)
{
return(new PaddingResult("Message length too short"));
}
var H = Sha.HashMessage(message).Digest;
var T = BitString.ConcatenateBits(GetHashAlgId(), H);
var psLen = nlen - (GetHashAlgId().BitLength + Sha.HashFunction.OutputLen) - 24;
var PS = BitString.Ones(psLen);
var EM = new BitString("00");
EM = BitString.ConcatenateBits(EM, new BitString("01"));
EM = BitString.ConcatenateBits(EM, PS);
EM = BitString.ConcatenateBits(EM, new BitString("44")); // ERROR: Should be 00
EM = BitString.ConcatenateBits(EM, T);
return(new PaddingResult(EM));
}
public void Ones_ShouldReturnEmptyString_WhenNegativeLength()
{
var bitString = BitString.Ones(-2);
Assert.AreEqual(new BitString(), bitString);
}