Fix the bug in AEADBufferBaseEngine.processBytes when MAC_SIZE>BlockSize

Author: gefeili

core/src/main/java/org/bouncycastle/crypto/engines/AEADBufferBaseEngine.java

@@ -165,10 +165,9 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
             {
                 while (m_bufPos > BlockSize && len + m_bufPos > BlockSize + MAC_SIZE)
                 {
-                    validateAndProcessBuffer(m_buf, resultLength, output, outOff);
+                    validateAndProcessBuffer(m_buf, resultLength, output, outOff + resultLength);
                     m_bufPos -= BlockSize;
                     resultLength += BlockSize;
-                    outOff += BlockSize;
                 }
                 if (m_bufPos != 0)
                 {
@@ -178,10 +177,9 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
                         available = Math.max(BlockSize - m_bufPos, 0);
                         System.arraycopy(input, inOff, m_buf, m_bufPos, available);
                         inOff += available;
-                        validateAndProcessBuffer(m_buf, 0, output, outOff);
+                        validateAndProcessBuffer(m_buf, 0, output, outOff + resultLength);
                         resultLength += BlockSize;
                         len -= available;
-                        outOff += BlockSize;
                     }
                     else
                     {

core/src/test/java/org/bouncycastle/crypto/test/AsconTest.java

@@ -19,6 +19,7 @@
 import org.bouncycastle.crypto.digests.AsconXof128;
 import org.bouncycastle.crypto.engines.AsconAEAD128;
 import org.bouncycastle.crypto.engines.AsconEngine;
+import org.bouncycastle.crypto.engines.ElephantEngine;
 import org.bouncycastle.crypto.modes.AEADCipher;
 import org.bouncycastle.crypto.params.AEADParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
@@ -140,6 +141,10 @@ public AEADCipher createInstance()
         DigestTest.checkDigestReset(this, new AsconXof(AsconXof.AsconParameters.AsconXofA));
         DigestTest.checkDigestReset(this, new AsconDigest(AsconDigest.AsconParameters.AsconHash));
         DigestTest.checkDigestReset(this, new AsconDigest(AsconDigest.AsconParameters.AsconHashA));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 16, new AsconAEAD128());
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 16, new  AsconEngine(AsconEngine.AsconParameters.ascon128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 16, new AsconEngine(AsconEngine.AsconParameters.ascon128a));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 160, 16, new AsconEngine(AsconEngine.AsconParameters.ascon80pq));
     }
 
     public void testBufferingEngine_ascon128()

core/src/test/java/org/bouncycastle/crypto/test/CipherTest.java

@@ -355,7 +355,7 @@ public void operation()
      * @param AEADLEN  AEAD length.
      * @param NONCELEN Nonce length.
      * */
-    static void checkAEADCipherMultipleBlocks(SimpleTest test, int DATALEN, int PARTLEN, int AEADLEN, int NONCELEN, final AEADCipher pCipher)
+    static void checkAEADCipherMultipleBlocks(SimpleTest test, int DATALEN, int PARTLEN, int AEADLEN, int strength, int NONCELEN, final AEADCipher pCipher)
         throws InvalidCipherTextException
     {
         /* Obtain some random data */
@@ -369,7 +369,7 @@ static void checkAEADCipherMultipleBlocks(SimpleTest test, int DATALEN, int PART
 
