Skip to content

Commit

Permalink
Refactor on AEADBufferBaseEngine, and prepare to make SparkleEngine i…
Browse files Browse the repository at this point in the history 
…nherit from AEADBufferBaseEngine.
  • Loading branch information
gefeili committed Jan 11, 2025
1 parent bce43d1 commit d2f95c9
Show file tree
Hide file tree
Showing 8 changed files with 156 additions and 424 deletions.
46 changes: 24 additions & 22 deletions core/src/main/java/org/bouncycastle/crypto/engines/AEADBufferBaseEngine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,12 +35,12 @@ protected enum State
public void processAADByte(byte input)
{
checkAAD();
m_aad[m_aadPos++] = input;
if (m_aadPos >= AADBufferSize)
if (m_aadPos == AADBufferSize)
{
processBufferAAD(m_aad, 0);
m_aadPos = 0;
}
m_aad[m_aadPos++] = input;
}

@Override
Expand Down Expand Up @@ -74,7 +74,7 @@ public void processAADBytes(byte[] input, int inOff, int len)
processBufferAAD(m_aad, 0);
m_aadPos = 0;
}
while (len >= AADBufferSize)
while (len > AADBufferSize)
{
processBufferAAD(input, inOff);
inOff += AADBufferSize;
Expand All @@ -92,20 +92,17 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
{
throw new DataLengthException("input buffer too short");
}
int blockLen = len + m_bufPos - (forEncryption ? 0 : MAC_SIZE);
if (blockLen / BlockSize * BlockSize + outOff > output.length)
{
throw new OutputLengthException("output buffer is too short");
}

boolean forEncryption = checkData();

int resultLength = 0;

if (forEncryption)
{
if (m_bufPos > 0)
{
int available = BlockSize - m_bufPos;
if (len < available)
if (len <= available)
{
System.arraycopy(input, inOff, m_buf, m_bufPos, len);
m_bufPos += len;
Expand All @@ -116,14 +113,14 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
inOff += available;
len -= available;

processBuffer(m_buf, 0, output, outOff);
validateAndProcessBuffer(m_buf, 0, output, outOff);
resultLength = BlockSize;
//m_bufPos = 0;
}

while (len >= BlockSize)
while (len > BlockSize)
{
processBuffer(input, inOff, output, outOff + resultLength);
validateAndProcessBuffer(input, inOff, output, outOff + resultLength);
inOff += BlockSize;
len -= BlockSize;
resultLength += BlockSize;
Expand All @@ -132,16 +129,16 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
else
{
int available = BlockSize + MAC_SIZE - m_bufPos;
if (len < available)
if (len <= available)
{
System.arraycopy(input, inOff, m_buf, m_bufPos, len);
m_bufPos += len;
return 0;
}

if (m_bufPos >= BlockSize)
if (m_bufPos > BlockSize)
{
processBuffer(m_buf, 0, output, outOff);
validateAndProcessBuffer(m_buf, 0, output, outOff);
m_bufPos -= BlockSize;
System.arraycopy(m_buf, BlockSize, m_buf, 0, m_bufPos);
resultLength = BlockSize;
Expand All @@ -159,13 +156,13 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
System.arraycopy(input, inOff, m_buf, m_bufPos, available);
inOff += available;
len -= available;
processBuffer(m_buf, 0, output, outOff + resultLength);
validateAndProcessBuffer(m_buf, 0, output, outOff + resultLength);
resultLength += BlockSize;
//m_bufPos = 0;

while (len >= BlockSize + MAC_SIZE)
while (len > BlockSize + MAC_SIZE)
{
processBuffer(input, inOff, output, outOff + resultLength);
validateAndProcessBuffer(input, inOff, output, outOff + resultLength);
inOff += BlockSize;
len -= BlockSize;
resultLength += BlockSize;
Expand All @@ -182,10 +179,6 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
public int doFinal(byte[] output, int outOff)
throws IllegalStateException, InvalidCipherTextException
{
if (!initialised)
{
throw new IllegalStateException("Need call init function before encryption/decryption");
}
boolean forEncryption = checkData();
int resultLength;
if (forEncryption)
Expand Down Expand Up @@ -362,6 +355,15 @@ protected void bufferReset()
}
}

protected void validateAndProcessBuffer(byte[] input, int inOff, byte[] output, int outOff)
{
if (outOff > output.length - BlockSize)
{
throw new OutputLengthException("output buffer too short");
}
processBuffer(input, inOff, output, outOff);
}

protected abstract void processFinalBlock(byte[] output, int outOff);

