// Token: 0x060001CD RID: 461 RVA: 0x0000C2BC File Offset: 0x0000A4BC public void Init(byte[] H) { this.M[0] = new uint[16][]; this.M[1] = new uint[16][]; this.M[0][0] = new uint[4]; this.M[1][0] = new uint[4]; this.M[1][8] = GcmUtilities.AsUints(H); for (int i = 4; i >= 1; i >>= 1) { uint[] array = (uint[])this.M[1][i + i].Clone(); GcmUtilities.MultiplyP(array); this.M[1][i] = array; } uint[] array2 = (uint[])this.M[1][1].Clone(); GcmUtilities.MultiplyP(array2); this.M[0][8] = array2; for (int j = 4; j >= 1; j >>= 1) { uint[] array3 = (uint[])this.M[0][j + j].Clone(); GcmUtilities.MultiplyP(array3); this.M[0][j] = array3; } int num = 0; for (;;) { for (int k = 2; k < 16; k += k) { for (int l = 1; l < k; l++) { uint[] array4 = (uint[])this.M[num][k].Clone(); GcmUtilities.Xor(array4, this.M[num][l]); this.M[num][k + l] = array4; } } if (++num == 32) { break; } if (num > 1) { this.M[num] = new uint[16][]; this.M[num][0] = new uint[4]; for (int m = 8; m > 0; m >>= 1) { uint[] array5 = (uint[])this.M[num - 2][m].Clone(); GcmUtilities.MultiplyP8(array5); this.M[num][m] = array5; } } } }
// Token: 0x060001DF RID: 479 RVA: 0x0000CC48 File Offset: 0x0000AE48 private byte[] gHASH(byte[] b) { byte[] array = new byte[16]; for (int i = 0; i < b.Length; i += 16) { byte[] array2 = new byte[16]; int length = Math.Min(b.Length - i, 16); Array.Copy(b, i, array2, 0, length); GcmUtilities.Xor(array, array2); this.multiplier.MultiplyH(array); } return(array); }
// Token: 0x060001DB RID: 475 RVA: 0x0000C99C File Offset: 0x0000AB9C public int DoFinal(byte[] output, int outOff) { int num = this.bufOff; if (!this.forEncryption) { if (num < this.macSize) { throw new InvalidCipherTextException("data too short"); } num -= this.macSize; } if (num > 0) { byte[] array = new byte[16]; Array.Copy(this.bufBlock, 0, array, 0, num); this.gCTRBlock(array, num, output, outOff); } byte[] array2 = new byte[16]; GcmBlockCipher.packLength((ulong)((long)this.A.Length * 8L), array2, 0); GcmBlockCipher.packLength(this.totalLength * 8UL, array2, 8); GcmUtilities.Xor(this.S, array2); this.multiplier.MultiplyH(this.S); byte[] array3 = new byte[16]; this.cipher.ProcessBlock(this.J0, 0, array3, 0); GcmUtilities.Xor(array3, this.S); int num2 = num; this.macBlock = new byte[this.macSize]; Array.Copy(array3, 0, this.macBlock, 0, this.macSize); if (this.forEncryption) { Array.Copy(this.macBlock, 0, output, outOff + this.bufOff, this.macSize); num2 += this.macSize; } else { byte[] array4 = new byte[this.macSize]; Array.Copy(this.bufBlock, num, array4, 0, this.macSize); if (!Arrays.ConstantTimeAreEqual(this.macBlock, array4)) { throw new InvalidCipherTextException("mac check in GCM failed"); } } this.Reset(false); return(num2); }
// Token: 0x060001DE RID: 478 RVA: 0x0000CB80 File Offset: 0x0000AD80 private void gCTRBlock(byte[] buf, int bufCount, byte[] output, int outOff) { for (int i = 15; i >= 12; i--) { byte[] array = this.counter; int num = i; byte b = array[num] + 1; array[num] = b; if (b != 0) { break; } } byte[] array2 = new byte[16]; this.cipher.ProcessBlock(this.counter, 0, array2, 0); byte[] val; if (this.forEncryption) { Array.Copy(GcmBlockCipher.Zeroes, bufCount, array2, bufCount, 16 - bufCount); val = array2; } else { val = buf; } for (int j = bufCount - 1; j >= 0; j--) { byte[] array3 = array2; int num2 = j; array3[num2] ^= buf[j]; output[outOff + j] = array2[j]; } GcmUtilities.Xor(this.S, val); this.multiplier.MultiplyH(this.S); this.totalLength += (ulong)((long)bufCount); }
// Token: 0x060001D4 RID: 468 RVA: 0x0000C5F8 File Offset: 0x0000A7F8 public virtual void Init(bool forEncryption, ICipherParameters parameters) { this.forEncryption = forEncryption; this.macBlock = null; if (parameters is AeadParameters) { AeadParameters aeadParameters = (AeadParameters)parameters; this.nonce = aeadParameters.GetNonce(); this.A = aeadParameters.GetAssociatedText(); int num = aeadParameters.MacSize; if (num < 96 || num > 128 || num % 8 != 0) { throw new ArgumentException("Invalid value for MAC size: " + num.ToString()); } this.macSize = num / 8; this.keyParam = aeadParameters.Key; } else { if (!(parameters is ParametersWithIV)) { throw new ArgumentException("invalid parameters passed to GCM"); } ParametersWithIV parametersWithIV = (ParametersWithIV)parameters; this.nonce = parametersWithIV.GetIV(); this.A = null; this.macSize = 16; this.keyParam = (KeyParameter)parametersWithIV.Parameters; } int num2 = forEncryption ? 16 : (16 + this.macSize); this.bufBlock = new byte[num2]; if (this.nonce == null || this.nonce.Length < 1) { throw new ArgumentException("IV must be at least 1 byte"); } if (this.A == null) { this.A = new byte[0]; } this.cipher.Init(true, this.keyParam); this.H = new byte[16]; this.cipher.ProcessBlock(this.H, 0, this.H, 0); this.multiplier.Init(this.H); this.initS = this.gHASH(this.A); if (this.nonce.Length == 12) { this.J0 = new byte[16]; Array.Copy(this.nonce, 0, this.J0, 0, this.nonce.Length); this.J0[15] = 1; } else { this.J0 = this.gHASH(this.nonce); byte[] array = new byte[16]; GcmBlockCipher.packLength((ulong)((long)this.nonce.Length * 8L), array, 8); GcmUtilities.Xor(this.J0, array); this.multiplier.MultiplyH(this.J0); } this.S = Arrays.Clone(this.initS); this.counter = Arrays.Clone(this.J0); this.bufOff = 0; this.totalLength = 0UL; }