private int UpdateCiphers(IAeadBlockCipher c1, IAeadBlockCipher c2, byte[] S, int i, bool includeAAD, bool includePlaintext) { int inputLen = includePlaintext ? i : 0; int outputLen = c2.GetOutputSize(inputLen); byte[] output = new byte[outputLen]; int len = 0; if (includeAAD) { c2.ProcessAadBytes(S, 0, i); } if (includePlaintext) { len += c2.ProcessBytes(S, 0, i, output, len); } len += c2.DoFinal(output, len); c1.ProcessAadBytes(output, 0, len); return(len); }
public override void Write( byte[] buffer, int offset, int count) { CryptoServicesRegistrar.ApprovedModeCheck(approvedOnlyMode, "AAD"); if (count > 0) { aeadCipher.ProcessAadBytes(buffer, offset, count); } }
private void RandomTest(SecureRandom srng) { int kLength = 16 + 8 * (System.Math.Abs(srng.NextInt()) % 3); byte[] K = new byte[kLength]; srng.NextBytes(K); int pLength = (int)((uint)srng.NextInt() >> 16); byte[] P = new byte[pLength]; srng.NextBytes(P); int aLength = (int)((uint)srng.NextInt() >> 24); byte[] A = new byte[aLength]; srng.NextBytes(A); int saLength = (int)((uint)srng.NextInt() >> 24); byte[] SA = new byte[saLength]; srng.NextBytes(SA); int ivLength = 1 + NextInt(srng, 15); byte[] IV = new byte[ivLength]; srng.NextBytes(IV); AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A); IAeadBlockCipher cipher = InitOcbCipher(true, parameters); byte[] C = new byte[cipher.GetOutputSize(P.Length)]; int predicted = cipher.GetUpdateOutputSize(P.Length); int split = NextInt(srng, SA.Length + 1); cipher.ProcessAadBytes(SA, 0, split); int len = cipher.ProcessBytes(P, 0, P.Length, C, 0); cipher.ProcessAadBytes(SA, split, SA.Length - split); if (predicted != len) { Fail("encryption reported incorrect update length in randomised test"); } len += cipher.DoFinal(C, len); if (C.Length != len) { Fail("encryption reported incorrect length in randomised test"); } byte[] encT = cipher.GetMac(); byte[] tail = new byte[C.Length - P.Length]; Array.Copy(C, P.Length, tail, 0, tail.Length); if (!AreEqual(encT, tail)) { Fail("stream contained wrong mac in randomised test"); } cipher.Init(false, parameters); byte[] decP = new byte[cipher.GetOutputSize(C.Length)]; predicted = cipher.GetUpdateOutputSize(C.Length); split = NextInt(srng, SA.Length + 1); cipher.ProcessAadBytes(SA, 0, split); len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); cipher.ProcessAadBytes(SA, split, SA.Length - split); if (predicted != len) { Fail("decryption reported incorrect update length in randomised test"); } len += cipher.DoFinal(decP, len); if (!AreEqual(P, decP)) { Fail("incorrect decrypt in randomised test"); } byte[] decT = cipher.GetMac(); if (!AreEqual(encT, decT)) { Fail("decryption produced different mac from encryption"); } // // key reuse test // cipher.Init(false, AeadTestUtilities.ReuseKey(parameters)); decP = new byte[cipher.GetOutputSize(C.Length)]; split = NextInt(srng, SA.Length + 1); cipher.ProcessAadBytes(SA, 0, split); len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); cipher.ProcessAadBytes(SA, split, SA.Length - split); len += cipher.DoFinal(decP, len); if (!AreEqual(P, decP)) { Fail("incorrect decrypt in randomised test"); } decT = cipher.GetMac(); if (!AreEqual(encT, decT)) { Fail("decryption produced different mac from encryption"); } }
private int UpdateCiphers(IAeadBlockCipher c1, IAeadBlockCipher c2, byte[] S, int i, bool includeAAD, bool includePlaintext) { int inputLen = includePlaintext ? i : 0; int outputLen = c2.GetOutputSize(inputLen); byte[] output = new byte[outputLen]; int len = 0; if (includeAAD) { c2.ProcessAadBytes(S, 0, i); } if (includePlaintext) { len += c2.ProcessBytes(S, 0, i, output, len); } len += c2.DoFinal(output, len); c1.ProcessAadBytes(output, 0, len); return len; }
public void BlockUpdate(byte[] input, int inOff, int len) { aeadCipher.ProcessAadBytes(input, inOff, len); }