         /* Create the Key parameters */
         final CipherKeyGenerator myGenerator = new CipherKeyGenerator();
-        final KeyGenerationParameters myGenParams = new KeyGenerationParameters(myRandom, 128);
+        final KeyGenerationParameters myGenParams = new KeyGenerationParameters(myRandom, strength);
         myGenerator.init(myGenParams);
         final byte[] myKey = myGenerator.generateKey();
         final KeyParameter myKeyParams = new KeyParameter(myKey);

core/src/test/java/org/bouncycastle/crypto/test/ElephantTest.java

@@ -27,9 +27,9 @@ public String getName()
     public void performTest()
         throws Exception
     {
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 41, 10, 128, 12, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));
         CipherTest.checkAEADParemeter(this, 16, 12, 8, 20, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
         CipherTest.checkAEADParemeter(this, 16, 12, 8, 22, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
         CipherTest.checkAEADParemeter(this, 16, 12, 16, 25, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));

core/src/test/java/org/bouncycastle/crypto/test/ISAPTest.java

@@ -33,6 +33,7 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 16, new ISAPEngine(IsapType.ISAP_A_128A));
         testVectors("isapa128av20", IsapType.ISAP_A_128A);
         testVectors("isapa128v20", IsapType.ISAP_A_128);
         testVectors("isapk128av20", IsapType.ISAP_K_128A);
@@ -92,6 +93,10 @@ public AEADCipher createInstance()
         CipherTest.checkAEADCipherOutputSize(this, 16, 16, 18, 16, new ISAPEngine(IsapType.ISAP_K_128));
         CipherTest.checkAEADCipherOutputSize(this, 16, 16, 8, 16, new ISAPEngine(IsapType.ISAP_A_128A));
         CipherTest.checkAEADCipherOutputSize(this, 16, 16, 8, 16, new ISAPEngine(IsapType.ISAP_A_128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 16, new ISAPEngine(IsapType.ISAP_K_128A));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 16, new ISAPEngine(IsapType.ISAP_K_128));
+
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 16, new ISAPEngine(IsapType.ISAP_A_128));
     }
 
     private void testVectors(String filename, IsapType isapType)

core/src/test/java/org/bouncycastle/crypto/test/PhotonBeetleTest.java

@@ -31,8 +31,8 @@ public String getName()
     public void performTest()
         throws Exception
     {
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 16 , new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb128));
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 16 , new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb32));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 128, 16, new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 19, 100, 128, 16, new PhotonBeetleEngine(PhotonBeetleEngine.PhotonBeetleParameters.pb32));
         testVectors(PhotonBeetleEngine.PhotonBeetleParameters.pb32, "v32");
         testVectors(PhotonBeetleEngine.PhotonBeetleParameters.pb128, "v128");
         DigestTest.checkDigestReset(this, new PhotonBeetleDigest());

core/src/test/java/org/bouncycastle/crypto/test/SparkleTest.java

@@ -70,6 +70,11 @@ public void performTest()
         CipherTest.checkAEADParemeter(this, 24, 24, 24, 24, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM192_192));
         CipherTest.checkAEADParemeter(this, 16, 32, 16, 16, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM256_128));
         CipherTest.checkAEADParemeter(this, 32, 32, 32, 32, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM256_256));
+
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 16, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM128_128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 24, 192, 24, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM192_192));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 16, 128, 32, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM256_128));
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1025, 33, 32, 256, 32, new SparkleEngine(SparkleEngine.SparkleParameters.SCHWAEMM256_256));
     }
 
     public void testBufferingEngine_SCHWAEMM128_128()
@@ -414,7 +419,7 @@ private void implTestVectorsEngine(SparkleEngine.SparkleParameters pbp, String f
                         mismatch("Reccover Keystream " + map.get("Count"), (String)map.get("PT"), rv);
                     }
                 }
-                System.out.println(map.get("Count") + " pass");
+                //System.out.println(map.get("Count") + " pass");
                 map.clear();
             }
             else

core/src/test/java/org/bouncycastle/crypto/test/XoodyakTest.java

@@ -33,7 +33,7 @@ public String getName()
     public void performTest()
         throws Exception
     {
-        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 18, 100, 16 , new XoodyakEngine());
+        CipherTest.checkAEADCipherMultipleBlocks(this, 1024, 18, 100, 128, 16, new XoodyakEngine());
         testVectors();
         CipherTest.checkCipher(32, 16, 100, 128, new CipherTest.Instance()
         {