Add tests to CipherTest, fix the bug in AEADBufferBaseEngine.processBytes when MAC_SIZE>BlockSize

Author: gefeili

core/src/main/java/org/bouncycastle/crypto/engines/AEADBufferBaseEngine.java

@@ -135,31 +135,62 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
                 m_bufPos += len;
                 return 0;
             }
-
-            if (m_bufPos > BlockSize)
+            if (BlockSize >= MAC_SIZE)
             {
-                validateAndProcessBuffer(m_buf, 0, output, outOff);
-                m_bufPos -= BlockSize;
-                System.arraycopy(m_buf, BlockSize, m_buf, 0, m_bufPos);
-                resultLength = BlockSize;
+                if (m_bufPos > BlockSize)
+                {
+                    validateAndProcessBuffer(m_buf, 0, output, outOff);
+                    m_bufPos -= BlockSize;
+                    System.arraycopy(m_buf, BlockSize, m_buf, 0, m_bufPos);
+                    resultLength = BlockSize;
+
+                    available += BlockSize;
+                    if (len <= available)
+                    {
+                        System.arraycopy(input, inOff, m_buf, m_bufPos, len);
+                        m_bufPos += len;
+                        return resultLength;
+                    }
+                }
 
-                available += BlockSize;
-                if (len <= available)
+                available = BlockSize - m_bufPos;
+                System.arraycopy(input, inOff, m_buf, m_bufPos, available);
+                inOff += available;
+                len -= available;
+                validateAndProcessBuffer(m_buf, 0, output, outOff + resultLength);
+                resultLength += BlockSize;
+                //m_bufPos = 0;
+            }
+            else
+            {
+                while (m_bufPos > BlockSize && len + m_bufPos > BlockSize + MAC_SIZE)
                 {
-                    System.arraycopy(input, inOff, m_buf, m_bufPos, len);
-                    m_bufPos += len;
-                    return resultLength;
+                    validateAndProcessBuffer(m_buf, resultLength, output, outOff);
+                    m_bufPos -= BlockSize;
+                    resultLength += BlockSize;
+                    outOff += BlockSize;
+                }
+                if (m_bufPos != 0)
+                {
+                    System.arraycopy(m_buf, resultLength, m_buf, 0, m_bufPos);
+                    if (m_bufPos + len > BlockSize + MAC_SIZE)
+                    {
+                        available = Math.max(BlockSize - m_bufPos, 0);
+                        System.arraycopy(input, inOff, m_buf, m_bufPos, available);
+                        inOff += available;
+                        validateAndProcessBuffer(m_buf, 0, output, outOff);
+                        resultLength += BlockSize;
+                        len -= available;
+                        outOff += BlockSize;
+                    }
+                    else
+                    {
+                        System.arraycopy(input, inOff, m_buf, m_bufPos, len);
+                        m_bufPos += len;
+                        return resultLength;
+                    }
                 }
             }
-
-            available = BlockSize - m_bufPos;
-            System.arraycopy(input, inOff, m_buf, m_bufPos, available);
-            inOff += available;
-            len -= available;
-            validateAndProcessBuffer(m_buf, 0, output, outOff + resultLength);
-            resultLength += BlockSize;
-            //m_bufPos = 0;
-
             while (len > BlockSize + MAC_SIZE)
             {
                 validateAndProcessBuffer(input, inOff, output, outOff + resultLength);

core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java

@@ -185,19 +185,12 @@ protected void processFinalAAD()
         }
     }
 
-    @Override
-    public void reset()
+    protected void reset(boolean clearMac)
     {
         if (!initialised)
         {
             throw new IllegalArgumentException("Need call init function before encryption/decryption");
         }
-
-        reset(true);
-    }
-
-    protected void reset(boolean clearMac)
-    {
         bufferReset();
         input_empty = true;
         aadLen = 0;

core/src/main/java/org/bouncycastle/crypto/engines/XoodyakEngine.java

@@ -130,18 +130,12 @@ protected void processFinalBlock(byte[] output, int outOff)
         Up(mac, MAC_SIZE, 0x40);
     }
 
-    @Override
-    public void reset()
+    protected void reset(boolean clearMac)
     {
         if (!initialised)
         {
             throw new IllegalArgumentException("Need call init function before encryption/decryption");
         }
-        reset(true);
-    }
-
-    protected void reset(boolean clearMac)
-    {
         Arrays.fill(state, (byte)0);
         aadFinished = false;
         encrypted = false;