protected abstract void processBufferAAD(byte[] input, int inOff);
Expand Down
67 changes: 53 additions & 14 deletions core/src/main/java/org/bouncycastle/crypto/engines/ISAPEngine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,9 +131,17 @@ public void absorbMacBlock(byte[] input, int inOff)

public void absorbFinalAADBlock()
{
for (int i = 0; i < m_aadPos; ++i)
if (m_aadPos == AADBufferSize)
{
x0 ^= (m_aad[i] & 0xFFL) << ((7 - i) << 3);
absorbMacBlock(m_aad, 0);
m_aadPos = 0;
}
else
{
for (int i = 0; i < m_aadPos; ++i)
{
x0 ^= (m_aad[i] & 0xFFL) << ((7 - i) << 3);
}
}
x0 ^= 0x80L << ((7 - m_aadPos) << 3);
P12();
Expand All @@ -142,9 +150,17 @@ public void absorbFinalAADBlock()

public void processMACFinal(byte[] input, int inOff, int len, byte[] tag)
{
for (int i = 0; i < len; ++i)
if (len == BlockSize)
{
x0 ^= (input[inOff++] & 0xFFL) << ((7 - i) << 3);
absorbMacBlock(input, inOff);
len = 0;
}
else
{
for (int i = 0; i < len; ++i)
{
x0 ^= (input[inOff++] & 0xFFL) << ((7 - i) << 3);
}
}
x0 ^= 0x80L << ((7 - len) << 3);
P12();
Expand Down Expand Up @@ -190,12 +206,19 @@ public void processEncBlock(byte[] input, int inOff, byte[] output, int outOff)

public void processEncFinalBlock(byte[] output, int outOff)
{
/* Encrypt final m block */
byte[] xo = Pack.longToLittleEndian(x0);
int mlen = m_bufPos;
while (mlen > 0)
if (m_bufPos == BlockSize)
{
output[outOff + mlen - 1] = (byte)(xo[BlockSize - mlen] ^ m_buf[--mlen]);
processEncBlock(m_buf, 0, output, outOff);
}
else
{
/* Encrypt final m block */
byte[] xo = Pack.longToLittleEndian(x0);
int mlen = m_bufPos;
while (mlen > 0)
{
output[outOff + mlen - 1] = (byte)(xo[BlockSize - mlen] ^ m_buf[--mlen]);
}
}
}

Expand Down Expand Up @@ -384,9 +407,17 @@ public void absorbMacBlock(byte[] input, int inOff)

public void absorbFinalAADBlock()
{
for (int i = 0; i < m_aadPos; i++)
if (m_aadPos == AADBufferSize)
{
absorbMacBlock(m_aad, 0);
m_aadPos = 0;
}
else
{
SX[i >> 1] ^= (m_aad[i] & 0xFF) << ((i & 1) << 3);
for (int i = 0; i < m_aadPos; i++)
{
SX[i >> 1] ^= (m_aad[i] & 0xFF) << ((i & 1) << 3);
}
}
SX[m_aadPos >> 1] ^= 0x80 << ((m_aadPos & 1) << 3);
PermuteRoundsHX(SX, E, C);
Expand Down Expand Up @@ -417,10 +448,18 @@ public void isap_rk(short[] iv16, byte[] y, int ylen, short[] out16, int outlen,

public void processMACFinal(byte[] input, int inOff, int len, byte[] tag)
{
// Absorb C final block
for (int i = 0; i < len; i++)
if (len == BlockSize)
{
absorbMacBlock(input, inOff);
len = 0;
}
else
{
SX[i >> 1] ^= (input[inOff++] & 0xFF) << ((i & 1) << 3);
// Absorb C final block
for (int i = 0; i < len; i++)
{
SX[i >> 1] ^= (input[inOff++] & 0xFF) << ((i & 1) << 3);
}
}
SX[len >> 1] ^= 0x80 << ((len & 1) << 3);
PermuteRoundsHX(SX, E, C);
Expand Down
5 changes: 4 additions & 1 deletion core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,10 @@ protected void processFinalBlock(byte[] output, int outOff)
{
PHOTON_Permutation();
rhoohr(output, outOff, m_buf, 0, bufferLen);
state[bufferLen] ^= 0x01; // ozs
if(bufferLen < BlockSize)
{
state[bufferLen] ^= 0x01; // ozs
}
}
state[STATE_INBYTES - 1] ^= c1 << LAST_THREE_BITS_OFFSET;
}
Expand Down
Loading

0 comments on commit d2f95c9

Please sign in to comment.