core/src/test/java/org/bouncycastle/crypto/test/CipherTest.java

@@ -255,7 +255,7 @@ static void isEqualTo(
         }
     }
 
-   void checkCipher(final BlockCipher pCipher, final int datalen)
+    void checkCipher(final BlockCipher pCipher, final int datalen)
         throws Exception
     {
         final SecureRandom random = new SecureRandom();
@@ -346,6 +346,71 @@ public void operation()
                 cipher.init(true, new AEADParameters(new KeyParameter(key), macSize2, iv, null));
             }
         });
+    }
+
+
+    /**
+     * @param DATALEN  Data length
+     * @param PARTLEN  Partial Data length. Must be greater than or equal to internal buffer length to exhibit problem.
+     * @param AEADLEN  AEAD length.
+     * @param NONCELEN Nonce length.
+     * */
+    static void checkAEADCipherMultipleBlocks(SimpleTest test, int DATALEN, int PARTLEN, int AEADLEN, int NONCELEN, final AEADCipher pCipher)
+        throws InvalidCipherTextException
+    {
+        /* Obtain some random data */
+        final byte[] myData = new byte[DATALEN];
+        final SecureRandom myRandom = new SecureRandom();
+        myRandom.nextBytes(myData);
+
+        /* Obtain some random AEAD */
+        final byte[] myAEAD = new byte[AEADLEN];
+        myRandom.nextBytes(myAEAD);
+
+        /* Create the Key parameters */
+        final CipherKeyGenerator myGenerator = new CipherKeyGenerator();
+        final KeyGenerationParameters myGenParams = new KeyGenerationParameters(myRandom, 128);
+        myGenerator.init(myGenParams);
+        final byte[] myKey = myGenerator.generateKey();
+        final KeyParameter myKeyParams = new KeyParameter(myKey);
+
+        /* Create the nonce */
+        final byte[] myNonce = new byte[NONCELEN];
+        myRandom.nextBytes(myNonce);
+        final ParametersWithIV myParams = new ParametersWithIV(myKeyParams, myNonce);
+
+        /* Initialise the cipher for encryption */
+        pCipher.init(true, myParams);
+        final int myExpectedOutLen = pCipher.getOutputSize(DATALEN);
+        final byte[] myEncrypted = new byte[myExpectedOutLen];
+        pCipher.processAADBytes(myAEAD, 0, AEADLEN);
+
+        /* Loop processing partial data */
+        int myOutLen = 0;
+        for (int myPos = 0; myPos < DATALEN; myPos += PARTLEN)
+        {
+            final int myLen = Math.min(PARTLEN, DATALEN - myPos);
+            myOutLen += pCipher.processBytes(myData, myPos, myLen, myEncrypted, myOutLen);
+        }
+
+        /* Finish the encryption */
+        myOutLen += pCipher.doFinal(myEncrypted, myOutLen);
+
+        /* Initialise the cipher for decryption */
+        pCipher.init(false, myParams);
+        final int myExpectedClearLen = pCipher.getOutputSize(myOutLen);
+        final byte[] myDecrypted = new byte[myExpectedClearLen];
+        pCipher.processAADBytes(myAEAD, 0, AEADLEN);
+        int myClearLen = 0;
+        for (int myPos = 0; myPos < myOutLen; myPos += PARTLEN)
+        {
+            final int myLen = Math.min(PARTLEN, myOutLen - myPos);
+            myClearLen += pCipher.processBytes(myEncrypted, myPos, myLen, myDecrypted, myClearLen);
+        }
+        myClearLen += pCipher.doFinal(myDecrypted, myClearLen);
+        final byte[] myResult = Arrays.copyOf(myDecrypted, myClearLen);
 
+        /* Check that we have the same result */
+        test.isTrue("cipher text check", Arrays.areEqual(myData, myResult));
     }
 }

core/src/test/java/org/bouncycastle/crypto/test/ElephantTest.java

@@ -27,6 +27,9 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));
         CipherTest.checkAEADParemeter(this, 16, 12, 8, 20, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
         CipherTest.checkAEADParemeter(this, 16, 12, 8, 22, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
         CipherTest.checkAEADParemeter(this, 16, 12, 16, 25, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));

core/src/test/java/org/bouncycastle/crypto/test/PhotonBeetleTest.java

@@ -31,6 +31,8 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 16 , new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 16 , new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb32));
         testVectors(PhotonBeetleEngine.PhotonBeetleParameters.pb32, "v32");
         testVectors(PhotonBeetleEngine.PhotonBeetleParameters.pb128, "v128");
         DigestTest.checkDigestReset(this, new PhotonBeetleDigest());
@@ -97,7 +99,7 @@ private void testVectors(PhotonBeetleEngine.PhotonBeetleParameters pbp, String f
             int a = line.indexOf('=');
             if (a < 0)
             {
-//                if (map.get("Count").equals("133"))
+//                if (map.get("Count").equals("298"))
 //                {
 //                    System.out.println("test");
 //                }

core/src/test/java/org/bouncycastle/crypto/test/XoodyakTest.java

@@ -33,6 +33,7 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 18, 100, 16 , new XoodyakEngine());
         testVectors();
         CipherTest.checkCipher(32, 16, 100, 128, new CipherTest.Instance()
         {